Le 30/01/2016 00:41, GOMEZ TORRES HECTOR . a écrit :
Hi to everybody.
Finally, I was able to get working the sync operation from OpenLDAP to
Active Directory. I will leave here the contents of a sample lsc.xml
file with the hope of it would be useful for those that need something
similar.
With the following config, is possible to run sync and clean tasks,
and to update values only when they changes, including the passwords;
simply copy the below text in a new text file, rename it as *lsc.xml*
and save in */lsc_path/*\etc/./ Inside this configuration you will
find comments for each section and useful links to get more info about
particular points.
To run LSC efficiently from Windows, only is necessary to execute in a
CMD shell this instruction:
*C:\lsc\bin\lsc.bat -f C:\lsc\etc -s all -c a._Duplicate_users >>
C:\lsc\log.log*
,supposing that lsc folder is */C:\lsc/*. If your path contains
spaces, you will need to use double quotes (*"*) surrounding it. The
inner string */-f C:\lsc\etc/* is necessary for indicate the path to
lsc.xml file; ideally you wouldn't need specify it, but, at least on
Windows, if you omit that, LSC will be unable to load it, and
therefore, will fail showing an error. The last string */>>
C:\lsc\log.log/* is for redirect all console outputs to a log file;
LSC makes his own log file in %TEMP%\lsc.log, but it only lists dates
of start and stop of the program.
Other issue on Windows is that lsc.bat fails if you try to run it
after decompressing, and to get working it, you will need to edit the
following:
*-> Add final backslashes (\) in these lines:*
/
/
/SET CFG_DIR=%LSC_HOME%\etc/
/SET LIB_DIR=%LSC_HOME%\lib/
to
/SET CFG_DIR=%LSC_HOME%\etc*\*/
/SET LIB_DIR=%LSC_HOME%\lib*\*/
*-> Remove double quotes (") from this others:*
/REM Find the java.exe executable/
/:get_java/
/IF DEFINED JAVA_HOME ( SET JAVA_COMMAND=%JAVA_HOME%\bin\java.exe)
ELSE ( SET JAVA_COMMAND=)/
/IF NOT EXIST *"*%JAVA_COMMAND%*"* ( SET PATHQ=*"*%PATH%*"*/
/ GOTO findJava )/
/goto:eof/
to
/REM Find the java.exe executable/
/:get_java/
/IF DEFINED JAVA_HOME ( SET JAVA_COMMAND=%JAVA_HOME%\bin\java.exe)
ELSE ( SET JAVA_COMMAND=)/
/IF NOT EXIST %JAVA_COMMAND% ( SET PATHQ=%PATH%/
/ GOTO findJava )/
/goto:eof/
With those modifications, you will be able to run lsc.bat without
problems. To get an idea of the amount of time that this process
involves, synchronizing about 50,000 users between 2 servers on the
same network takes about 2 hours for first charge and an hour for
successive operations.
I want to give thanks to Clément Oudot for his valuable help; to those
others LSC users that asked before me; and to all LSC developer team
for this great tool.
Hello,
thanks a lot for this feedback!
Could you open an issue on our bugtracker with your remarks on lsc.bat
script so we can fix it in next release? You ust need to get an account
on http://tools.lsc-project.org/projects/show/lsc and create an issue.
--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
