Hi,we have tried to implement what you mention in your link. However, the problems seems to persist. Here's the new mainIdentifier construction:
<mainIdentifier>var pos = srcBean.getMainIdentifier().indexOf(",OU=");
var cn =
srcBean.getMainIdentifier().substring(0,pos).split("=")[1];
var restDN =
srcBean.getMainIdentifier().substring(pos);
restDN = restDN.replace(",DC=de",",c=de");
var res =
"cn="+javax.naming.ldap.Rdn.escapeValue(cn)+restDN;
res</mainIdentifier>
The first sync works fine. But when starting the second the error that
occurs is as follows:
Dez 12 13:37:39 - ERROR - Error while synchronizing ID cn=Lastname\\, Firstname,ou=Benutzer,c=de: java.lang.RuntimeException: org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: expecting EQUALS, found ','
# Fri Dec 12 13:37:39 CET 2014 dn: cn=Lastname\\, Firstname,ou=Benutzer,c=de changetype: modrdn newrdn: cn=Lastname\, Firstname deleteoldrdn: 1 newsuperior: OU=Benutzer,c=deSo LSC continues to stack the escapes. When I look at the debugger for the above statement, the "res" variable contains the correct string every time (both first and consecutive syncs). However, during the second sync, the dstBean variable contains exactly this double-escaped version that is also seen in the above error message. Thus, I think the problem is not in the construction of the MainIdentifier of the srcBean, but in reading the main identifier of the dstBean from OpenLDAP (which is not configurable as far as I understand it). As I wrote in my first post, AD and OpenLDAP seem to encode this differently and therefore LSC finds a DN mismatch. Any help is greatly appreciated.
Regards Benjamin Clément OUDOT wrote:
See http://lsc-project.org/wiki/documentation/latest/upgrade#dn_escaping Clément.
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
