Re: [lsc-users] question regarding cleanFilter

Thu, 23 Jul 2015 06:49:10 -0700 


Le 23/07/2015 15:33, Thomas Peter a écrit :

On 2015-07-23 14:30, Clément OUDOT wrote:

Indeed, you will have a problem if the pivot is multivalued. So the
solution can be to use another attribute to store the pivot attribute.



hmm, I tried this but it still removes all of my users in the clean 
phase...

any hint?



<getAllFilter>(&amp;(objectClass=user))</getAllFilter>
<getOneFilter>(&amp;(objectClass=user)(samAccountName={samAccountName}))</getOneFilter>
<cleanFilter>(&amp;(objectClass=user)(samAccountName={samAccountName}))</cleanFilter>
</ldapSourceService>

<ldapDestinationService>
    <name>ldap-dst-service</name>
    <connection reference="ldap-dst-conn" />
    <baseDn>DC=de,DC=local,DC=lan</baseDn>

    <pivotAttributes>
        <string>carLicense</string>
    </pivotAttributes>

    <fetchedAttributes>
        <string>cn</string>
        <string>sn</string>
        <string>givenName</string>
        <string>uid</string>
        <string>objectClass</string>
        <string>userPassword</string>
        <string>carLicense</string>
    </fetchedAttributes>
<getAllFilter><![CDATA[(&(objectClass=inetOrgPerson))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(uid={uid}))]]></getOneFilter>
</ldapDestinationService>

<propertiesBasedSyncOptions>

    <mainIdentifier>js:"cn=" + 
javax.naming.ldap.Rdn.escapeValue(srcBean.getDatasetFirstValueById("cn")) 
+ ",DC=de,DC=local,DC=lan"</mainIdentifier>

    <defaultDelimiter>;</defaultDelimiter>
    <defaultPolicy>FORCE</defaultPolicy>
    <conditions>
        <create>true</create>
        <update>true</update>
        <delete>true</delete>
        <changeId>true</changeId>
    </conditions>
    <dataset>
        <name>objectClass</name>
        <policy>FORCE</policy>
        <defaultValues></defaultValues>
        <forceValues></forceValues>
        <createValues>
            <string>"organizationalPerson"</string>
            <string>"person"</string>
            <string>"top"</string>
            <string>"inetOrgPerson"</string>
        </createValues>
        <delimiter>,</delimiter>
    </dataset>
    <dataset>
        <name>uid</name>
        <policy>KEEP</policy>
        <createValues>
<string>srcBean.getDatasetFirstValueById("sAMAccountName")</string>
<string>srcBean.getDatasetFirstValueById("sAMAccountName")+"tf"</string>
        </createValues>
    </dataset>
    <dataset>
        <name>carLicense</name>
        <policy>KEEP</policy>
        <createValues>
<string>srcBean.getDatasetFirstValueById("sAMAccountName")</string>
        </createValues>
    </dataset>





So if you use carLicense as pivot attribute for destination, here are 
the filters to configure in source service :


<getAllFilter>(&amp;(objectClass=user))</getAllFilter>
<getOneFilter>(&amp;(objectClass=user)(samAccountName={samAccountName}))</getOneFilter>
<cleanFilter>(&amp;(objectClass=user)(samAccountName={carLicense}))</cleanFilter>

And in destination service :

<getAllFilter><![CDATA[(&(objectClass=inetOrgPerson))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(carLicense={samAccountName}))]]></getOneFilter>

--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
87, rue de Turbigo - 75003 PARIS

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users





















					Reply via email to