Hi, I'm trying to sync the users from AD Server to LDAP server, and met some errs, please reference the configuration and log ad below. Btw, are the domains/admins of source and destination need to be the same?
----------lsc.xml--------------------- <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <connections> <ldapConnection> <name>ldap-src-conn</name> <url>ldap://demo.local/dc=demo,dc=local</url> <username>cn=administrator,dc=demo,dc=local</username> <password>abcd-1234</password> <authentication>SIMPLE</authentication> <pageSize>1000</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>ldap-dst-conn</name> <url>ldap://localhost/dc=wps,dc=inventec,dc=com</url> <username>cn=admin,dc=wps,dc=inventec,dc=com</username> <password>inventec</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> <tasks> <task> <name>ldapContentSync</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>ldap-src-service</name> <connection reference="ldap-src-conn" /> <baseDn>dc=demo,dc=local</baseDn> <pivotAttributes> <string>mail</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>mail</string> <string>objectclass</string> <string>sAMAccountName</string> <string>sn</string> <string>unicodePwd</string> <string>userAccountControl</string> <string>userPrincipalName</string> </fetchedAttributes> <getAllFilter>(objectClass=user)</getAllFilter> <getOneFilter>(&(objectClass=user)(mail={mail}))</getOneFilter> </ldapSourceService> <ldapDestinationService> <name>ldap-dst-service</name> <connection reference="ldap-dst-conn" /> <baseDn>dc=wps,dc=inventec,dc=com</baseDn> <pivotAttributes> <string>mail</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>mail</string> <string>sn</string> <string>uid</string> <string>userPassword</string> <string>objectClass</string> </fetchedAttributes> <getAllFilter>(objectClass=inetOrgPerson)</getAllFilter> <getOneFilter>(&(objectClass=inetOrgPerson)(mail={mail}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>srcBean.getMainIdentifier()</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>false</changeId> </conditions> </propertiesBasedSyncOptions> </task> </tasks> <security> <encryption> <keyfile>etc/lsc.key</keyfile> <algorithm>AES</algorithm> <strength>128</strength> </encryption> </security> </lsc> ----------lsc.xml--------------------- Here is the log after I excuted "/etc/init.d/lsc start" command, ---------lsc.log---------------------- Jun 22 14:50:14 - INFO - Logging configuration successfully loaded from /etc/lsc/logback.xml Jun 22 14:50:14 - INFO - LSC configuration successfully loaded from /etc/lsc/ Jun 22 14:50:14 - INFO - Configuration and environment successfully checked ! 2015/06/22 14:50:14 [lsc] Starting LSC 2015/06/22 14:50:14 [lsc] Using JMX port 1099 Jun 22 14:50:15 - INFO - Logging configuration successfully loaded from /etc/lsc/logback.xml Jun 22 14:50:15 - INFO - LSC configuration successfully loaded from /etc/lsc/ Jun 22 14:50:15 - INFO - Connecting to LDAP server ldap://localhost/dc=wps,dc=inventec,dc=com as cn=admin,dc=wps,dc=inventec,dc=com Jun 22 14:50:15 - INFO - Connecting to LDAP server ldap://demo.local/dc=demo,dc=local as cn=administrator,dc=demo,dc=local Jun 22 14:50:15 - ERROR - Error opening the LDAP connection to the destination! (javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0 ]) Jun 22 14:50:15 - ERROR - org.lsc.exception.LscConfigurationException: Configuration exception: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0 ] 2015/06/22 14:50:16 [lsc] LSC finished running ---------lsc.log---------------------- Please advise what should I adjust, thanks! Regards, -Jed -- Jedison Chiang | System Engineer Taipei Cloud Solution Division | +886-2-2881-0721#28481 *Inventec Corporation* | No.66, Hou-Kang Street, Shih-Lin District, Taipei, Taiwan 11170
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
