Hi, In our infra, we use lsc as a service to synchronize automaticaly ( lsc -a all or lsc -s all )
We don't want to run the clean mode automatically to avoid issue. When we run the clean mode with --dryrun (or with --nodelete or withj --no... ) , we can't see what will be the change in the destination : i can only see how many change will be done : lsc -f /admin/lsc/etc -t 1 --clean Sudoers_To_XXXX --dryrun nov. 03 10:43:49 - INFO - Starting clean for Sudoers_To_XXXX nov. 03 10:43:50 - INFO - All entries: 51, to modify entries: 13, successfully modified entries: 0, errors: 0 My workarround (but i dislike the solution) it's to change the username of the ldap destination with a readonly account It show me exactly what i want (but with error ) : nov. 03 11:41:34 - ERROR - Error while deleting entry ou=People_XXXX,dc=XXXX,dc=XXXX,dc=com in directory :javax.naming.NoPermissionException: [LDAP: error code 50 - no write access to parent]; remaining name 'ou=People_XXXX' nov. 03 11:41:34 - ERROR - Error while synchronizing ID ou=People_XXXX,dc=XXXX,dc=XXXX,dc=com: java.lang.Exception: Technical problem while applying modifications to destination service # Thu Nov 03 11:41:34 CET 2016 dn: ou=People_XXXX,dc=XXXX,dc=XXXXo,dc=com changetype: delete nov. 03 11:41:34 - ERROR - All entries: 19, to modify entries: 1, successfully modified entries: 0, errors: 1 Another solution exist ? or it's a new feature request ? Regards _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
