Hi Clément, I am currently checking that out, although I broke my LDAPS connect to AD, with the following error:
[root@lcs jre]# /usr/bin/lsc -f /etc/lsc/openldap2ad -s all -c all Sep 29 16:26:10 - INFO - Logging configuration successfully loaded from /etc/lsc/openldap2ad/logback.xml Sep 29 16:26:10 - INFO - LSC configuration successfully loaded from /etc/lsc/openldap2ad/ Sep 29 16:26:10 - INFO - Connecting to LDAP server ldaps://dc01.bmartins.local/DC=bmartins,DC=local as CN=LSC,CN=Users,DC=bmartins,DC=local Sep 29 16:26:11 - ERROR - Error opening the LDAP connection to the destination! (javax.naming.CommunicationException: simple bind failed: dc01.bmartins.local:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]) Sep 29 16:26:11 - ERROR - org.lsc.exception.LscConfigurationException: Configuration exception: javax.naming.CommunicationException: simple bind failed: dc01.bmartins.local:636 [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target] It worked perfectly well previously with WS2016 DC... Cheers! -----Original Message----- From: lsc-users [mailto:[email protected]] On Behalf Of Clément OUDOT Sent: 22 de setembro de 2017 16:32 To: [email protected] Subject: Re: [lsc-users] Error checking XML patterns Le 22/09/2017 à 17:08, Bruno Miguel Martins a écrit : > Can I just keep source LDAP user's password, instead of defining a new one at > the time of syncing users to Active Directory? See https://lsc-project.org/documentation/howto/activedirectory#password_synchronization It is only possible to push password value to AD if you have in clear (or with a symmetric hash that LSC can resolve). Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
