hi, I have the following request to sync ad structure recursively.
the ad look like:
ou=A
|-- ou= B
|— = BC
|—ou = D
|— ou= F
|— ou= BC
how can I sync them to my openldap and keep their structure same with AD?
there are 2 problems I meet:
1: OU attribute is not unique, so I have to use objectGUID as the pivot
attribute. e.g :
<getAllFilter><![CDATA[(&(objectClass=organizationalUnit))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=organizationalUnit)(objectGUID={objectGUID}))]]></getOneFilter>
2:I don’t know how to add ou entry recursively? I seem that there are alway
have a sequence to add those entry? I try to set the mainIdentifier as
something like.
<mainIdentifier><![CDATA[srcBean.getMainIdentifier().substring(0,srcBean.getMainIdentifier().lastIndexOf(“DC=adtest,DC=cn"))
+ "ou=Account,dc=adtest,dc=com"]]></mainIdentifier>
but it seem sync those entry randomly? a sub entry add before a parent entry
added?
I try to set the sortedBy attribute in ldapconection, such as:
<sortedBy>dn</sortedBy>
but this cannot work, I get such a error:
ERROR - javax.naming.OperationNotSupportedException: [LDAP: error code 12 -
00000057: LdapErr: DSID-0C090753, comment: Error processing control, data 0,
v1db1]; remaining name 'ou=_ZHKS(????)’
any suggestion? guys?
thanks lot.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
