Hello, Clément, still trying to practice http://lsc-project.org/wiki/documentation/tutorial/synchronizegroups
Now I have the next problem. Whenever I try to synchronize what happens is: - the member attribute in the destination is tried to be written (does not work, the group does not exist yet) - then the group is tried to be written (does not work, it needs a member, but that was refused before) so an error occurs, and nothing is written. The error messages: (xxx are valid dns) Nov 25 15:29:37 - DEBUG - In object "xxxx": Attribute "member" is in FORCE status Nov 25 15:29:37 - DEBUG - In object "xxxx": Attribute "member" will not be written to the destination Nov 25 15:29:37 - DEBUG - In object "xxxx": Attribute "cn" is in FORCE status Nov 25 15:29:37 - DEBUG - In object "xxxx": Adding attribute "cn" with values [SYNC-TEST] Nov 25 15:29:37 - DEBUG - In object "xxxx": Attribute "objectClass" is in KEEP status Nov 25 15:29:37 - DEBUG - In object "xxxx": Adding attribute "objectClass" with values [groupOfNames, top] Nov 25 15:29:37 - ERROR - Error while adding entry ... in directory :javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - object class 'groupOfNames' requires attribute 'member']; remaining name xxxxxxx Nov 25 15:29:37 - ERROR - Error while synchronizing ID ...: java.lang.Exception: Technical problem while applying modifications to the destination …….. In case the group exists already in the destination (with one member) there is first deleted the member attribute, which causes an error (because the group needs a member …) and the step where a new member could be added is never reached: Nov 25 15:47:11 - DEBUG - In object "xxxx": Attribute "member" is in FORCE status Nov 25 15:47:11 - DEBUG - In object "xxxx": Deleting attribute "member" Nov 25 15:47:11 - DEBUG - In object "xxxx": Attribute "cn" is in FORCE status Nov 25 15:47:11 - DEBUG - In object "xxxx": Attribute "cn" will not be written to the destination Nov 25 15:47:11 - DEBUG - In object "xxxx": Attribute "objectClass" is in KEEP status Nov 25 15:47:11 - ERROR - Error while modifying entry xxxx in directory :javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - object class 'groupOfNames' requires attribute 'member']; remaining name 'xxxxx' Nov 25 15:47:11 - ERROR - Error while synchronizing ID xxxx: java.lang.Exception: Technical problem while applying modifications to the destination Nov 25 15:47:11 - DEBUG - java.lang.Exception: Technical problem while applying modifications to the destination Where can I determine the sequence? I.e. can I determine that first there’s the group written, and then the membership? Whereever I could influence the sequence in lsc.xml I have already placed the member as last entry. And, very important for my later productive system: can I determine a default member? <defaultValue></defaultValue> within the member dataset did not work (caused an error). Thank you! Regards, Jutta -------------------- Jutta Biernath Freie Universität Berlin Zentraleinrichtung für Datenverarbeitung (ZEDAT) Identity & Customer Management, FUDIS Fabeckstr. 32 14195 Berlin Tel. +49 30 838-75090 Fax +49 30 838-475090
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
