Dears, I have been unable to find the reasoning behind the following error when running the sync: With previous syncs, using the same servers and same objectclass I did not get this error.
Error while adding entry cn=Test Test,ou=location,ou=Employees,ou=Users,dc=ldap,dc=local in directory :javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - objectClass: value #3 invalid per syntax]; remaining name cn=Test Test,ou=location,ou=Employees,ou=Users' I am also wondering, is there a possibility to sync users who have special characters in their name? E.g.: I have a coworker with the frist name Bärbl. When trying to sync I get only a whole bunch of characters: dn:: Y249QsOkcmJsIENocmlzdCxvdT1Lcm9uYmVyZyxvdT1FbXBsb3llZXMsb3U9TVZDIFVzZXJzLGRjPXByb2plY3RsZGFwLGRjPWxvY2Fs Below you can find my config file: <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <connections> <ldapConnection> <name>AG</name> <url>ldap://1.1.1.1:389/dc=ad,dc=com</url> <username>cn=SA_CUCM,ou=ServiceAccounts,ou=Users,dc=ad,dc=com</username> <password>pa$$w0rd</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>1000</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>projectLDAP</name> <url>ldap://2.2.2.2:389/dc=ldap,dc=local</url> <username>cn=admin,dc=ldap,dc=local</username> <password>12345</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> <tasks> <task> <name>ADtoLDAP-Test</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>AD-src</name> <connection reference="AG" /> <baseDn>ou=location,ou=Employees,ou=Users,dc=ad,dc=com</baseDn> <pivotAttributes> <string>sAMAccountName</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>givenName</string> <string>description</string> <string>objectClass</string> <string>sAMAccountName</string> <string>telephoneNumber</string> <string>title</string> <string>displayName</string> <string>mail</string> </fetchedAttributes> <getAllFilter><![CDATA[(objectClass=user)]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=user)(sAMAccountName={sAMAccountName}))]]></getOneFilter> <cleanFilter><![CDATA[(&(objectClass=user)(sAMAccountName={uid}))]]></cleanFilter> </ldapSourceService> <ldapDestinationService> <name>OpenLDAP-dst</name> <connection reference="projectLDAP" /> <baseDn>ou=location,ou=Employees,ou=Users,dc=ldap,dc=local</baseDn> <pivotAttributes> <string>uid</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>mail</string> <string>givenName</string> <string>description</string> <string>uid</string> <string>telephoneNumber</string> <string>title</string> <string>displayName</string> <string>objectClass</string> <string>userPassword</string> </fetchedAttributes> <getAllFilter><![CDATA[(objectClass=inetorgperson)]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=inetorgperson)(uid={sAMAccountName}))]]></getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") + ",ou=location,ou=Employees,ou=Users,dc=ldap,dc=local"</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>false</changeId> </conditions> <dataset> <name>objectClass</name> <policy>KEEP</policy> <createValues> <string>"inetOrgPerson"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"top"</string> </createValues> </dataset> <dataset> <name>uid</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("sAMAccountName")</string> </forceValues> </dataset> <dataset> <name>cn</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("cn")</string> </forceValues> </dataset> <dataset> <name>sn</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("sn")</string> </forceValues> </dataset> <dataset> <name>givenName</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("givenName")</string> </forceValues> </dataset> <dataset> <name>description</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("description")</string> </forceValues> </dataset> <dataset> <name>telephoneNumber</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("telephoneNumber")</string> </forceValues> </dataset> <dataset> <name>title</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("title")</string> </forceValues> </dataset> <dataset> <name>displayName</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("displayName")</string> </forceValues> </dataset> <dataset> <name>mail</name> <policy>FORCE</policy> <forceValues> <string> <![CDATA[{ var email = srcBean.getDatasetFirstValueById("mail"); var emaillocal = email.substr(0, email.indexOf('@')); var domain = "@ad."; var topleveldomain = email.slice(-2); var emailsecond = emaillocal.concat(domain); var emailfinal = emailsecond.concat(topleveldomain); } emailfinal ]]> </string> </forceValues> </dataset> <dataset> <name>userPassword</name> <policy>FORCE</policy> <forceValues> <string>"{SASL}" + srcBean.getDatasetFirstValueById("sAMAccountName") + "@ad.com"</string> </forceValues> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> Kind regards, Colin Thorn
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
