Hi,
Le 03/06/2014 10:45, Prasad Bodapati a écrit :
Hi,
We are using lsc to sync users from ldap to solr. We have configured
lsc.xml and written a plugin implementation to store data in solr.
CURRENT APPROACH : We need a GUID for every record to store in solr
so we convert the DN to some sort of UUID and attach to the record and
store in solr.
PROBLEM : The GUID needs to be updated when DN changes, we can't do
that as there is chance that those GUIDs already stored in an external
system.
SOLUTION : ?
Why do you need to update the GUID? If needed you can store it in the
LDAP server, so changing a DN will have no impact.
CURRENT APPROACH : For AD when synchronize users, each user have DN,
memberOf with DN of the group so we simply hash the all the DNs to
GUIDs and store it. We do the same for groups.
So the solr have relationship of users and groups in terms of GUIDs
not the DNs. We also store DNs in order to refer back to original
record in source ldap at the time of update.
PROBLEM : It works fine if we just use AD. It becomes a problem when
we try to switch to openLDAP because it does not store DN in member
attribute, it stores UID.
SOLUTION: ?
If by LDAP you mean OpenLDAP (or any decent LDAP implementation), you
can store DN in member attribute. Anyway with a little Javascript you
can retrieve a DN from an UID.
I hope you understand the problem I am trying to solve.
Please help me to sort it out.
Hope it helps.
Regards,
Raphaël Ouazana.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
