Re: [lsc-users] LDAP -> Database sync in general

Thu, 03 Mar 2016 09:47:52 -0800 


Le 03/03/2016 14:49, Mišel Mešnjak a écrit :

Hi,


I have successfully managed to get initial sync from LDAP to MySQL 
database after changing tag names in the iBatis SQL mapping XML.


But now I face some other problems/quirks...

I have these requirements:
- sync needs to be one way from LDAP to MySQL DB

- sync needs to pull some data from LDAP and if some attributes are 
missing some default values need to be inserted into the database for 
corresponding fields

- if new records show up on LDAP they need to be pulled to the DB

- if some records are updated those changes need to be reflected in 
the DB rows


Environment:

- Fields/column names in the DB are different from the LDAP 
attributes. Using "fieldName AS ldapAttributeName" in the 
getInetOrgPerson like this:

                SELECT
                        'inetOrgPerson' objectClass
                        , u.login AS uid
                        , u.pw <http://u.pw> AS userPassword
                        , u.email AS primaryMail
                        , u.title AS personalTitle
                        , u.first_name AS cn
                        , u.last_name AS sn
                        , u.comments AS o
                        , u.country AS c

                        , (CASE u.valid_id WHEN 1 THEN 'TRUE' ELSE 
'FALSE' END) AS userEnabled

                FROM customer_user AS u
                WHERE u.login = #login#

- I have no control over LDAP nor DB schema since those systems are 
already in production and I just need to integrate them



The questions are:
- Is LSC able to cover all those requirements?

- Is it possible to set up one sync task that will cover all those 
scenarios or do I need to set up several?



I tried playing with policy values in the 
<propertiesBasedSyncOptions><defaultPolicy> but I only managed to get 
initial sync to create(insert) rows into DB (using FORCE or MERGE 
policy). When there are already rows in the DB that correspond to the 
LDAP records lsc tries to insert rows although in log there is a 
mention of update


http://pastebin.com/MBrJdH7b



Hi,


you should be able to do all that you need in a single task. The problem 
may be with the pivotAttribute, which is used by LSC to know if the 
entry already exists in destination. If LSC tries to add existing 
entries, it means it did not find them. So try to search on this side.



If you need more help, you will have to send your complete configuration 
(lsc.xml and iBatis files).


--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux


_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users





















					Reply via email to