Hello,
I've been working on syncing AD to openldap, and have gotten all but the
group members working. I found some example javascript for converting the
AD group members to posixgroup memberUID, and the output looks correct,
however it is not being split up by the delimiter:
memberUid: cn=User 1,ou=Users,dc=my-domain,dc=com ; cn=User 2,ou=Use
rs,dc=my-domain,dc=com
I have both the defaultDelimiter set to ; and the attribute one set as
well. Here's the full dataset:
<dataset>
<name>memberUid</name>
<policy>FORCE</policy>
<forceValues>
<string>
<![CDATA[js:
var dnRoot = "dc=my-domain,dc=com";
var srcMembersNotFoundInDst = new Array();
var dstMembers = new Array();
var dnNoMembers = "uid=no_members,ou=Private," + dnRoot;
var srcMembers = new Array();
if ( srcBean.getDatasetById("member"))
{
srcMembers = srcBean.getDatasetById("member").toArray() ;
for (var i=0; i < srcMembers.length; i++ ) {
try {
var sam =
srcLdap.attribute(srcMembers[i],'sAMAccountName').get(0);
dstMembers.push(ldap.search("ou=Users","(uid="+sam+")").get(0) + "," +
dnRoot)
}
catch (e) {
srcMembersNotFoundInDst.push(
srcMembers[i]);
}
}
if ( srcMembersNotFoundInDst.length > 0 ) srcMembers =
srcMembersNotFoundInDst.slice(0);
srcMembersNotFoundInDst = [];
for (var i=0; i < srcMembers.length; i++ ) {
try {
var cn = srcLdap.attribute(srcMembers[i],
'cn').get(0);
dstMembers.push(ldap.search("ou=Groups","(cn=" + cn + ")").get(0) + "," +
dnRoot)
}
catch (e) {
srcMembersNotFoundInDst[i]=srcMembers[i];
}
}
if ( dstMembers.length == 0) dstMembers.push( dnNoMembers);
dstMembers.join(' ; ') ;
}
else
{
dnNoMembers
}
]]>
</string>
</forceValues>
<delimiter>;</delimiter>
</dataset>
Any help would be very appreciated
Justin
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
