Team,
I have successfully sync'ed AD users to OpenLDAP. Now I am adding the group
sync and having some issues.
I created a task section for group sync based on the instruction from the
tutorial. When I execute the sync I got the below error message. I believe it
has issue to create objectClass in the destination LDAP group ou but I am not
sure why it fails. Any help is very appreciated.
Dec 03 12:30:07 - ERROR - Error while adding entry
cn=test,ou=Groups,ou=Dept,dc=sample,dc=net in directory
:javax.naming.directory.InvalidAttributeValueException: [LDAP: error
code 21 - objectClass: value #0 invalid per syntax]; remaining name
'cn=test,ou=Groups,ou=Dept'
Dec 03 12:30:07 - ERROR - Error while
synchronizing ID cn=test,ou=Groups,ou=Dept,dc=sample,dc=net:
java.lang.Exception: Technical problem while applying modifications to
the destination
<task>
<name>adGroup</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>group-source-service</name>
<connection reference="AD" />
<baseDn>ou=Groups,ou=Dept,dc=sample,dc=net</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>dn</string>
<string>cn</string>
<string>description</string>
<string>member</string>
<string>objectClass</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(objectClass=group)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=group)(cn={cn}))]]></getOneFilter>
<cleanFilter><![CDATA[(&(objectClass=group)(cn={cn}))]]></cleanFilter>
</ldapSourceService>
<ldapDestinationService>
<name>group-dst-service</name>
<connection reference="openldap" />
<baseDn>ou=Groups,ou=Dept,dc=sample,dc=net</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>dn</string>
<string>cn</string>
<string>description</string>
<string>uniqueMember</string>
<string>objectClass</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(objectClass=groupOfNames)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=groupOfNames)(cn={cn}))]]></getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>js:"cn=" +
javax.naming.ldap.Rdn.escapeValue(srcBean.getDatasetFirstValueById("cn")) +
",ou=Groups,ou=Dept,dc=sample,dc=net"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>true</delete>
<changeId>true</changeId>
</conditions>
<dataset>
<name>objectclass</name>
<policy>FORCE</policy>
<createValues>
<string>"top"</string>
<string>"groupOfNames"</string>
</createValues>
</dataset>
<dataset>
<name>cn</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("cn")</string>
</forceValues>
</dataset>
<dataset>
<name>dn</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("dn")</string>
</forceValues>
</dataset>
<dataset>
<name>uniqueMember</name>
<policy>FORCE</policy>
<forceValues>
<string>
<![CDATA[rjs:
var membersSrcDn = srcBean.getDatasetValuesById("member");
var membersDstDn = [];
for (var i=0; i<membersSrcDn.size(); i++) {
var memberSrcDn = membersSrcDn.get(i);
var sAMAccountName = "";
try {
sAMAccountName = srcLdap.attribute(memberSrcDn,
"sAMAccountName").get(0);
} catch(e) {
continue;
}
var destDn = ldap.search("ou=Users,ou=Dept", "(uid=" +
sAMAccountName + ")");
if (destDn.size() == 0 || destDn.size() > 1) {
continue;
}
var destMemberDn = destDn.get(0) + "," +
ldap.getContextDn();
membersDstDn.push(destMemberDn);
}
membersDstDn
]]>
</string>
</forceValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
