Hello, No matter what I do I can't seem to get this to work. What I am trying to do should be simple enough - I want to replicate the entire OU structure of AD into OpenLDAP. A one to one sync.(task syncronizeOU)
What am I doing wrong? <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <!-- Connections --> <connections> <ldapConnection> <name>ADConnection</name> <url>ldap://[server name removed]</url> <username>[user name removed]</username> <password>[password removed]</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>3000</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>LocalConnection</name> <url>[server name removed]</url> <username>[user name removed]</username> <password>[password removed]</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> <!-- Tasks --> <tasks> <task> <name>synchronizeOU</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>ADService</name> <connection reference="ADConnection" /> <baseDn>[base dn removed]</baseDn> <pivotAttributes> <string>distinguishedName</string> </pivotAttributes> <fetchedAttributes> <string>distinguishedName</string> <string>ou</string> <string>objectClass</string> </fetchedAttributes> <getAllFilter><![CDATA[(objectClass=organizationalUnit)]]></getAllFilter> <getOneFilter><![CDATA[(distinguishedName={distinguishedName})]]></getOneFilter> <cleanFilter><![CDATA[(distinguishedName={distinguishedName})]]></cleanFilter> </ldapSourceService> <ldapDestinationService> <name>LocalService</name> <connection reference="LocalConnection" /> <baseDn>[base dn removed]</baseDn> <pivotAttributes> <string>distinguishedName</string> </pivotAttributes> <fetchedAttributes> <string>distinguishedName</string> <string>ou</string> <string>objectClass</string> </fetchedAttributes> <getAllFilter><![CDATA[(objectClass=organizationalUnit)]]></getAllFilter> <getOneFilter><![CDATA[(distinguishedName={distinguishedName})]]></getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>srcBean.getDatasetFirstValueById("distinguishedName")</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>false</changeId> </conditions> <dataset> <name>objectClass</name> <policy>KEEP</policy> <defaultValues></defaultValues> <forceValues></forceValues> <createValues> <string>"organizationalUnit"</string> <string>"top"</string> </createValues> </dataset> </propertiesBasedSyncOptions> </task> <task> <name>synchronizeUsers</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>ADServiceUsers</name> <connection reference="ADConnection" /> <baseDn>[base dn removed]</baseDn> <pivotAttributes> <string>distinguishedName</string> </pivotAttributes> <fetchedAttributes> <string>distinguishedName</string> <string>sAMAccountName</string> <string>sn</string> <string>cn</string> <string>description</string> <string>displayName</string> <string>department</string> <string>title</string> <string>objectClass</string> </fetchedAttributes> <getAllFilter>(&(objectClass=organizationalPerson)(objectClass=person)(objectClass=user)(sAMAccountType=805306368))</getAllFilter> <getOneFilter>distinguishedName={distinguishedName}</getOneFilter> <cleanFilter>distinguishedName={distinguishedName}</cleanFilter> </ldapSourceService> <ldapDestinationService> <name>LocalServiceUsers</name> <connection reference="LocalConnection" /> <baseDn>[base dn removed]</baseDn> <pivotAttributes> <string>sAMAccountName</string> </pivotAttributes> <fetchedAttributes> <string>sAMAccountName</string> <string>sAMAccountType</string> <string>sn</string> <string>cn</string> <string>description</string> <string>displayName</string> <string>department</string> <string>title</string> <string>objectClass</string> </fetchedAttributes> <getAllFilter>(&(objectClass=organizationalPerson)(objectClass=person)(objectClass=user)(sAMAccountType=805306368))</getAllFilter> <getOneFilter>sAMAccountName={sAMAccountName}</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>srcBean.getDatasetFirstValueById("distinguishedName")</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>false</changeId> </conditions> <dataset> <name>objectClass</name> <policy>KEEP</policy> <defaultValues></defaultValues> <forceValues></forceValues> <createValues> <string>"securityPrincipal"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"top"</string> </createValues> <delimiter>,</delimiter> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> -- *Disclaimer: *Under Florida law, e-mail addresses are public records. If you do not want your e-mail address released in response to a public records request, do not send electronic mail to this entity. Instead, contact this office by phone or in writing.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
