Thanks Clément.
Based on your suggestion, I am trying to add the correct clean filter that I
need. My requirement is as follows
1) I have two sync tasks, "sync users" and "sync groups". First "sync users" is
kicked off and followed by "sync groups"
2) These sync tasks have the following sync filters
(a) sync users (objectCategory=Person)
(b) sync groups (objectCategory=Group)
3) Now I change the above filters as shown below and do the sync users and
groups again
(a) sync users (&(objectCategory=Person)(CN=LB*))
(b) sync groups (&(objectCategory=Group)(CN=LB*))
4) My requirement is that during clean phase I want all users and groups which
does not satisfy my new sync filter as shown in (3) ( CN starting with "LB") to
be removed from my destination. For that I need to use a clean filter which
should say "all users and groups whose CN does not start with "LB". I am
getting error when I use the following clean filter to achieve the same. Can
you email the correct filter please?
!(|(&(objectCategory=Person)(CN=LB*)) (&(objectCategory=Group)(CN=LB*)))
Also can you point to the LSC document section which gives more info filter
syntax
(http://lsc-project.org/wiki/documentation/howto/activedirectory#filter_to_find_user_objects
has very little info)
Regards,
Dinesh Babu.
Pitney Bowes Software
6 Hercules Way, Leavesden Park, Watford, Herts WD25 7GS
Ph: +441923 279123 www.pb.com/software<http://www.pb.com/software>
[email protected]
Every connection is a new opportunity™
[cid:[email protected]]
Please consider the environment before printing or forwarding this email. If
you do print this email, please recycle the paper.
This email message may contain confidential, proprietary and/or privileged
information. It is intended only for the use of the intended recipient(s). If
you have received it in error, please immediately advise the sender by reply
email and then delete this email message. Any disclosure, copying, distribution
or use of the information contained in this email message to or by anyone other
than the intended recipient is strictly prohibited.
From: Clément OUDOT [mailto:[email protected]]
Sent: 24 October 2014 23:33
To: Dinesh Babu
Cc: [email protected]; [email protected]; Steven
Runyeard
Subject: Re: [lsc-users] LSC doesn’t delete records, which does not match the
filter, from the destination repository when the filter is changed
2014-10-24 17:05 GMT+02:00 Dinesh Babu
<[email protected]<mailto:[email protected]>>:
I have more info on this now. Scenario is as follows
Initial state:
Source ldap has two users destination
has no users
user1
user2
I do a sync and the destination has two users( user1,user2 ).
Source ldap has two users destination
has two users
user1
user1
user2
user2
Now I add two new users ( newuser1, newuser2 ) to source ldap
Source ldap has two users destination
has two users
user1
user1
user2
user2
newuser1
newuser2
Now I change the filter so that only user names starting with new* is included
in the sync and run the sync.
Source ldap has two users destination
has two users
user1
user1
user2
user2
newuser1
newuser1
newuser2
newuser2
I was expecting user1 and user2 to get deleted based on my new filter ( and
this is my requirement ). I debugged LSC code and found that the only check
during clean up made is whether the entry exists in the source or not and there
is no check for filter.
Hi,
note that LSC separate the sync phase and the clean phase. You need to call the
clean method. This method use the destination getAllFilter to get desintation
entries with pivot, and use source cleanFilter to see if a corresponding entry
match. If not, the destination entry is deleted.
Clément.
________________________________
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
