Hi
I want to sync an AD to Openldap. What I did:
AD - already in palce and working
Openldap - installed
If I search with ldapsearch on both (AD and Openldap) is working well.
If I do a
lsc -f /etc/lsc -c all -s all -n
Jun 03 13:05:42 - DEBUG - Loading XML configuration from: /etc/lsc/lsc.xml
Jun 03 13:05:42 - DEBUG - going to scan these urls:
jar:file:/usr/lib/lsc/lsc-core-2.1.3.jar!/
Jun 03 13:05:42 - INFO - Reflections took 63 ms to scan 1 urls, producing 55
keys and 115 values
Jun 03 13:05:42 - DEBUG - Importing XML schema file: schemas/lsc-core-2.1.xsd
Jun 03 13:05:42 - ERROR - Unable to load configuration
(org.lsc.exception.LscConfigurationException: Configuration exception: null)
org.lsc.exception.LscConfigurationException: Configuration exception: null
at
org.lsc.configuration.JaxbXmlConfigurationHelper.getConfiguration(JaxbXmlConfigurationHelper.java:162)
~[lsc-core-2.1.3.jar:na]
at org.lsc.Configuration.setUp(Configuration.java:482)
[lsc-core-2.1.3.jar:na]
at org.lsc.Configuration.setUp(Configuration.java:456)
[lsc-core-2.1.3.jar:na]
at org.lsc.Launcher.run(Launcher.java:205) [lsc-core-2.1.3.jar:na]
at org.lsc.Launcher.launch(Launcher.java:158) [lsc-core-2.1.3.jar:na]
at org.lsc.Launcher.main(Launcher.java:141) [lsc-core-2.1.3.jar:na]
Caused by: javax.xml.bind.UnmarshalException: null
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalException(AbstractUnmarshallerImpl.java:335)
~[na:1.8.0_72]
at
com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnmarshalException(UnmarshallerImpl.java:563)
~[na:1.8.0_72]
at
com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:249)
~[na:1.8.0_72]
at
com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal(UnmarshallerImpl.java:214)
~[na:1.8.0_72]
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:157)
~[na:1.8.0_72]
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:162)
~[na:1.8.0_72]
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:171)
~[na:1.8.0_72]
at
javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshallerImpl.java:189)
~[na:1.8.0_72]
at
org.lsc.configuration.JaxbXmlConfigurationHelper.getConfiguration(JaxbXmlConfigurationHelper.java:160)
~[lsc-core-2.1.3.jar:na]
... 5 common frames omitted
Caused by: org.xml.sax.SAXParseException: The content of elements must consist
of well-formed character data or markup.
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:177)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1437)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.startOfMarkup(XMLDocumentFragmentScannerImpl.java:2637)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2735)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:606)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:118)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:848)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:777)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1213)
~[na:1.8.0_72]
at
com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:643)
~[na:1.8.0_72]
at
com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:243)
~[na:1.8.0_72]
... 11 common frames omitted
service lsc configtest
lsc: [INFO] Using /etc/default/lsc for configuration
lsc: [INFO] Launching LSC configuration test...
lsc: [ALERT] LSC configuration test failed
I try different lsc.xml
On last one I have this:
cat lsc.xml
<?xml version="1.0" ?>
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0">
<connections>
<ldapConnection>
<name>ldap-src-conn</name>
<url>ldap://xxxxxxxxxxxxxxxx:33389</url>
<username>xxxxxxxxxxxx</username>
<password>xxxxxxxxxxxx</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>-1</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
</ldapConnection>
<ldapConnection>
<name>ldap-dst-conn</name>
<url>ldap://localhost:389/dc=ccc,dc=xxx<</url>
<username>xxxxxxxxxxxxxx</username>
<password>xxxxxxxxxxxxxxxxxxxx</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>-1</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
</ldapConnection>
</connections>
<tasks>
<task>
<name>People</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>ad-source-service</name>
<connection reference="ldap-src-conn" />
<baseDn>CN=Users,DC=foo,DC=bar</baseDn>
<pivotAttributes>
<string>samAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>description</string>
<string>cn</string>
<string>sn</string>
<string>givenName</string>
<string>samAccountName</string>
<string>userPrincipalName</string>
</fetchedAttributes>
<getAllFilter>(objectClass=user)</getAllFilter>
<getOneFilter>(&(objectClass=user)(samAccountName={samAccountName}))</getOneFilter>
<cleanFilter>(&(objectClass=user)(samAccountName={uid}))</cleanFilter>
</ldapSourceService>
<ldapDestinationService>
<name>opends-dst-service</name>
<connection reference="ldap-dst-conn" />
<baseDn>ou=People,dc=lsc-project,dc=org</baseDn>
<pivotAttributes>
<string>uid</string>
</pivotAttributes>
<fetchedAttributes>
<string>description</string>
<string>cn</string>
<string>sn</string>
<string>userPassword</string>
<string>objectClass</string>
<string>uid</string>
<string>mail</string>
</fetchedAttributes>
<getAllFilter>(objectClass=inetorgperson)</getAllFilter>
<getOneFilter>(&(objectClass=inetorgperson)(uid={samAccountName}))</getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"uid=" +
srcBean.getDatasetFirstValueById("samAccountName") +
",ou=People,dc=lsc-project,dc=org"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<dataset>
<name>description</name>
<policy>FORCE</policy>
<forceValues>
<string>js:(srcBean.getDatasetFirstValueById("sn") !=
null ? srcBean.getDatasetFirstValueById("sn").toUpperCase() : null )</string>
</forceValues>
</dataset>
<dataset>
<name>userPassword</name>
<policy>KEEP</policy>
<createValues>
<string>js:"{SASL}" +
srcBean.getDatasetFirstValueById("userPrincipalName")</string>
</createValues>
</dataset>
<dataset>
<name>sn</name>
<policy>FORCE</policy>
<defaultValues>
<string>js:(srcBean.getDatasetFirstValueById("sn") !=
null ? srcBean.getDatasetFirstValueById("sn").toUpperCase() :
srcBean.getDatasetFirstValueById("cn") )</string>
</defaultValues>
</dataset>
<dataset>
<name>description</name>
<policy>FORCE</policy>
<forceValues>
<string>js:(srcBean.getDatasetFirstValueById("sn") !=
null ? srcBean.getDatasetFirstValueById("sn").toUpperCase() : null )</string>
</forceValues>
</dataset>
<dataset>
<name>uid</name>
<policy>KEEP</policy>
<createValues>
<string>js:srcBean.getDatasetFirstValueById("samAcccountName")</string>
</createValues>
</dataset>
<dataset>
<name>objectClass</name>
<policy>KEEP</policy>
<createValues>
<string>"inetOrgPerson"</string>
</createValues>
</dataset>
<dataset>
<name>userPassword</name>
<policy>KEEP</policy>
<createValues>
<string>"changethis"</string>
</createValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
</tasks>
</lsc>
Same with this:
<?xml version="1.0" ?>
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0">
<connections>
<ldapConnection>
<name>ldap-xxxxxxxxxx-live</name>
<url>ldap://xxxxxxxxx:33389</url>
<username>xxxxxxxx</username>
<password>xxxxxxxxxxxxx</password>
<authentication>SIMPLE</authentication>
<pageSize>10</pageSize>
</ldapConnection>
<ldapConnection>
<name>ldap-ddddd-tools</name>
<url>ldap://localhost:389/dc=xxxxxxxxxxxxxx</url>
<username>xxxxxxxxxxxx</username>
<password>xxxxxxxxxxx</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>-1</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
<saslMutualAuthentication>false</saslMutualAuthentication>
</ldapConnection>
</connections>
<!-- ./audits Audits list node -->
<audits>
<csvAudit>
<name>csv</name>
<append>true</append>
<operations>create, delete</operations>
<file>/var/log/lscdump.csv</file>
<datasets>cn, dn</datasets>
<separator>,</separator>
</csvAudit>
</audits>
<tasks>
<task>
<name>MySyncTask</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>MySyncTask-src</name>
<connection reference="ldap-xxxxxxxxxxx-live"/>
<baseDn>xxxxxxxxxxxxxxxxxxxx</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>givenName</string>
<string>memberOf</string>
<string>sAMAccountName</string>
</fetchedAttributes>
<getAllFilter>(&(cn=*))</getAllFilter>
<getOneFilter>(&(objectClass=organizationalPerson)(cn={cn}))</getOneFilter>
<cleanFilter>(&(objectClass=organizationalPerson))</cleanFilter>
<interval>6</interval>
</ldapSourceService>
<ldapDestinationService>
<name>MySyncTask-dst</name>
<connection reference="ldap-xxxxx-tools"/>
<baseDn>ou=xxxxxxxxxxxxxxxxx</baseDn>
<pivotAttributes>
<string>cn</string>
</pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>sn</string>
<string>objectClass</string>
<string>givenName</string>
<string>mail</string>
<string>uid</string>
</fetchedAttributes>
<getAllFilter>(&(=cn=*)</getAllFilter>
<getOneFilter>(&(objectClass=inetOrgPerson)(cn={cn}))</getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn")+
",ou=xxxxxxxxxxxxxx"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<dataset>
<name>objectClass</name>
<policy>FORCE</policy>
<forceValues>
<string>"inetOrgPerson"</string>
<string>"organizationalPerson"</string>
<string>"person"</string>
<string>"top"</string>
</forceValues>
<delimiter>,</delimiter>
</dataset>
<dataset>
<name>uid</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("sAMAccountName")</string>
</forceValues>
</dataset>
<dataset>
<name>default</name>
<policy>FORCE</policy>
</dataset>
</propertiesBasedSyncOptions>
</task>
</tasks>
</lsc>
Thank you !
Florin Cazanaru
Head of IT
[http://www.intouchgames.co.uk/images/email/email_footer.jpg]
www.mfortune.co.uk<https://www.mfortune.co.uk> |
www.pocketwin.co.uk<https://www.pocketwin.co.uk>
Fountain House, Great Cornbow, Halesowen, West Midlands B63 3BL England
Tel +44 (0) 1384 444570
mFortune is owned and operated by Intouch Games Ltd registered in England and
Wales. Registration No. 4629082
PocketWin is owned and operated by Intouch Games Ltd registered in England and
Wales. Registration No. 4629082
Disclaimer:
This email is confidential and is intended solely for the use of the individual
to whom it is addressed. If you are not the intended recipient please delete
this message and notify the sender. Further, if you are not the intended
recipient, be advised that you have received this email in error and that any
use, dissemination, forwarding, printing, or copying of this email is strictly
prohibited. No reliance should be placed on this message or, its contents
without written confirmation, from an authorized representative or registered
individual. Any views or opinions presented are solely that of the author and
do not in any way represent the views of Intouch Games Ltd.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
