Le 31/05/2018 à 09:32, Julien TEHERY a écrit : > Hi there,
Hello Julien, > > One question about AD provisionning from LDAP. > I successfully imported users from an ldap into a fresh new samba4-AD > server (thanks to LSC!), in order to migrate users from an old samba > 3.5 domaine to the new one. > Now the two domains live together and i intend to keep users > synchronized from the old one to the new one during the migration. > > New users created in the samba4 domain won't have to be deleted, as > they will be created only in the new one. > On the contrary, actions made on users from the old LDAP will habe to > be replicated to Samba4-AD (mainly fields update and users deletion). > > At the moment, if i re launch my sync task with th "delete" option, > new users created to the new domain (that don't exist in the old one) > will be deleted (exepted domain administrator and specific samba4 > system accounts). > > Is there a way to keep both annuary synchronized without delete new > users in the new domain? > Yes, you need to have an attribute in user entry that allows to know which entry is linked to old directory. You can for example force a field like "description" or "employeeType" with a value, and configure getAllFilter in destination to only match these entries. -- Clément Oudot | Identity Solutions Manager Worteks | https://www.worteks.com _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
