You are correct of course but I did try with (objectClass=*) at first and I got the same error, which is why I tried to change the filter. In the past using async and (objectClass=*) worked okay. On Mon, Jun 11, 2018 at 4:58 PM Clément OUDOT <[email protected]> wrote: > > > > Le 11/06/2018 à 15:22, Lior Dotan a écrit : > > Hi All, > > > > I'm trying to sync from AD but getting the error below. With tcpdump I > > saw that AD is returning data so I'm not sure what's the issue. I also > > ran ldapsearch with the same filter and got the right results. I > > started with ObjectClass=* but that didn't work as well. > > > > Jun 11 15:46:14 - INFO - Starting sync for SyncUserTask > > Jun 11 15:46:14 - ERROR - Error getting list of IDs in the source for > > task SyncUserTask > > Jun 11 15:46:14 - DEBUG - org.lsc.exception.LscServiceException: Error > > while performing search. Results may be > > incomplete.org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException > > org.lsc.exception.LscServiceException: Error while performing search. > > Results may be > > incomplete.org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException > > at > > org.lsc.service.SyncReplSourceService.convertSearchEntries(SyncReplSourceService.java:431) > > ~[lsc-core-2.1.4.jar:na] > > at > > org.lsc.service.SyncReplSourceService.getListPivots(SyncReplSourceService.java:197) > > ~[lsc-core-2.1.4.jar:na] > > at > > org.lsc.AbstractSynchronize.synchronize2Ldap(AbstractSynchronize.java:303) > > ~[lsc-core-2.1.4.jar:na] > > at org.lsc.SimpleSynchronize.launchTask(SimpleSynchronize.java:232) > > [lsc-core-2.1.4.jar:na] > > at org.lsc.SimpleSynchronize.launch(SimpleSynchronize.java:166) > > [lsc-core-2.1.4.jar:na] > > at org.lsc.Launcher.run(Launcher.java:223) [lsc-core-2.1.4.jar:na] > > at org.lsc.Launcher.launch(Launcher.java:158) > > [lsc-core-2.1.4.jar:na] > > at org.lsc.Launcher.main(Launcher.java:141) [lsc-core-2.1.4.jar:na] > > Caused by: > > org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException: > > null > > at > > org.apache.directory.ldap.client.api.EntryCursorImpl.get(EntryCursorImpl.java:164) > > ~[api-all-1.0.0-M22.jar:1.0.0-M22] > > at > > org.apache.directory.ldap.client.api.EntryCursorImpl.get(EntryCursorImpl.java:50) > > ~[api-all-1.0.0-M22.jar:1.0.0-M22] > > at > > org.lsc.service.SyncReplSourceService.convertSearchEntries(SyncReplSourceService.java:426) > > ~[lsc-core-2.1.4.jar:na] > > ... 7 common frames omitted > > > > > > <?xml version="1.0" ?> > > <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; > > xmlns:exec="http://lsc-project.org/XSD/lsc-executable-plugin-1.0.xsd"; > > revision="0"> > > > > <connections> > > <ldapConnection> > > <name>ldap-src-conn</name> > > <url>ldap://ad.test.local:389/dc=test,dc=local</url> > > <username>CN=ad sync.,OU=Service > > Accounts,OU=Test,DC=TEST,DC=LOCAL</username> > > <password>XXXXXXX</password> > > <authentication>SIMPLE</authentication> > > <referral>IGNORE</referral> > > <derefAliases>NEVER</derefAliases> > > <version>VERSION_3</version> > > <pageSize>1000</pageSize> > > <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> > > <tlsActivated>false</tlsActivated> > > </ldapConnection> > > <pluginConnection> > > <name>executable</name> > > <url>fake</url> > > <username>fake</username> > > <password>fake</password> > > </pluginConnection> > > </connections> > > <tasks> > > <task> > > <name>SyncUserTask</name> > > <bean>org.lsc.beans.SimpleBean</bean> > > <asyncLdapSourceService> > > <name>SyncUserTask-src</name> > > <connection reference="ldap-src-conn" /> > > <baseDn>dc=test,dc=local</baseDn> > > <pivotAttributes> > > <string>mail</string> > > </pivotAttributes> > > <fetchedAttributes> > > <string>description</string> > > <string>objectClass</string> > > <string>givenName</string> > > <string>sn</string> > > <string>cn</string> > > <string>mobile</string> > > <string>mail</string> > > </fetchedAttributes> > > > > <getAllFilter>(&(objectClass=user)(objectCategory=person))</getAllFilter> > > <getOneFilter>(mail={mail})</getOneFilter> > > <cleanFilter>(mail={mail})</cleanFilter> > > <serverType>ActiveDirectory</serverType> > > </asyncLdapSourceService> > > . > > . > > > > Hello, > > AD does not support async LDAP source service, unless the filter is > (objectClass=*), which is quite useless > > Configure your connector with a standard ldapSourceService and use cron > to run the job. > > -- > Clément Oudot | Identity Solutions Manager > > [email protected] > > Worteks | https://www.worteks.com > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
