Ok thanks I tried to edit the <defaultPolicy> with KEEP but the new AD users
are still deleted. Something else is wrong? Also can you suggest me how to have
the cleartext value to change password from OpenLdap?
Le Vendredi 16 décembre 2016 0h38, Clément OUDOT
<[email protected]> a écrit :
Le 14/12/2016 à 15:42, Hasina Stella RASOMANANDRANTO a écrit :
Hi, after we did the task for AD to OpenLdap, we added another script to
synchronise from ldap to AD and I don't know if it works or not. I explain:
After we run the command #/usr/bin/lsc -f /etc/lsc/ldapSyncAD/ -s all -c all,
there is no error and all the modifications are successfull.Certificate SSL
from AD has already been generated in java home. But when we add a user in
Active Directory, it doesn't appear in slapcat list then we run again this
command and it says the new user from the AD is deleted. Also we tested to
change the users password from OpenLdap, but nothing changes in AD, but if we
change it from the AD, it changes in OpenLdap. Here is the second script for
synchronising the OpenLdap to Active Directory
You created a connector that synchronize OpenLDAP entries into AD. So :
* If you change something in AD, it will be erased by the connector unless you
explicitely use the KEEP policy
* If you add an entry in AD, it will be deleted by the connector as it does
not exists in AD
* If you change password in OpenLDAP, you must have the cleartext value in
order to be able to sync it to AD
--
Clément OUDOT
Consultant en logiciels libres, Expert infrastructure et sécurité
Savoir-faire Linux
137 boulevard de Magenta - 75010 PARIS
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
