Hi Uli,
Finally had a chance to verify in enviromnent with correct hostnames
(only alphanumeric chars). Unfortunately this underscore in hostname is
not a reason of DNS SRV records not working.
Behaviour is as described in my first mails below. Seems like a defect
against LSC implementation.
Nevertheless, I managed to get an extra entry in DNS with multiple AD
controller addresses (round robin), so my LSC synchronisation works fine
now.
If anyone is able to debug DNS SRV usage in LSC it'd be great if this
was fixed in the code or (if works already) described in the manual.
Regards,
Leszek
W dniu 11.08.2015 o 00:05, Uli Tehrani pisze:
Hi Leszek,
could be the reason. Underscore are forbidden in DNS, because they are
used in the service records.
Regards
Uli
Am 11.08.2015 um 00:01 schrieb Leszek Buczkowski:
Hi,
There is really an underscore in hostname.
Do you think this might be causing this problem?
I know that underscore is in general not supported in DNS, but most
of applications I have in this environment are working fine with it.
Can't change it now even for test - not possible due to 'company
policy' :(.
Regards,
Leszek
W dniu 10.08.2015 o 23:48, Uli Tehrani pisze:
Hi Leszek,
are you using an underscore in your hostname?
Is activedirectory_srv2012 just an example ?
Regards
Uli
Am 10.08.2015 um 20:00 schrieb Leszek Buczkowski:
Hello Uli,
I'm not specifying this port, this is taken from DNS SRV record and
whole URL produced by LSC.
What I specify in config is only: <url>ldap:///dc=domain,dc=com</url>
If someone could just debug it with AD DNS server it'd be great.
We'd know exactly what is causing those issues...
At this point I can offer a 6-pack of beers :)
Regards,
Leszek
W dniu 10.08.2015 o 17:33, Uli Tehrani pisze:
Hello Leszek,
check the uRL:
.:389 instead of :389
Try it without port.
Regards
Uli
Am 09.08.2015 um 22:00 schrieb Leszek Buczkowski:
Hello Uli,
When I configure LSC this way: <url>ldap:///dc=domain,dc=com</url>
I get this result in log:
sie 09 21:40:06 - INFO - Connecting to LDAP server
ldap://_ldap._tcp.com.domain:389/dc=domain,dc=com as user
I don't know why, but it seems like domain name of the host is in
wrong order: com.domain instead of domain.com.
Last DN part is correct though.
I tried to change order in my config, so when i configure LSC
this way: <url>ldap:///dc=com,dc=domain</url> (reverse order)
I get this result in log:
sie 09 21:48:05 - INFO - Connecting to LDAP server
ldap://activedirectory_srv2012.domain.com.:389/dc=com,dc=domain
as user
sie 09 21:48:05 - ERROR -
org.apache.directory.api.ldap.model.exception.LdapURLEncodingException:
ERR_04399 The hostport is invalid
So now it successfully finds server hostname, but DN part is
wrong: dc=com,dc=domain instead of dc=domain,dc=com.
This hostport error is probably caused by a dot at the end of
hostname, right?
Any ideas on how to use DNS SRV?
BTW, I'm using LSC 2.1.3-1 on Debian.
Regards,
Leszek
W dniu 09.08.2015 o 18:24, Uli Tehrani pisze:
Hello Leszek,
try this:
ldap:///dc%3Ddomain%2Cdc%3Dcom
Regards
Uli
Am 07.08.2015 um 20:47 schrieb Leszek Buczkowski:
Hello,
It is very important for me to figure it out.
Anyone could help? Please...
Regards,
Leszek
W dniu 03.08.2015 o 08:04, Leszek Buczkowski pisze:
Hello Everyone,
I'm trying to run AD<->OpenLDAP synchronization in my network.
When I specify usual URL for AD source (i.e.
ldap://name-of-controller.domain.com:389/DC=domain,DC=com) it
works perfectly.
The issue here is that I have many domain contollers in the
netwrok, and this still changes - new controllers are added,
old controllers are removed and so on...
This is why I'd like to use DNS SRV revords for this, but I
haven't found and information about DNS SRV usage in LSC manual.
AFAIK LSC is using jnid libraries, so searching jndi docs I've
found that for DNS SRV records I could use only
"ldap:///DC=domain,DC=com"; (notice 3 slashes). It should
automatically determine dns name, ip address, port number,
priority and weight.
I've tried many times, but no luck.
So my question is how to use DNS SRV for source LDAP URL?
Regards,
Leszek
_______________________________________________________________
Ldap Synchronization Connector (LSC) -http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) -http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
--
===================================
Ulrich Tehrani
Am Ulrichshof 19
79189 Bad Krozingen
+497633806246
[email protected]
===================================
_______________________________________________________________
Ldap Synchronization Connector (LSC) -http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
--
===================================
Ulrich Tehrani
Am Ulrichshof 19
79189 Bad Krozingen
+497633806246
[email protected]
===================================
--
===================================
Ulrich Tehrani
Am Ulrichshof 19
79189 Bad Krozingen
+497633806246
[email protected]
===================================
--
===================================
Ulrich Tehrani
Am Ulrichshof 19
79189 Bad Krozingen
+497633806246
[email protected]
===================================
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
