2017-10-29 19:42 GMT+01:00 Nikos Voutsinas <[email protected]>: > Hello, > > I am stuck with a rather common scenario of syncing a 'userPassword' from a > Directory Server to a Database. The problem is that the value of the source > LDAP attribute ends up in the corresponding column of the destination DB as > configured, but with a different value. > > e.g the userPassword value: > {SHA}5en6G6MezRroT3XKqkdPOmY/BfQ= > ends up in the DB column as: > 7B5348417D35656E3647364D657A52726F5433584B716B64504F6D592F4266513D > > To make long story short, the same deployment does work when LSC is > reconfigured to use another source attribute loaded with the same values > coming from userPassword (e.g. {SSHA}xxxxxxxxxx), as long as that attribute > does not have an octet string syntax. > > Thus, my understanding is that there is nothing wrong with the LSC or the > iBatis configs or even the destination database but It should be the octet > string syntax of userPassword, that triggers somewhere in the process of LSC > the transformation of the original value. > > The trials were run using the LSC v2.1.3. > > Has anyone any idea, where or what to look for?
Hello Nikos, you should try to define userPassword as binary attribute, in LDAP connection: https://lsc-project.org/documentation/latest/configuration/connections/ldap <binaryAttributes><string>userPassword</string></binaryAttributes> Clément. _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
