Le 26/07/2016 à 10:07, Massimo Ciancio a écrit :
I'm using LSC 2.1 to synchronize with OpenLdap Activer directory and
everything works perfectly.
When OpenLDAP users are eliminated the cleaning step removes the users
in Active Directory.
Instead of deleting the user would like to turn them off in the active
directory during cleaning.
I tried to change the condition:
<conditions>
<create>true</create>
<update>true</update>
<delete><![CDATA[dstBean.getDatasetFirstValueById("sAMAccountName")
> AD.userAccountControlSet([AD.UAC_SET_ACCOUNTDISABLE])]]></delete>
<changeId>true</changeId>
</conditions>
but don't working...
The pivot in my ldapDestinationService is sAMAccountName, the CN is
correct.
This is the log:
Jul 26 09:52:03 - INFO - Starting clean for Sync_Users
Jul 26 09:52:32 - ERROR - Could not retrieve the object
CN=testcf00a00a000a,OU=Peoples,DC=TEST,DC=local from the directory!
Jul 26 09:52:33 - ERROR - All entries: 10885, to modify entries: 0,
successfully modified entries: 0, errors: 1
Where am I doing wrong?
The only way to do it is to use the executable plugin:
http://lsc-project.org/wiki/documentation/plugins/executable
This will allow you to run a specific command instead of deleting the entry.
--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
87, rue de Turbigo - 75003 PARIS
Blog: http://sflx.ca/coudot
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
