Re: [lsc-users] OpenLDAP 2 LDAP synchronization

Mon, 24 Nov 2014 07:47:53 -0800 

 Clément OUDOT <[email protected]> a écrit :


2014-11-24 13:48 GMT+01:00 Marcin Baluta <[email protected]>:


Hello Clement,

        ___ ___

        ___I still cannot manage to synchronize group membership.
Actually – I’m not sure what script should I use to achieve this.___

        ____ ____

        ___Currently I have this taken from your LSC 1.1 tutorial


(http://lsc-project.org/wiki/documentation/1.1/tutorials/synchronizegroups):___


        ____ ____

        _____<dataset>_____

        ______         <name>member</name>______

        ______         <policy>FORCE</policy>______

        ______         <forceValues>______

        ______          <string><![CDATA[var umembers =
srcBean.getAttributeValuesById("uniqueMember").toArray() ;______

        ______    for (var i=0; i<umembers.length; i++ ) {______

        ______        try {______

        ______            umembers[i] =

ldap.attribute(ldap.list(



"OU=Users,OU=imported,OU=test,DC=xxx,DC=xxx","(sAMAccountName="+(srcLdap.attribute(umembers[i],

'uid').get(0)______

        ______                    + ")"______

        ______                )).get(0),
'distinguishedName').get(0)______

        ______        } catch (e) {______

        ______            umembers[i]=null______

        ______        }______

        ______    }______

        ______    var members = new Array();______

        ______    var j=0;______

        ______    for (var i=0; i<umembers.length; i++) {______

        ______        if (umembers[i]!=null)
members[j++]=umembers[i]______

        ______    }______

        ______    members;]]>______

        ______          </string>______

        ______         </forceValues>______

        ______       </dataset>______

        _______ _______

        ______Any help kindly appreciated ;)______

        ______.. and of course I remember about beer for you J______

        _______ _______




 
     ___Hi,___
 
     ___I just write a new tutorial that works with LSC 2:
http://lsc-project.org/wiki/documentation/tutorial/synchronizegroups___
 
     ___It should help you to achieve your task.

Clément.___


Hi Clément,

I thought that with AD, the liste of "member" in a group had to be kept in
sync with the "memberOf" attribute of the user entry.

When I tested it a while ago, I had an exception when I tried to add a
group to a user by adding it ot its "memberOf" attribute. Is it different
when you add a user the "member" attribute of a group instead? Does AD
update the "memberOf" attribute of the user automatically?

Thanks
Max

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to