Hi Clement, Thanks for your email!
We are able to write the OU´s in Open LDAP, the problem is to keep the original structure of the Active Directory Organizational Units with the rigth users inside them OU. Just to mention that we also have OU´s inside OU´s. Can you please advice? Com os melhores cumprimentos, Pedro Bagulho *INTEGRITY Portugal* Av. João Crisóstomo, 30 5º 1050-127 | Lisboa* -* Portugal Tel. +351 21 33 03 740 . Mob (+351) 93 529 99 97 www.integrity.pt – www.keepitsecure24.com *INTEGRITY United Kingdom* Suite 4B | 43 Berkeley Square Mayfair, Westminster | London W1J 5FJ - UK 2016-06-06 11:36 GMT+01:00 <[email protected]>: > Send lsc-users mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.lsc-project.org/listinfo/lsc-users > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of lsc-users digest..." > > > Today's Topics: > > 1. Re: LSC - Users in the rigth Organizational Units (Cl?ment OUDOT) > 2. update and delete (Cazanaru, Florin) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 6 Jun 2016 12:11:03 +0200 > From: Cl?ment OUDOT <[email protected]> > Subject: Re: [lsc-users] LSC - Users in the rigth Organizational Units > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset="windows-1252"; Format="flowed" > > > > Le 06/06/2016 10:44, Pedro Bagulho a ?crit : > > Hi, > > Hello Pedro, > > > > > We have installed OpenLDAP and LSC with the goal to sync Active > > Directory into OpenLDAP. > > > > We can sync users from AD, OU?s and Groups to OpenLDAP. > > > > But we are having an issue copying the users to the right > > OrganizationalUnit. > > > > How can we ensure that users fill the right OU? > > > > > You can choose the right OU in destination by setting it in > <mainIdentifier>: as this will set the DN, this will create the entry in > the branch you want. > > On the other side, I often choose to create a flat users branch in > OpenLDAP because there is no real advantage of using OU to manage users. > You can use a specific organizations branch to manage OU. > > -- > Cl?ment OUDOT > Consultant en logiciels libres, Expert infrastructure et s?curit? > Savoir-faire Linux > 87, rue de Turbigo - 75003 PARIS > Blog: http://sflx.ca/coudot > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.lsc-project.org/pipermail/lsc-users/attachments/20160606/3ee5e1a7/attachment-0001.htm > > > > ------------------------------ > > Message: 2 > Date: Mon, 6 Jun 2016 10:35:54 +0000 > From: "Cazanaru, Florin" <[email protected]> > Subject: [lsc-users] update and delete > To: "[email protected]" > <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset="us-ascii" > > Hi all, > > I install an lsc and I want to sync with an openldap > > Config file is ok, my problem is on update > > If I do a "service lsc start" I see in openldap what I have in AD (2 users) > > What I do not know is lsc will update openldap if I modify something in > AD. I try "service lsc restart" I wait more than 6 seconds and is not > updating. > > lsc.xml > > --------------------------------- > <propertiesBasedSyncOptions> > <mainIdentifier><![CDATA["cn=" + > srcBean.getDatasetFirstValueById("cn") + > ",ou=test,ou=Users,dc=Games,dc=com"]]></mainIdentifier> > <defaultDelimiter>;</defaultDelimiter> > <defaultPolicy>FORCE</defaultPolicy> > > > <conditions> > > <create>true</create> > <update>true</update> > <delete>true</delete> > <changeId>true</changeId> > </conditions> > > > <dataset> > <name>objectClass</name> > <policy>FORCE</policy> > <forceValues> > <string>"inetOrgPerson"</string> > <string>"organizationalPerson"</string> > <string>"person"</string> > <string>"top"</string> > </forceValues> > <delimiter>,</delimiter> > > </dataset> > > > <dataset> > <name>sAMAccountName</name> > <policy>FORCE</policy> > <forceValues> > > <string>srcBean.getDatasetFirstValueById("uid")</string> > </forceValues> > </dataset> > > > <dataset> > <name>uid</name> > <policy>FORCE</policy> > <forceValues> > > <string>srcBean.getDatasetFirstValueById("cn")</string> > </forceValues> > </dataset> > > <dataset> > <name>sn</name> > <policy>FORCE</policy> > <forceValues> > > <string>srcBean.getDatasetFirstValueById("cn")</string> > </forceValues> > </dataset> > > <dataset> > <name>default</name> > <policy>FORCE</policy> > </dataset> > > > </propertiesBasedSyncOptions> > ------------------------------------ > > On "/usr/bin/lsc -a all" I have > > Jun 06 11:08:40 - ERROR - Error while adding entry > cn=test111,ou=test,ou=Users,dc=Games,dc=com in directory > :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Entry > Already Exists]; remaining name 'cn=test111,ou=test' > Jun 06 11:08:40 - ERROR - Error while adding entry > cn=test222,ou=test,ou=Users,dc=Games,dc=com in directory > :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Entry > Already Exists]; remaining name 'cn=test222,ou=test' > Jun 06 11:08:40 - ERROR - Error while synchronizing ID > cn=test111,ou=test,ou=Users,dc=Games,dc=com: java.lang.Exception: Technical > problem while applying modifications to the destination > Jun 06 11:08:40 - ERROR - Error while synchronizing ID > cn=test222,ou=test,ou=Users,dc=ITGames,dc=com: java.lang.Exception: > Technical problem while applying modifications to the destination > Jun 06 11:08:40 - DEBUG - java.lang.Exception: Technical problem while > applying modifications to the destination > java.lang.Exception: Technical problem while applying modifications to the > destination > at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:801) > [lsc-core-2.1.3.jar:na] > at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:707) > [lsc-core-2.1.3.jar:na] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > [na:1.8.0_72] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > [na:1.8.0_72] > at java.lang.Thread.run(Thread.java:745) [na:1.8.0_72] > Jun 06 11:08:40 - DEBUG - java.lang.Exception: Technical problem while > applying modifications to the destination > java.lang.Exception: Technical problem while applying modifications to the > destination > at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:801) > [lsc-core-2.1.3.jar:na] > at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:707) > [lsc-core-2.1.3.jar:na] > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > [na:1.8.0_72] > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > [na:1.8.0_72] > at java.lang.Thread.run(Thread.java:745) [na:1.8.0_72] > > Jun 06 11:08:45 - DEBUG - Using pagedResults control for 1000 entries at a > time > Jun 06 11:08:51 - DEBUG - Using pagedResults control for 1000 entries at a > time > Jun 06 11:08:57 - DEBUG - Using pagedResults control for 1000 entries at a > time > Jun 06 11:09:03 - DEBUG - Using pagedResults control for 1000 entries at a > time > > > Thank you ! > > > Florin Cazanaru > Head of IT > > [http://www.intouchgames.co.uk/images/email/email_footer.jpg] > www.mfortune.co.uk<https://www.mfortune.co.uk> | www.pocketwin.co.uk< > https://www.pocketwin.co.uk> > Fountain House, Great Cornbow, Halesowen, West Midlands B63 3BL England > Tel +44 (0) 1384 444570 > mFortune is owned and operated by Intouch Games Ltd registered in England > and Wales. Registration No. 4629082 > PocketWin is owned and operated by Intouch Games Ltd registered in England > and Wales. Registration No. 4629082 > Disclaimer: > This email is confidential and is intended solely for the use of the > individual to whom it is addressed. If you are not the intended recipient > please delete this message and notify the sender. Further, if you are not > the intended recipient, be advised that you have received this email in > error and that any use, dissemination, forwarding, printing, or copying of > this email is strictly prohibited. No reliance should be placed on this > message or, its contents without written confirmation, from an authorized > representative or registered individual. Any views or opinions presented > are solely that of the author and do not in any way represent the views of > Intouch Games Ltd. > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://lists.lsc-project.org/pipermail/lsc-users/attachments/20160606/3e60ce0b/attachment.htm > > > > ------------------------------ > > _______________________________________________ > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users > > End of lsc-users Digest, Vol 77, Issue 5 > **************************************** >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
