Hello everybody, Im a newbie with lsc so please be patient with me J
I try to sync user identities from one active directory to another and would like to change the fqdn of the domain. But I had a rough start with lsc. First I try to run it on a Windows Server 2016, but Java 8,9,10 doesnt work with lsc or the other way So I made a little virtual machine with Debian 8 and installed lsc, thanks to Installation guide. Know Im try to configure the lsc.xml. But I have some problems with it. First at all is it possible to use lsc for two Active Directories? I configured this connections: <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0"> <connections> <ldapConnection> <name>ldap-source-conn-cake</name> <url>ldap://cake-dc01:389/dc=cake,dc=lemon,dc=it</url> <username>CN=lookup,CN=Users,DC=cake,DC=lemon,DC=it</username> <password>passwd</password> <authentication>SIMPLE</authentication> <pageSize>1000</pageSize> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> <ldapConnection> <name>ldap-destination-conn-edu</name> <url>ldap://cake-edu:389/dc=edu,dc=cake,dc=lemon,dc=it</url> <username>CN=lookup,CN=Users,DC=edu,DC=cake,DC=lemon,DC=it</username> <password> passwd </password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> </ldapConnection> </connections> Here are my tasks <tasks> <name>People</name> <bean>org.lsc.beans.SimpleBean</bean> <name>adUser</name> <ldapSourceService> <name>ad-source-service</name> <connection reference="ldap-source-conn-cake" /> <baseDn>CN=Tree,DC=edu,DC=cake,DC=lemon,DC=it</baseDn> <pivotAttributes> <string>samAccountName</string> </pivotAttributes> <fetchedAttributes> <string>description</string> <string>cn</string> <string>sn</string> <string>givenName</string> <string>samAccountName</string> <string>userPrincipalName</string> </fetchedAttributes> <getAllFilter>(objectClass=user)</getAllFilter> <getOneFilter>(&(objectClass=user)(samAccountName={samAccountName}))</ge tOneFilter> <cleanFilter>(&(objectClass=user)(samAccountName={uid}))</cleanFilter> </ldapSourceService> <ldapDestinationService> <name>opends-dst-service</name> <connection reference="ldap-destination-conn-edu" /> <baseDn>CN=Tree,DC=edu,DC=cake,DC=lemon,DC=it</baseDn> <pivotAttributes> <string>sAMAccountName</string> </pivotAttributes> <fetchedAttributes> <string>description</string> <string>cn</string> <string>sn</string> <string>userPassword</string> <string>objectClass</string> <string>mail</string> </fetchedAttributes> <getAllFilter><![CDATA[(objectClass=user)]]></getAllFilter> <getOneFilter><![CDATA[(&(objectClass=user)(sAMAccountName={uid}))]]></getOn eFilter> </ldapDestinationService> <task> <propertiesBasedSyncOptions> <mainIdentifier>task01</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <conditions> <create>true</create> <update>true</update> <delete>true</delete> <changeId>true</changeId> </conditions> <dataset> <name>objectclass</name> <policy>KEEP</policy> <createValues> <string>"user"</string> <string>"objectClass"</string> <string>"person"</string> <string>"top"</string> </createValues> </dataset <dataset> <name>sAMAccountName</name> <policy>KEEP</policy> <createValues> <string>srcBean.getDatasetFirstValueById("userPrincipalName")</string> </createValues> </dataset> <dataset> <!-- userPrincipalName = sAMAccountName + "@edu.cake.lemon.it" --> <name>userPrincipalName</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("userPrincipalName") + "@edu.cake.lemon.it"</string> </forceValues> </dataset> <dataset> <name>userAccountControl</name> <policy>KEEP</policy> <createValues> <string>AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT])</string> </createValues> </dataset> <dataset> <!-- pwdLastSet = 0 to force user to change password on next connection --> <name>pwdLastSet</name> <policy>KEEP</policy> <createValues> <string>"0"</string> </createValues> </dataset> <dataset> <!-- unicodePwd = "changeit" at creation (requires SSL connection to AD) --> <name>unicodePwd</name> <policy>KEEP</policy> <createValues> <string>AD.getUnicodePwd("changeit")</string> </createValues> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> The lsc.xml is stored in /etc/lsc/ad2ad/ when I call it with lsc /etc/lsc/ad2ad/lsc.xml c all n I receive a lot of errors: Mrz 22 12:42:10 - ERROR - Unable to load configuration (org.lsc.exception.LscConfigurationException: Configuration exception: null) org.lsc.exception.LscConfigurationException: Configuration exception: null at org.lsc.configuration.JaxbXmlConfigurationHelper.getConfiguration(JaxbXmlCon figurationHelper.java:162) ~[lsc-core-2.1.4.jar:na] at org.lsc.Configuration.setUp(Configuration.java:482) [lsc-core-2.1.4.jar:na] at org.lsc.Configuration.setUp(Configuration.java:456) [lsc-core-2.1.4.jar:na] at org.lsc.Launcher.run(Launcher.java:205) [lsc-core-2.1.4.jar:na] at org.lsc.Launcher.launch(Launcher.java:158) [lsc-core-2.1.4.jar:na] at org.lsc.Launcher.main(Launcher.java:141) [lsc-core-2.1.4.jar:na] Caused by: javax.xml.bind.UnmarshalException: null at javax.xml.bind.helpers.AbstractUnmarshallerImpl.createUnmarshalException(Abs tractUnmarshallerImpl.java:335) ~[na:1.7.0_151] at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.createUnm arshalException(UnmarshallerImpl.java:512) ~[na:1.7.0_151] at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal 0(UnmarshallerImpl.java:209) ~[na:1.7.0_151] at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal (UnmarshallerImpl.java:175) ~[na:1.7.0_151] at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshall erImpl.java:157) ~[na:1.7.0_151] at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshall erImpl.java:162) ~[na:1.7.0_151] at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshall erImpl.java:171) ~[na:1.7.0_151] at javax.xml.bind.helpers.AbstractUnmarshallerImpl.unmarshal(AbstractUnmarshall erImpl.java:189) ~[na:1.7.0_151] at org.lsc.configuration.JaxbXmlConfigurationHelper.getConfiguration(JaxbXmlCon figurationHelper.java:160) ~[lsc-core-2.1.4.jar:na] ... 5 common frames omitted Caused by: org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Ungültiger Content wurde beginnend mit Element "referral" gefunden. "{"http://lsc-project.org/XSD/lsc-core-2.1.xsd":factory, "http://lsc-project.org/XSD/lsc-core-2.1.xsd":tlsActivated, "http://lsc-project.org/XSD/lsc-core-2.1.xsd":saslMutualAuthentication, "http://lsc-project.org/XSD/lsc-core-2.1.xsd":sortedBy, "http://lsc-project.org/XSD/lsc-core-2.1.xsd":binaryAttributes, "http://lsc-project.org/XSD/lsc-core-2.1.xsd":recursiveDelete, "http://lsc-project.org/XSD/lsc-core-2.1.xsd":saslQop}"; wird erwartet. at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseEx ception(ErrorHandlerWrapper.java:198) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.error(ErrorHandl erWrapper.java:134) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErro rReporter.java:396) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErro rReporter.java:327) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErro rReporter.java:284) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator$XSIErrorReport er.reportError(XMLSchemaValidator.java:452) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.reportSchemaEr ror(XMLSchemaValidator.java:3230) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.handleStartEle ment(XMLSchemaValidator.java:1790) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.xs.XMLSchemaValidator.startElement(X MLSchemaValidator.java:740) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.jaxp.validation.ValidatorHandlerImpl.star tElement(ValidatorHandlerImpl.java:570) ~[na:1.7.0_151] at com.sun.xml.internal.bind.v2.runtime.unmarshaller.ValidatingUnmarshaller.sta rtElement(ValidatingUnmarshaller.java:86) ~[na:1.7.0_151] at com.sun.xml.internal.bind.v2.runtime.unmarshaller.SAXConnector.startElement( SAXConnector.java:125) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.startElement(Ab stractSAXParser.java:509) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartEl ement(XMLNSDocumentScannerImpl.java:380) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$Fragm entContentDriver.next(XMLDocumentFragmentScannerImpl.java:2781) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocum entScannerImpl.java:606) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSD ocumentScannerImpl.java:118) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanD ocument(XMLDocumentFragmentScannerImpl.java:504) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Con figuration.java:848) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Con figuration.java:777) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:14 1) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractS AXParser.java:1213) ~[na:1.7.0_151] at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SA XParserImpl.java:642) ~[na:1.7.0_151] at com.sun.xml.internal.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal 0(UnmarshallerImpl.java:203) ~[na:1.7.0_151] ... 11 common frames omitted Can you give me a hand where I should look? Thank you very much Michael Pilling -- Michael Pilling Kunsthistorisches Institut in Florenz Max-Planck-Institut Via Giuseppe Giusti 44 50121 Firenze ITALIA
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
