On 01/02/2018 11:19, Lior Dotan wrote:
I have a task for syncing users and one for groups, I am trying to run
the filter in the group task:
I don't think that setting filters that pick up users in a sync group task is
the right approach.
If I were you, I'll have filters that pick up groups :
<getAllFilter>(&(objectClass=group))</getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=group)(cn={cn}))]]></getOneFilter>
[...]
and populate their member attributes by adapting this script
https://lsc-project.org/documentation/tutorial/synchronizegroups#member so that
it loads members using your filter, not the src member attributes, something
like this (adapt it to your context) :
<dataset>
<name>member</name>
<policy>MERGE</policy>
<forceValues>
<string>
<![CDATA[rjs:
var membersSrcDn = srcLdap.search("ou=users,ou=ad-testing,dc=ad-testing,dc=test,dc=io",
"(&(objectClass=user)(memberOf:1.2.840.113556.1.4.1941:=cn="+srcBean.getDatasetFirstValueById("cn")+",ou=ad-testing,dc=ad-testing,dc=test,dc=io)");
[...]
]]>
</string>
</forceValues>
</dataset>
--
Soisik
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
