Re: [lsc-users] Sync EDirectory to AD

Tue, 24 Jun 2014 03:27:13 -0700 

2014-06-24 12:06 GMT+02:00 Grandy Fu <[email protected]>:

>  I am new to LSC. I am trying to migrate from Novell eDirectory to AD with
> LSC.
>
> On my testing server, I am able to sync the user object  from eDir to AD,
> with  lsc -f myconf -s all.
> However, when i run lsc -f myconf -s all -c all, it will create users then
> delete them all.
> Moreover, I would like to know if LSC can sync user password from eDir to
> AD?
>
>

Hi Grandy,

in your lsc.xml, you made mistakes in pivot attributes. In your case, it
seems your should use uid in source and samaccountname in destination. So
the configuration should be :


                        <ldapSourceService>
                                <name>eDir-SC-source</name>
                                <connection reference="eDir-source" />
                                <baseDn>ou=in eDir</baseDn>
                                <pivotAttributes>
                                        <string>uid</string>
                                </pivotAttributes>
                                <fetchedAttributes>
                                        <string>description</string>
                                        <string>cn</string>
                                        <string>sn</string>
                                        <string>userPassword</string>
                                        <string>objectClass</string>
                                        <string>uid</string>
                                        <string>mail</string>
                                        <string>gidNumber</string>
                                        <string>homeDirectory</string>
                                        <string>uidNumber</string>
                                        <string>loginShell</string>
                                        <string>fullName</string>
                                </fetchedAttributes>
                                
<getAllFilter>(objectClass=organizationalPerson)</getAllFilter>
                                
<getOneFilter>(&amp;(objectClass=organizationalPerson)(uid={uid}))</getOneFilter>
                                
<cleanFilter>(&amp;(objectClass=organizationalPerson)(uid={sAMAccountName}))</cleanFilter>
                        </ldapSourceService>
                        <ldapDestinationService>
                                <name>ad-dst-service</name>
                                <connection reference="AD-dest" />
                                <baseDn>ou=in AD</baseDn>
                                <pivotAttributes>
                                        <string>sAMAccountName</string>
                                </pivotAttributes>
                                <fetchedAttributes>
                                        <string>description</string>
                                        <string>cn</string>
                                        <string>sn</string>
                                        <string>givenName</string>
                                        <string>objectClass</string>
                                        <string>samAccountName</string>
                                        <string>mail</string>
                                        <string>gidNumber</string>
                                        <string>homeDirectory</string>
                                        <string>uid</string>
                                        <string>uidNumber</string>
                                        <string>loginShell</string>
                                        <string>displayName</string>
                                        <string>msSFU30Name</string>
                                        <string>msSFU30NisDomain</string>
                                </fetchedAttributes>
                                <getAllFilter>(objectClass=user)</getAllFilter>
                                
<getOneFilter>(&amp;(objectClass=user)(samAccountName={uid}))</getOneFilter>
                        </ldapDestinationService>



For the password, I don't how to export it from Novell eDir. Did someone
already achieve this?


Clément.

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to