2015-02-26 13:36 GMT+01:00 Jephte Clain <[email protected]>: > Le 26/02/2015 12:48, Clément OUDOT a écrit : >> >> 2015-02-25 20:41 GMT+01:00 Jephte Clain <[email protected]>: >>> >>> hello, >>> >>> Thanks to your previous answers, I've been able to get the group >>> synchronisation working. >>> ... but, there are some subtle problems: >>> >>> - my groups are dynamic (i.e. groupOfURLs). asynchronous sync does not >>> work indeed, because lsc as no way to know that a group have been >>> updated... >>> To solve this problem, special support would have to be written I >>> guess (for example, a sync (e.g group sync) may be dependant upon >>> another (e.g user sync), so if any user is updated asynchronously, it >>> triggers the group sync) >>> >> >> In this case, group sync must be run synchronously. > > > This is unfortunate. (see the other thread about forcing task order) > >> >>> - anyway, the problem can be "solved" by running group sync >>> synchronously at regular interval... but it seems that with the code >>> given with the tutorial, the group in AD is recreated each time, even >>> if it didn't change in OpenLDAP. is this expected or is it a bug? >> >> >> This should be a bug in your configuration. Check the pivot between >> your source group and you destination group. > > > no, it's a bug in LSC <wink wink> :-) > in fact, the comparison is done case sensitively but DN are not case > sensitive > > I don't find any option to force case insensitive comparison in a <dataset>
There is not. > > I modified my code to put attribute names in the DN in uppercase (e.g. > OU=users,DC=domain instead of ou=users,dc=domain), like they are generated > by AD, and now it works... > >> >>> >>> - Out of curiosity, is there a limit to the size of groups that can be >>> synchronised with the code given by the tutorial? >>> Does lsc support paged results from AD in case, e.g, AD returns a >>> group with 20 000 members? >>> >> >> Pages result are for a number of entries, it is configurable in >> <connection>. For a number of values inside an attribut, which is >> called range, you can use this piece of code: >> http://lsc-project.org/wiki/documentation/howto/adrangescript > > > ok thanks, I'll have a look > > > Thanks for your valuable time. > have a good day! > >> >> >> Clément. >> > > > -- > cordialement, > > Jephté Clain > Direction des Systèmes d'Information > et des Usages Numériques - 2IG > Tél. 0262 93 86 31 > Fax. 0262 93 81 06 _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
