Re: [lsc-users] Cannot connect on the server, the connection is invalid

Tue, 19 Jul 2016 01:13:48 -0700 


Le 18/07/2016 à 23:54, Tomáš Lukl a écrit :

Hello,

I am trying to setup an asyncLdapSourceService with ActiveDirectory.
The service is set up as follows:

     <asyncLdapSourceService>
        <name>ldap-src-service</name>
        <connection reference="ldap-src-conn" />
        <baseDn>...</baseDn>
        <pivotAttributes>
<string>sAMAccountName</string>
        </pivotAttributes>
        <fetchedAttributes>
      <string>sAMAccountName</string>
          <string>cn</string>
          <string>sn</string>
<string>userPassword</string>
          <string>objectClass</string>
          <string>givenName</string>
      <string>distinguishedName</string>
      <string>objectGUID</string>
        </fetchedAttributes>
<getAllFilter><![CDATA[(&(objectClass=*))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=user)(sAMAccountName={sAMAccountName}))]]></getOneFilter>
<serverType>ActiveDirectory</serverType>
      </asyncLdapSourceService>



The LSC is run in server mode.

Actualy I have two problems:

- the service DOES NOT perform an initial full synchronization.
- the service throws an error while performing sync of one entry:


  Jul 18 23:13:44 - DEBUG - 
org.apache.directory.ldap.client.api.exception.InvalidConnectionException: 
Cannot connect on the server, the connection is invalid
org.apache.directory.ldap.client.api.exception.InvalidConnectionException: 
Cannot connect on the server, the connection is invalid
        at 
org.apache.directory.ldap.client.api.LdapNetworkConnection.checkSession(LdapNetworkConnection.java:271) 
~[api-all-1.0.0-M22.jar:1.0.0-M22]
        at 
org.apache.directory.ldap.client.api.LdapNetworkConnection.searchAsync(LdapNetworkConnection.java:1667) 
~[api-all-1.0.0-M22.jar:1.0.0-M22]
        at 
org.apache.directory.ldap.client.api.LdapNetworkConnection.search(LdapNetworkConnection.java:1710) 
~[api-all-1.0.0-M22.jar:1.0.0-M22]
        at 
org.apache.directory.ldap.client.api.LdapNetworkConnection.search(LdapNetworkConnection.java:1603) 
~[api-all-1.0.0-M22.jar:1.0.0-M22]
        at 
org.apache.directory.ldap.client.api.LdapNetworkConnection.search(LdapNetworkConnection.java:1613) 
~[api-all-1.0.0-M22.jar:1.0.0-M22]
        at 
org.lsc.service.SyncReplSourceService.getBean(SyncReplSourceService.java:250) 
~[lsc-core-2.1.3.jar:na]
        at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:707) 
[lsc-core-2.1.3.jar:na]
        at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
[na:1.8.0_92]
        at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
[na:1.8.0_92]

        at java.lang.Thread.run(Thread.java:745) [na:1.8.0_92]

Jul 18 23:13:44 - ERROR - Synchronization aborted because no source 
object has been found !







This is maybe the same error as http://tools.lsc-project.org/issues/597


Anyway, we commonly use ldapAsyncSourceService only with OpenLDAP or 
directories supporting the syncrepl protocol. I don't recommend to use 
it with Active Directory. You should instead run LSC in batch mode.


--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
87, rue de Turbigo - 75003 PARIS
Blog: http://sflx.ca/coudot


_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users





















					Reply via email to