Hi, This works really well for both CentOS6 and 7.
Thanks very much! > Date: Mon, 2 Feb 2015 17:04:23 +0100 > From: [email protected] > To: [email protected] > CC: [email protected] > Subject: Re: [lsc-users] FW: AD Group Sync to OpenLDAP with Java 8 > > Hi, > > Le 2015-01-21 22:36, W. Ho a écrit : > > Hi, > > > > I have come across an issue to sync AD groups to OpenLDAP when > > invoking Java 8. > > > > I am using lsc core 2.1.2 with CentOS 6.5 and CentOS 7. Everything > > works fine when I use Java 7. However, when switching to Java 8 it > > fails. The error message is "invalid attribute syntax", followed by > > "member: value #0 invalid per syntax". > > > > I performed the packet sniffing over the wire to see what breaks the > > transaction. I discovered that when running Java 7 I could see group > > members (full list with dn) were passing to the client and the sync > > went through. When running Java 8, instead of pulling all members from > > the group the group attribute shew as "[object array]". No group > > member was available. > > You don't need packet sniffing to see this, just activate DEBUG logs. > > > The code I use to sync group is listed below. Appreciate any help to > > address this issue. > > It seems LSC don't use Rhino when invoked by Java 8. I don't know why, > but here is a workaround: > > > > > Thanks, > > > > <dataset> > > <name>member</name> > > <policy>FORCE</policy> > > <forceValues> > > <string> > > <![CDATA[rjs: > > var membersSrcDn = srcBean.getDatasetValuesById("member"); > > var membersDstDn = []; > > Use instead : > var membersDstDn = new java.util.ArrayList(); > > > for (var i=0; i<membersSrcDn.size(); i++) { > > var memberSrcDn = membersSrcDn.get(i); > > var sAMAccountName = ""; > > try { > > sAMAccountName = srcLdap.attribute(memberSrcDn, > > "sAMAccountName").get(0); > > } catch(e) { > > continue; > > } > > var destDn = ldap.search("ou=Users,ou=HQ", "(uid=" + sAMAccountName + > > ")"); > > if (destDn.size() == 0 || destDn.size() > 1) { > > continue; > > } > > var destMemberDn = destDn.get(0) + "," + ldap.getContextDn(); > > membersDstDn.push(destMemberDn); > > And here: > membersDstDn.add(destMemberDn); > > > } > > membersDstDn > > ]]> > > </string> > > </forceValues> > > </dataset> > > This would allow to use ArrayList instead of native arrays. > > Regards, > Raphaël ouazana.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
