2015-01-21 22:36 GMT+01:00 W. Ho <[email protected]>: > > Hi, > > I have come across an issue to sync AD groups to OpenLDAP when invoking Java > 8. > > I am using lsc core 2.1.2 with CentOS 6.5 and CentOS 7. Everything works > fine when I use Java 7. However, when switching to Java 8 it fails. The > error message is "invalid attribute syntax", followed by "member: value #0 > invalid per syntax". > > I performed the packet sniffing over the wire to see what breaks the > transaction. I discovered that when running Java 7 I could see group > members (full list with dn) were passing to the client and the sync went > through. When running Java 8, instead of pulling all members from the group > the group attribute shew as "[object array]". No group member was > available. > > The code I use to sync group is listed below. Appreciate any help to > address this issue. > > Thanks, > > <dataset> > <name>member</name> > <policy>FORCE</policy> > <forceValues> > <string> > <![CDATA[rjs: > var membersSrcDn = srcBean.getDatasetValuesById("member"); > var membersDstDn = []; > for (var i=0; i<membersSrcDn.size(); i++) { > var memberSrcDn = membersSrcDn.get(i); > var sAMAccountName = ""; > try { > sAMAccountName = srcLdap.attribute(memberSrcDn, > "sAMAccountName").get(0); > } catch(e) { > continue; > } > var destDn = ldap.search("ou=Users,ou=HQ", "(uid=" + > sAMAccountName + ")"); > if (destDn.size() == 0 || destDn.size() > 1) { > continue; > } > var destMemberDn = destDn.get(0) + "," + > ldap.getContextDn(); > membersDstDn.push(destMemberDn); > } > membersDstDn > ]]> > </string> > </forceValues> > </dataset> >
Use 'rjs:' instead of 'js:' to explicitely call rhino interpreter. Else it calls the javascript interpreter of the JVM which has change between java7 and java8. Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
