Dear Reader,
I am using LSC 2.1.3 for synching users from LDAP to PostGreSQL
database. The users in LDAP have one or many roles assigned to them. I
need to sync users from LDAP belonging to only some specific roles. I am
able to fetch the roles of the users using the isMemberOf operational
attribute which is configured in lsc.xml. The problem is while synching
only one role is fetched by the tool in spite of a user belonging to
multiple roles. All the roles for the user is displayed in the log but
somehow only the first role is fetched and put as parameter in the SQL
query which I am using to copy the users to database.
This is what gets printed in the log:
isMemberOf: cn=UID_BO,ou=roles,dc=users,dc=in
isMemberOf: cn=SALES_AGENT,ou=roles,dc=users,dc=in
isMemberOf: cn=HOMESIS,ou=roles,dc=users,dc=in
But only the first one gets picked at the time of synching with database
using SQL query.
SELECT
usf_insert_user(#employeenumber#,#uid#,#sn#,#givenname#,#cn#,#mail#,#address#,#mobile#,#userpassword#,#isMemberOf#)
According to the above result, the #isMemberOf# value in the above SQL
is cn=UID_BO,ou=roles,dc=users,dc=in.
I want all the roles to be passed as parameter to SQL which is not
happening currently.
Need help urgently on this.
I've attached lsc.xml and InetOrgPerson.xml for your reference.
Thanks & Regards,
Pramod
<?xml version="1.0" ?>
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="1">
<connections>
<ldapConnection>
<name>ldap-src-conn</name>
<url>ldap://127.0.0.1:10389/ou=people,dc=users,dc=in</url>
<username>cn=ROofficeuser,ou=opensso adminusers,dc=users,dc=in</username>
<password>kLn1iY_Q1eO-MnNb</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>-1</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
</ldapConnection>
<databaseConnection>
<name>jdbc-dst-conn</name>
<url>jdbc:postgresql://127.0.0.1:5432/lsc</url>
<username>postgres</username>
<password>postgres@123</password>
<driver>org.postgresql.Driver</driver>
</databaseConnection>
</connections>
<tasks>
<task>
<name>People</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>openldap-source-service</name>
<connection reference="ldap-src-conn" />
<baseDn></baseDn>
<pivotAttributes>
<string>employeeNumber</string>
</pivotAttributes>
<fetchedAttributes>
<string>employeeNumber</string>
<string>description</string>
<string>cn</string>
<string>sn</string>
<string>givenname</string>
<string>mobile</string>
<string>userPassword</string>
<string>objectClass</string>
<string>uid</string>
<string>mail</string>
<string>isMemberOf</string>
</fetchedAttributes>
<getAllFilter>(&(objectClass=inetorgperson)(|(isMemberOf=cn=UID_ADMIN,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_BO,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_POS_USER,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_REPORT_ADMIN,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_RISK_USER,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_SALES_SUPPORT,ou=roles,dc=homecredit,dc=in))(employeeNumber=*))</getAllFilter>
<getOneFilter>(&(objectClass=inetorgperson)(employeeNumber={employeeNumber}))</getOneFilter>
<cleanFilter>(&(objectClass=inetorgperson)(|(isMemberOf=cn=UID_ADMIN,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_BO,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_POS_USER,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_REPORT_ADMIN,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_RISK_USER,ou=roles,dc=homecredit,dc=in)(isMemberOf=cn=UID_SALES_SUPPORT,ou=roles,dc=homecredit,dc=in))(employeeNumber={employeeNumber}))</cleanFilter>
</ldapSourceService>
<databaseDestinationService>
<name>postgresql-src-service</name>
<connection reference="jdbc-dst-conn" />
<requestNameForList>getInetOrgPersonList</requestNameForList>
<requestNameForObject>getInetOrgPerson</requestNameForObject>
<requestsNameForInsert><string>insertInetOrgPerson</string></requestsNameForInsert>
<requestsNameForUpdate><string>updateInetOrgPerson</string></requestsNameForUpdate>
<requestsNameForDelete><string>deleteInetOrgPerson</string></requestsNameForDelete>
</databaseDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"employeeNumber="+srcBean.getDatasetFirstValueById("employeeNumber") + ",ou=people,dc=homecredit,dc=in"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<update>true</update>
<changeId>false</changeId>
</conditions>
</propertiesBasedSyncOptions>
</task>
</tasks>
</lsc>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE sqlMap PUBLIC "-//iBATIS.com//DTD SQL Map 2.0//EN" "http://www.ibatis.com/dtd/sql-map-2.dtd";>
<sqlMap namespace="InetOrgPerson">
<select id="getInetOrgPerson" resultClass="java.util.HashMap" parameterClass="java.util.Map">
Select
'adm_employee_master' objectClass,
pers.aem_id,
pers.aem_employee_no as employeenumber,
TRIM(pers.aem_employee_no) as uid,
TRIM(pers.aem_last_name) as sn,
TRIM(pers.aem_first_name) as givenname,
TRIM(pers.aem_first_name) as cn,
TRIM(pers.aem_email_id) as mail,
TRIM(pers.aem_company_address) as address,
TRIM(pers.aem_employee_mob_no) as telephonenumber
FROM adm_employee_master pers
WHERE pers.aem_employee_no = #employeenumber#
</select>
<insert id="insertInetOrgPerson" parameterClass="java.util.Map">
SELECT usf_insert_user(#employeenumber#,#uid#,#sn#,#givenname#,#cn#,#mail#,#address#,#mobile#,#userpassword#,#isMemberOf#)
</insert>
<update id="updateInetOrgPerson" parameterClass="java.util.Map">
UPDATE adm_employee_master
SET uid = #uid#, sn = #sn# , givenname = #givenname#, cn = #cn#, address = #address#, telephonenumber = #telephonenumber#
WHERE mail = #mail#
</update>
<delete id="deleteInetOrgPerson" parameterClass="java.util.Map">
SELECT usf_delete_user(#employeenumber#)
<!--DELETE FROM inetorgperson
WHERE mail = #mail#-->
</delete>
<select id="getInetOrgPersonList" resultClass="java.util.HashMap">
SELECT pers.aem_employee_no as employeenumber
FROM adm_employee_master pers
</select>
</sqlMap>
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
