Hello, I use Active Directory in Windows Server 2003, now I would like to sync these database to an OpenLDAP server setup on Google Cloud [AD -> OpenLDAP], this server will use to authenticate for user to use company service (Forum, Chat, Website login ect...) (OpenLDAP like a read-only server with data pull from AD).
This is my lsc.xml source, when try *synchronization*, alway report *"ERROR - Synchronization aborted because no source object has been found"* <?xml version="1.0" ?> <!-- In the following file, comments are describing each node. Elements are referenced through XPath expression, whereas attributes are prefixed with '@' //lsc Root node of the XML configuration file @xmlns XML Schema validation is not ready yet (Reserved for futur use) @id optional, added by XML API @revision mandatory, used by the Web Administration Interface to version this file --> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <!-- ./connections Connections list node, must contain at least two connections --> <connections> <!-- ./connection Connection node, include definition of the required parameters. Depending on the connection type, properties vary. Existing class type are : ldapConnection, databaseConnnection Plugins also provides : nisConnection, jndiExecDstConnection --> <ldapConnection> <name>AD</name> <!-- ./url mandatory, the JNDI URL --> <url>ldap://ldap.domain.xyz/dc=localdomain,dc=xyz</url> <!-- ./username mandatory, the DN to bind with --> <username>[email protected]</username> <!-- ./password mandatory, credentials to bind with --> <password>ad_password</password> <!-- ./authentication mandatory, must contain either ANONYMOUS, SIMPLE, SASL, GSSAPI or DIGEST_MD5 --> <authentication>SIMPLE</authentication> <!-- ./referral mandatory, must contain either IGNORE, THROUGH, THROW or FOLLOW --> <referral>IGNORE</referral> <!-- ./derefAliases mandatory, must contain either NEVER, SEARCH, FIND, ALWAYS --> <derefAliases>NEVER</derefAliases> <!-- ./version mandatory, must contain either VERSION_2, VERSION_3 --> <version>VERSION_3</version> <!-- ./pageSize optional, specify the paged size when searching --> <pageSize>1000</pageSize> <!-- ./factory mandatory, points to LDAP Context Factory, com.sun.jndi.ldap.LdapCtxFactory for a SUN JDK --> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <!-- ./tlsActivated optional, specify if SSL/TLS is activated to connect to the LDAP server --> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>LDAP</name> <!-- ./url mandatory, the JNDI URL --> <url>ldap://127.0.0.1/dc=localdomain,dc=xyz</url> <!-- ./username mandatory, the DN to bind with --> <username>cn=admin,dc=localdomain,dc=xyz</username> <!-- ./password mandatory, credentials to bind with --> <password>ldap_password</password> <!-- ./authentication mandatory, must contain either ANONYMOUS, SIMPLE, SASL, GSSAPI or DIGEST_MD5 --> <authentication>SIMPLE</authentication> <!-- ./referral mandatory, must contain either IGNORE, THROUGH, THROW or FOLLOW --> <referral>IGNORE</referral> <!-- ./derefAliases mandatory, must contain either NEVER, SEARCH, FIND, ALWAYS --> <derefAliases>NEVER</derefAliases> <!-- ./version mandatory, must contain either VERSION_2, VERSION_3 --> <version>VERSION_3</version> <!-- ./pageSize optional, specify the paged size when searching --> <pageSize>-1</pageSize> <!-- ./factory mandatory, points to LDAP Context Factory, com.sun.jndi.ldap.LdapCtxFactory for a SUN JDK --> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <!-- ./tlsActivated optional, specify if SSL/TLS is activated to connect to the LDAP server --> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> <tasks> <task> <name>adUser</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>ad-source-service</name> <connection reference="AD" /> <baseDn>ou=ABC,dc=localdomain,dc=xyz</baseDn> <pivotAttributes> <string>sAMAccountName</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>description</string> <string>givenName</string> <string>mail</string> <string>objectclass</string> <string>pwdLastSet</string> <string>sAMAccountName</string> <string>sn</string> <!-- if request password, need use tls connection --> <!-- <string>unicodePwd</string> --> <string>userAccountControl</string> <string>userPrincipalName</string> </fetchedAttributes> <getAllFilter><![CDATA[(&(objectClass=user)(!(objectClass=computer)))]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=user)(!(objectClass=computer))(sAMAccountName={uid}))]]></getOneFilter> <cleanFilter><![CDATA[(&(objectClass=user)(!(objectClass=computer))(sAMAccountName={uid}))]]></cleanFilter> </ldapSourceService> <ldapDestinationService> <name>openldap-dst-service</name> <connection reference="LDAP" /> <baseDn>ou=ABC,dc=localdomain,dc=xyz</baseDn> <pivotAttributes> <string>uid</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>description</string> <string>givenName</string> <string>mail</string> <string>sn</string> <string>uid</string> <!-- if request password, need use tls connection --> <!-- <string>userPassword</string> --> </fetchedAttributes> <getAllFilter><![CDATA[(objectClass=inetOrgPerson)]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(uid={uid}))]]></getOneFilter> <!--<cleanFilter><![CDATA[(&(objectClass=inetOrgPerson)(uid={sAMAccountName}))]]></cleanFilter>--> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") + ",ou=ABC,dc=localdomain,dc=xyz"</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>true</changeId> </conditions> <dataset> <name>uid</name> <policy>KEEP</policy> <createValues> <string>srcBean.getDatasetFirstValueById("sAMAccountName")</string> </createValues> </dataset> </propertiesBasedSyncOptions> </task> </tasks> <!-- ./audits Audits list node --> <audits> <!--./audit Audit node, here a CSV audit, may also be a LDIF or any contributed audit type --> <csvAudit> <!-- ./name mandatory, audit name --> <name>csv</name> <!-- ./append optional, default to false, specify to create a new log file or to append to the existing one --> <append>true</append> <!-- ./operations optional, comma separated list of operations (create, delete, update or rename) --> <operations>create, delete</operations> <!-- ./file mandatory, define the location of the file where the CSV data will be written --> <file>/tmp/dump.csv</file> <!-- ./datasets optional, comma separated list of datasets modification to log --> <datasets>cn, dn</datasets> <!-- ./separator optional, default to ";", specify the values separator --> <separator>,</separator> </csvAudit> </audits> <!-- ./tasks Task list node, must contain at least one task --> <!-- ./security This mandatory node contains the security settings used by LSC --> <security> <!-- ./encryption This optional node contains the encryption settings --> <encryption> <!-- ./keyfile This optional node contains the keyfile location --> <keyfile>etc/lsc.key</keyfile> <!-- ./algorithm This optional node contains the encryption algorithm --> <algorithm>AES</algorithm> <!-- ./strength This optional node contains the algorithm key length --> <strength>128</strength> </encryption> </security> </lsc> Run command to test: /usr/bin/lsc -f /etc/lsc/ad2openldap -s all -c all -n This is log: Jan 19 10:00:30 - INFO - Logging configuration successfully loaded from /etc/lsc/ad2openldap/logback.xml Jan 19 10:00:30 - INFO - LSC configuration successfully loaded from /etc/lsc/ad2openldap/ Jan 19 10:00:30 - INFO - Connecting to LDAP server ldap:// 127.0.0.1/dc=localdomain,dc=xyz as cn=admin,dc=localdomain,dc=xyz Jan 19 10:00:30 - INFO - Connecting to LDAP server ldap:// ldap.domain.xyz/dc=localdomain,dc=xyz as [email protected] Jan 19 10:00:31 - INFO - Starting sync for adUser Jan 19 10:00:31 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:31 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:31 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:31 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:31 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:32 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - Synchronization aborted because no source object has been found ! Jan 19 10:00:33 - ERROR - All entries: 25, to modify entries: 0, successfully modified entries: 0, errors: 25 Jan 19 10:00:33 - INFO - Starting clean for adUser Jan 19 10:00:33 - ERROR - Empty or non existant destination (no IDs found) Any help would be appreciated *Best regards,* *Thang Duong Bao* Mobile: (+84) 918 753 062
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
