Thanks That worked ok
Saved my day! Regards Carl Wilson MMS Support Thales UK Poseidon House, Ashurst Drive, Cheadle Heath, Stockport, SK3 0XB - UK www.thalesgroup.com/uk Tel: +44 (0)161 741 3840 [email protected]<mailto:[email protected]> Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)161 491 4001 and delete it and all copies from your system. Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273 From: Jon C Kidder [mailto:[email protected]] Sent: 31 May 2016 16:11 To: WILSON Carl; [email protected] Subject: RE: AD->OpenLDAP sync; clean all except identified users It's not working because you're doing it in the wrong place. You would do this in the getAllFilter of the destination service. Use a search filter that would exclude the records you don't want deleted. -Jon C. Kidder American Electric Power Middleware Services Email: [email protected]<mailto:[email protected]> Phone: 614-716-4970 From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of WILSON Carl Sent: Tuesday, May 31, 2016 11:04 AM To: [email protected]<mailto:[email protected]> Subject: [lsc-users] AD->OpenLDAP sync; clean all except identified users This is an EXTERNAL email. STOP. THINK before you CLICK links or OPEN attachments. ________________________________ I have LSC 2.1.3 working ok syncing users from AD to OpenLDAP (I don't need bi-directional sync) The setup has been working ok deleting users in OpenLDAP who are not in AD, but I now find that I need to allow some special identified users in OpenLDAP who are not in AD. OK, the simple answer would be to get them added to AD, but this has some local issues. I need to add some special users to OpenLDAP who will not be deleted on the 'clean' operation. I've tried messing with some javascript in the cleanFilter and the delete conditions, but without success - other than to stop all deletions. Any ideas how LSC can be used to selectively not delete users in the destination? My current cleanFilter on the source is: <cleanFilter><![CDATA[&ObjectClass=user)(cn={cn}))]]</cleanFilter> Destination (OpenLDAP) has no cleanFilter I want something like var delete = true; if (cn.startsWith("sys")) { delete = false; } delete Thanks Carl Wilson MMS Support Thales UK Poseidon House, Ashurst Drive, Cheadle Heath, Stockport, SK3 0XB - UK www.thalesgroup.com/uk<http://www.thalesgroup.com/uk> Tel: +44 (0)161 741 3840 [email protected]<mailto:[email protected]> Please consider the environment before printing a hard copy of this e-mail. The information contained in this e-mail is confidential. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform us immediately on +44 (0)161 491 4001 and delete it and all copies from your system. Thales UK Limited. A company registered in England and Wales. Registered Office: 2 Dashwood Lang Road, The Bourne Business Park, Addlestone, Weybridge, Surrey KT15 2NX. Registered Number: 868273
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
