Hi. I'm using LSC to sync data between 389DS (1.3.0.3 ubuntu 12.04) as source and OpenLDAP (2.4.28 ubuntu 12.04) as destination. For LSC I'm using openjdk-6-jre.
I have no problem synchronizing adds and updates with users and groups, but deletes are not working. So if I remove an usen in 389ds, it's not deleted in OpenLDAP. Attached is a simplfied copy of lsc.xml I'm using with the sync_users task only. I will appreciate very much if someone in the list would tell me where is the error o how can I debug the source of the problem. Many thanks in advance Norberto
<?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <connections> <ldapConnection> <name>tres89</name> <url>ldap://10.80.60.97:389/dc=example,dc=com</url> <username>uid=ldapread,ou=Special Users,dc=example,dc=com</username> <password>xxxx</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>ldaptesta</name> <url>ldap://10.80.20.96:389/dc=example,dc=com</url> <username>cn=admin,dc=example,dc=com</username> <password>xxxx</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> <audits> <csvAudit> <name>csv</name> <append>true</append> <operations>create, delete</operations> <file>/tmp/dump.csv</file> <datasets>cn, dn</datasets> <separator>,</separator> </csvAudit> </audits> <tasks> <task> <name>AA_sync_usuarios</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>ldapsource01</name> <connection reference="tres89" /> <baseDn>ou=people,dc=example,dc=com</baseDn> <pivotAttributes> <string>uid</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>uid</string> <string>userPassword</string> <string>mail</string> <string>passwordMustChange</string> <string>mobile</string> <string>telephoneNumber</string> <string>dni</string> <string>externo</string> <string>legajo</string> <string>sector</string> <string>ubicacion</string> <string>garbaResponseSetOptional</string> <string>garbaResponseSet</string> <string>emailNoRequerido</string> <string>passwordExpirationTime</string> </fetchedAttributes> <getAllFilter>(objectClass=inetorgperson)</getAllFilter> <getOneFilter>(&(objectClass=inetorgperson) (uid={uid}))</getOneFilter> <cleanFilter>(&(objectClass=inetorgperson) (uid={uid}))</cleanFilter> </ldapSourceService> <ldapDestinationService> <name>ldapdestination01</name> <connection reference="ldaptesta" /> <baseDn>ou=people,dc=example,dc=com</baseDn> <pivotAttributes> <string>uid</string> </pivotAttributes> <fetchedAttributes> <string>objectClass</string> <string>cn</string> <string>sn</string> <string>uid</string> <string>userPassword</string> <string>mail</string> <string>pwdReset</string> <string>mobile</string> <string>telephoneNumber</string> <string>dni</string> <string>externo</string> <string>legajo</string> <string>sector</string> <string>ubicacion</string> <string>ResponseSetOptional</string> <string>ResponseSet</string> <string>emailNoRequerido</string> <string>pwdPolicySubentry</string> </fetchedAttributes> <getAllFilter>(objectClass=inetOrgPerson)</getAllFilter> <getOneFilter>(&(objectClass=inetOrgPerson)(uid={uid}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"uid=" + srcBean.getDatasetFirstValueById("uid") + ",ou=people,dc=example,dc=com"</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>false</changeId> </conditions> <dataset> <name>objectclass</name> <policy>FORCE</policy> <createValues> <string>"garbaPerson"</string> <string>"inetOrgPerson"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"top"</string> </createValues> </dataset> <dataset> <name>userPassword</name> <policy>FORCE</policy> <createValues> <string>srcBean.getDatasetFirstValueById("userPassword")</string> </createValues> </dataset> <dataset> <name>responseSet</name> <policy>FORCE</policy> <createValues> <string>srcBean.getDatasetFirstValueById("garbaResponseSet")</string> </createValues> </dataset> <dataset> <name>responseSetOptional</name> <policy>FORCE</policy> <createValues> <string>srcBean.getDatasetFirstValueById("garbaResponseSetOptional")</string> </createValues> </dataset> <dataset> <name>emailNoRequerido</name> <policy>FORCE</policy> <createValues> <string>srcBean.getDatasetFirstValueById("garbaEmailNoRequerido")</string> </createValues> </dataset> <dataset> <name>pwdReset</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("passwordMustChange")</string> </forceValues> </dataset> <dataset> <name>pwdPolicySubentry</name> <policy>FORCE</policy> <forceValues> <string><![CDATA[js: var passwordExpirationTime = srcBean.getDatasetFirstValueById("passwordExpirationTime"); var pwd_policy = "cn=pwd_not_expire,ou=policies,dc=example,dc=com"; if (passwordExpirationTime == "21380119031407Z") { pwd_policy; } ]]> </string> </forceValues> </dataset> </propertiesBasedSyncOptions> </task> </tasks> <security> <encryption> <keyfile>etc/lsc.key</keyfile> <algorithm>AES</algorithm> <strength>128</strength> </encryption> </security> </lsc>
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
