That's exactly what i've done.
In source ldap connection i have this :
<ldapConnection>
<name>AD-source</name>
<url>ldap://ad.exemple.fr:389/dc=exemple,dc=fr</url>
<username>cn=readaccount,cn=users,dc=exemple,dc=fr</username>
<password>secret</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>10</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
<binaryAttributes>
<string>objectsid</string>
</binaryAttributes>
</ldapConnection>
And in destination i have this :
<ldapConnection>
<name>openldap-destination</name>
<url>ldap://localhost:389/dc=test,dc=fr</url>
<username>cn=root,dc=test,dc=fr</username>
<password>secret</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>10</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
<binaryAttributes>
<string>userSMIMECertificate</string>
</binaryAttributes>
</ldapConnection>
</connections>
i also have my dataset like this :
<dataset>
<name>userSMIMECertificate</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("objectsid")</string>
</createValues>
<delimiter></delimiter>
</dataset>
And the problem is still the same : the user is added and deleted in the
same process.
Also when i do a ldap query in my active directory with this filter
:
objectsid="\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00"
I have the good result
But in ldap with this filter
:
userSMIMECertificate="\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00"
No result is returned.
Thanks
2015-08-27 14:56 GMT+02:00 Clément OUDOT <[email protected]
>:
>
>
> Le 27/08/2015 14:42, Armando Martins a écrit :
>
>> Hi Clément,
>>
>> Thanks a lot for your answer that seems to work, but if i do the update
>> operation 2 times, i have this message :
>> :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Entry
>> Already Exists];
>>
>> And i see in my ldap log that the request of the objectsid stocked in my
>> ldap userSMIMECertificate send no results
>>
>> conn=1029 op=1 SRCH base="ou=users,dc=test,dc=fr" scope=2 deref=0
>> filter="(&(objectClass=inetOrgPerson)(?userSMIMECertificate=\01\05\00\00\00\00\00\05\15\00\00\00\CE;2y\C5U\C2Q\1D\03jf\ED\FB\00\00))"
>> conn=1029 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
>>
>> Also if i use lsc with -s all -d all the user is inserted and deleted...
>>
>> Is it possible to take the objectsid in active directory and put it in a
>> ldap attribute not coded in binary?
>>
>>
>
> You need to set userSMIMECertificate as binary in the destination LDAP
> connection.
>
> For now, you need to have a binary pivot in the destination to be able to
> match a binary pivot from the source. In the next release, you will be able
> to transform pivot value between source and destination:
> http://tools.lsc-project.org/issues/756
>
>
>
> --
> Clément OUDOT
> Consultant en logiciels libres, Expert infrastructure et sécurité
> Savoir-faire Linux
> 87, rue de Turbigo - 75003 PARIS
>
> _______________________________________________________________
> Ldap Synchronization Connector (LSC) - http://lsc-project.org
>
> lsc-users mailing list
> [email protected]
> http://lists.lsc-project.org/listinfo/lsc-users
>
--
Armando Martins
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
