Hi,
so i had forget to set the sAMAccountName for groups in my slc script,
the result is that in AD the Attribut has an numeric Value.
So ichanged my group script:
<ldapDestinationService>
<name>group-dst-service</name>
<connection reference="AD" />
<baseDn>cn=users,dc=zkmdom,dc=zkm,dc=de</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>description</string>
<string>member</string>
<string>objectClass</string>
<string>sAMAccountName</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(&
(objectClass=group)(!(isCriticalSystemObject=true))) ]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=group)(cn={cn}))]]></getOneFilter>
</ldapDestinationService>
and the sync options
<propertiesBasedSyncOptions>
<mainIdentifier>"CN="
+srcBean.getDatasetFirstValueById("cn")
+",cn=users,dc=zkmdom,dc=zkm,dc=de"</mainIdentifier>
<defaultDelimiter>$</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>true</delete>
<changeId>true</changeId>
</conditions>
and the dataset
<dataset>
<name>samaccountname</name>
<policy>KEEP</policy>
<createValues>
<string>js:srcBean.getDatasetFirstValueById("cn")</string>
</createValues>
</dataset>
But the value will not be updated, i must delete the group entry, then
it works.
What is wrong ?
Regards
--
Uwe
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
