Le 17/02/2016 22:17, Joel Levin a écrit :
Hi List:
We have had very good success with LSC --- I'm getting stumped on a
new use case.
Synching group membership - from Database source, to LDAP target.
The group names already exists in LDAP - however the LSC.XML below
attempts to want to create the groups as well, as populate membership
-- and will not synchronize membership if group already exists in LDAP.
I'm missing something --- any eagle-eyed tips from out there?
*Source: Database*
Group membership is in a 2 column table: UIDs of members comma separated
GROUP UID
Milan jane, mark, claudio
Baltimore mark, john
London claudio
*Target: LDAP*
Regular LDAP group structure
Listed is the group end results required:
* cn=Milan, ou=CITIES,ou=GROUPS,ou=o
o uniqueMember: uid=jane, ou=people,ou=o
o uniqueMember: uid=mark, ou=people,ou=o
o uniqueMember: uid=claudio, ou=people,ou=o
* cn=Baltimore, ou=CITIES,ou=GROUPS,ou=o
o uniqueMember: uid=mark, ou=people,ou=o
o uniqueMember: uid=john, ou=people,ou=o
* cn=London, ou=CITIES,ou=GROUPS,ou=o
o uniqueMember: uid=claudio, ou=people,ou=o
The 'CNs' for groups are already created - only uniqueMember requires
synching.
LSX.XML:
<ldapDestinationService>
<name>ldap-dst-service</name>
<baseDn>ou=CITIES,ou=GROUPS,ou=o</baseDn>
<pivotAttributes>
<string>uniqueMember</string>
</pivotAttributes>
<fetchedAttributes>
<string>uniqueMember</string>
<string>objectClass</string>
</fetchedAttributes>
<getAllFilter>(objectClass=groupOfUniqueNames)</getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=groupOfUniqueNames)(uniqueMember={uniqueMember}))]]></getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") +
",ou=CITIES,ou=GROUPS,ou=o"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>true</delete>
<changeId>true</changeId>
</conditions>
<dataset>
<name>objectClass</name>
<policy>FORCE</policy>
<delimiter>,</delimiter>
</dataset>
<name>uniqueMember</name>
<policy>FORCE</policy>
<forceValues>
<string>
<![CDATA[js:
var membersSrcDn =
srcBean.getDatasetValuesById("uid");
var membersDstDn = [];
var s = String(new java.lang.String(membersSrcDn));
var partsOfStr = [];
//convert a string split by ; to an array
partsOfStr = s.split(';');
for (var i = 0; i < partsOfStr.length; i++)
{
println("partsOfStr[i]= " +partsOfStr[i]);
var cn = srcBean.getDatasetValuesById("cn");
var destMemberDn = "uid=" + uid + ","
+"ou=people,ou=o";
membersDstDn.push(destMemberDn);
}
membersDstDn
]]>
</string>
</forceValues>
</dataset>
Hello Joel,
I see several problems:
* No value given for objectClass dataset
* You should use getDatasetFirstValueById to get UID value from source,
so you get directly a String and not an Array
* You split on ';' but seems your source delimiter is ','
* There is no cn in the source
* You concat 'uid' but it's not defined
--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
