Hi Clement,
I guess that the error I’m receiving has nothing to do with group membership. It just cannot create the group and I have no idea why. So the log without members being picked: Nov 17 14:45:31 - ERROR - Error while adding entry CN=admins,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx in directory :javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - 0000207B: UpdErr: DSID-03051266, problem 6002 (OBJ_CLASS_VIOLATION), data 0 ]; remaining name 'CN=admins,OU=Groups,OU=imported,OU=test’ Nov 17 14:45:31 - ERROR - Error while synchronizing ID CN=admins,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx: java.lang.Exception: Technical problem while applying modifications to the destination # Mon Nov 17 14:45:31 CET 2014 dn: CN=admins,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx changetype: add cn: admins description: System-Administration objectCategory: CN=admins,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx Cheers, Marcin Baluta Systems Administrator tyntec GmbH Semerteichstr. 54 - 56 | 44141 Dortmund, Germany T +49 231 477 90 405 | F +49 231 108 799 2 <http://www.tyntec.com/> www.tyntec.com From: Clément OUDOT [mailto:[email protected]] Sent: Montag, 17. November 2014 14:39 To: Marcin Baluta; lsc-userslsc-users Subject: Re: OpenLDAP 2 LDAP synchronization 2014-11-17 13:39 GMT+01:00 Marcin Baluta <[email protected]>: Hi Clement, Hi Marcin, please answer to the list. Thanks for your reply. So, I commented out dataset with sAMAccountName and still have the same error. Basically it looks like this: Nov 17 13:33:19 - ERROR - Error while adding entry CN=stuff,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx in directory :javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - 0000207B: UpdErr: DSID-03051266, problem 6002 (OBJ_CLASS_VIOLATION), data 0 ]; remaining name 'CN=stuff,OU=Groups,OU=xxx,OU=xxx Nov 17 13:33:19 - ERROR - Error while synchronizing ID CN=stuff,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx: java.lang.Exception: Technical problem while applying modifications to the destination # Mon Nov 17 13:33:19 CET 2014 dn: CN=stuff,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx changetype: add memberUID: <lot of memberUids here> cn: stuff description: Stuff objectCategory: CN=stuff,OU=Groups,OU=imported,OU=test,DC=xxx,DC=xxx and of course this goes for all groups listed in OpenLDAP. I think AD groups work with 'member' attribute containing DN of users. Clément.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
