Hi, I managed to get those employeeNumber to employeeID and
departmentNumber to department, but when change both or one of them and
then try to sync - no changes. I also want to know is it possible to sync
from one to two. For example: I have all users in Users and I want to
filter them to 2 Group1 and Group2. The only difference is there
employeeNumber (in AD employeeID). In Group1 there should be all users who
has anything written in employeeNumber (in AD its employeeID) and in Group2
there should be all users who has nothing written in employeeNumber.
Also there should be this sync options:
LDAP ---> AD
cn cn
cn name
cn displayName
uid sAMAccountName
departmentNumber department
employeeNumber employeeID
givenName givenName
mail mail
objectClass objectClass
sn sn
title title
For now my code is this:
<tasks>
<task>
<name>openLdap2ad</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>openldap-source-service</name>
<connection reference="ldap-src-conn" />
<baseDn>ou=Users,dc=lsc-project,dc=src</baseDn>
<pivotAttributes>
<string>uid</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>uid</string>
<string>departmentNumber</string>
<string>givenName</string>
<string>mail</string>
<string>employeeNumber</string>
<string>objectClass</string>
<string>sn</string>
<string>title</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(objectClass=inetOrgPerson)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(uid={uid}))]]></getOneFilter>
<cleanFilter><![CDATA[(&(objectClass=inetOrgPerson)(uid={uid}))]]></cleanFilter>
</ldapSourceService>
<ldapDestinationService>
<name>ad-dst-service</name>
<connection reference="ldap-dst-conn" />
<baseDn>OU=Group,DC=lsc-project,DC=dst</baseDn>
<pivotAttributes>
<string>sAMAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>name</string>
<string>displayName</string>
<string>sAMAccountName</string>
<string>department</string>
<string>employeeID</string>
<string>givenName</string>
<string>mail</string>
<string>objectClass</string>
<string>sn</string>
<string>title</string>
<string>userAccountControl</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(objectClass=inetOrgPerson)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(sAMAccountName={uid}))]]></getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"CN=" +
srcBean.getDatasetFirstValueById("cn") +
",OU=Group,DC=lsc-project,DC=dst"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>true</delete>
<changeId>true</changeId>
</conditions>
<dataset>
<name>objectClass</name>
<policy>KEEP</policy>
<createValues>
<string>"person"</string>
<string>"inetOrgPerson"</string>
<string>"top"</string>
</createValues>
</dataset>
<dataset>
<name>name</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("cn")</string>
</createValues>
</dataset>
<dataset>
<name>displayName</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("cn")</string>
</createValues>
</dataset>
<dataset>
<name>userAccountControl</name>
<policy>KEEP</policy>
<createValues>
<string>AD.userAccountControlSet( "0", [
AD.UAC_SET_PASSWD_NOTREQD,
AD.UAC_SET_NORMAL_ACCOUNT ])</string>
</createValues>
</dataset>
<dataset>
<name>sAMAccountName</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("uid")</string>
</createValues>
</dataset>
<dataset>
<name>department</name>
<policy>FORCE</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("departmentNumber")</string>
</createValues>
</dataset>
<dataset>
<name>employeeID</name>
<policy>FORCE</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("employeeNumber")</string>
</createValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
</tasks>
Thanks for reading and for your help.
and sorry for asking to many questions :)
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
