Can I have multiple pivot attributes ? I was under the impression that the
fields listed here were the fields that LSC would “listen to”, like if they
change you get an update, etc. Is that right ?
If I have multiple pivot attributes, can I put several of them in the same
filter ? Like :
<getOneFilter>(&(objectClass=jPortalUser)(uid={uid})(jSprintEmail={jSprintEmail})(givenName={givenName}))</getOneFilter>
? Does that make any sense ?
I am sure my user defined in lsc.xml has read/write rights because new
community members are successfully added to dest LDAP (when not already
existing).
De : Clément OUDOT [mailto:[email protected]]
Envoyé : mercredi 26 novembre 2014 17:51
À : FOUCHET, Alexandre
Cc : lsc-userslsc-users
Objet : Re: [lsc-users] [LSC] Filtering and synchonization
2014-11-26 17:31 GMT+01:00 FOUCHET, Alexandre
<[email protected]<mailto:[email protected]>>:
Thanks for that link, it really helps understanding the different steps in each
phase.
Here’s what I have set in my cfg.
src
<getAllFilter>(&(objectClass=jPortalUser)(memberOf=cn=com2,dmdName=communities,dmdName=groups,dmdName=secureportal,dmdName=applications,dc=marine,dc=defense,dc=gouv,dc=fr))</getAllFilter>
<getOneFilter>(&(objectClass=jPortalUser)(uid={uid}))</getOneFilter>
<cleanFilter>(&(objectClass=jPortalUser)(memberOf=cn=com2,dmdName=communities,dmdName=groups,dmdName=secureportal,dmdName=applications,dc=marine,dc=defense,dc=gouv,dc=fr))</cleanFilter>
Dst
<getAllFilter>(objectClass=jPortalUser)</getAllFilter>
<getOneFilter>(&(objectClass=jPortalUser)(uid={uid}))</getOneFilter>
Seems ok if 'uid' is the pivot attribute in source and in destination.
With lsc –c I get :
nov. 26 16:04:31 - INFO - Connecting to LDAP server
ldap://10.67.111.232:389/dc=appli,dc=fr<http://10.67.111.232:389/dc=appli,dc=fr>
as cn=lfradmin,dc= appli,dc=fr
nov. 26 16:04:31 - INFO - Connecting to LDAP server ldap://localhost:389/dc=
appli,dc=fr as cn=lfradmin,dc= appli,dc=fr
nov. 26 16:04:31 - ERROR - Empty or non existant destination (no IDs found)
Does that mean that my uids for the same user are different on src and dst LDAP
? The dn’s are exactly the same. I don’t get what it doesn’t find.
It means that the search on destination returns no entry. Are you sure that the
user in lsc.xml has read/write access on destination LDAP?
with lsc –s after an update of the value of a pivot attribute on source :
nov. 26 16:04:33 - INFO - Connecting to LDAP server
ldap://10.67.111.232:389/dc=gouv,dc=fr<http://10.67.111.232:389/dc=gouv,dc=fr>
as cn=lfradmin,dc=gouv,dc=fr
nov. 26 16:04:33 - INFO - Connecting to LDAP server
ldap://localhost:389/dc=gouv,dc=fr as cn=lfradmin,dc=gouv,dc=fr
nov. 26 16:04:33 - INFO - All entries: 3, to modify entries: 0, successfully
modified entries: 0, errors: 0
2014/11/26 16:04:33 [lsc] LSC finished running
Even after I updated the field jSprintEmail for a user on SRC, I don’t get any
msg in debug logs saying that the SRC user has changed (that’s what I’d expect).
Here also, LSC finds no modifications to apply. You should maybe check the LDAP
logs in ordrer to see what data are sent to LSC.
Clément.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
