Hello all,
I am quite new to the LSC but I really appreciate your effort – tho product is
excellent and we were able to use it in our integration projects, thanks!
I am having a problem with a group membership synchronization – everything is
working ok for the first run.
But every since after that the LSC is trying to add user groups and their
members again – LDAP operation is add – I am expecting to do nothing or just
update the member attributes.
Could someone please take a look at my configuration if I am not doing some
simple mistake?
Thanks in advance:
<task>
<name>Sync_Hosel2Slave_Groups</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>Sync_Hosel2Slave_Groups-SourceHoselServer</name>
<connection reference="Connection_HoselServer" />
<baseDn>ou=roles,dc=homecredit,dc=in</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>uniqueMember</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(cn=mdm*)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=groupOfUniqueNames)(cn={cn}))]]></getOneFilter>
<cleanFilter><![CDATA[(&(objectClass=groupOfUniqueNames)(cn={cn}))]]></cleanFilter>
</ldapSourceService>
<ldapDestinationService>
<name>Sync_Hosel2Slave_Groups-DestinationSlaveServer</name>
<connection reference="Connection_SlaveServer" />
<baseDn>ou=groups,ou=hosel,ou=source,ou=ldap,dc=homecredit,dc=in</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>member</string>
<string>objectClass</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(cn=mdm*)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=groupOfUniqueNames)(cn={cn}))]]></getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>js:"cn=" + srcBean.getDatasetFirstValueById("cn") +
",ou=groups,ou=hosel,ou=source,ou=ldap,dc=homecredit,dc=in"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>MERGE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>true</delete>
<changeId>true</changeId>
</conditions>
<dataset>
<name>objectclass</name>
<policy>FORCE</policy>
<forceValues>
<string>"groupOfNames"</string>
<string>"top"</string>
</forceValues>
</dataset>
<dataset>
<name>member</name>
<policy>FORCE</policy>
<forceValues>
<string>
<![CDATA[js:
var membersSrcDn = srcBean.getDatasetValuesById("uniqueMember");
var membersDstDn = new java.util.ArrayList();
for (var i=0; i<membersSrcDn.size(); i++) {
var memberSrcDn = membersSrcDn.get(i);
var uid = "";
try {
uid = srcLdap.attribute(memberSrcDn,
"uid").get(0);
} catch(e) {
continue;
}
var destDn =
ldap.search("ou=users,ou=hosel,ou=source,ou=ldap", "(uid=" + uid + ")");
if (destDn.size() == 0 || destDn.size() > 1) {
continue;
}
var destMemberDn = destDn.get(0) + "," +
ldap.getContextDn();
membersDstDn.add(destMemberDn);
}
if (membersSrcDn.size() <= 0)
membersDstDn.add("cn=placeholder");
membersDstDn
]]>
</string>
</forceValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
Petr Spurný
Senior Consultant, Partner
ISECO.CZ
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
