sure Clément .. as follow:
<?xml version="1.0" ?>
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd"; revision="0">
<connections>
<ldapConnection>
<name>ldap-src-conn</name>
<url>ldap://192.168.0.224:389/dc=AD,dc=COM</url>
<username>cn=389sync,cn=users,dc=AD,dc=COM</username>
<password>SECRET</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>1000</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
</ldapConnection>
<ldapConnection>
<name>ldap-dst-conn</name>
<url>ldap://localhost:389/dc=ldapinternal,dc=com</url>
<username>uid=ldapsync,dc=ldapinternal=com</username>
<password>Secret2</password>
<authentication>SIMPLE</authentication>
<referral>IGNORE</referral>
<derefAliases>NEVER</derefAliases>
<version>VERSION_3</version>
<pageSize>1000</pageSize>
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
<tlsActivated>false</tlsActivated>
</ldapConnection>
</connections>
<audits>
<csvAudit>
<name>csv</name>
<append>true</append>
<operations>create, delete</operations>
<file>/tmp/dump.csv</file>
<datasets>cn, dn</datasets>
<separator>,</separator>
</csvAudit>
</audits>
<tasks>
<task>
<name>AD2389dsSync</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>opends-src-service</name>
<connection reference="ldap-src-conn" />
<baseDn>cn=Users,dc=AD,dc=COM</baseDn>
<pivotAttributes>
<string>sAMAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>description</string>
<string>cn</string>
<string>sn</string>
<string>givenName</string>
<string>samAccountName</string>
<string>userPrincipalName</string>
<string>employeeType</string>
<string>employeeNumber</string>
<string>userAccountControl</string>
</fetchedAttributes>
<getAllFilter>(objectClass=user)</getAllFilter>
<getOneFilter>(&(!(objectClass=computer))(objectClass=user)(samAccountName={samAccountName}))</getOneFilter>
<cleanFilter>(&(objectClass=user)(samAccountName={uid}))</cleanFilter>
</ldapSourceService>
<ldapDestinationService>
<name>opends-dst-service</name>
<connection reference="ldap-dst-conn" />
<baseDn>ou=People,dc=ldapinternal,dc=com</baseDn>
<pivotAttributes>
<string>uid</string>
</pivotAttributes>
<fetchedAttributes>
<string>sn</string>
<string>cn</string>
<string>objectClass</string>
<string>mail</string> -->
<string>employeetype</string>
<string>employeenumber</string>
<string>ntUserDomainId</string>
<string>ntUserFlags</string>
</fetchedAttributes>
<getAllFilter>(objectClass=inetorgperson)</getAllFilter>
<getOneFilter>(&(objectClass=inetorgperson)(uid={samAccountName}))</getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"uid=" +
srcBean.getDatasetFirstValueById("samAccountName") +
",ou=People,dc=ldapinternal,dc=com"</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>false</delete>
<changeId>true</changeId>
</conditions>
<dataset>
<name>objectclass</name>
<policy>KEEP</policy>
<createValues>
<string>"top"</string>
<string>"person"</string>
<string>"organizationalPerson"</string>
<string>"inetorgperson"</string>
<string>"ntuser"</string>
</createValues>
</dataset>
<dataset>
<name>ntUserFlags</name>
<policy>FORCE</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("userAccountControl")</string>
</createValues>
</dataset>
<dataset>
<name>ntUserDomainId</name>
<policy>FORCE</policy>
<createValues>
<string>js:(srcBean.getDatasetFirstValueById("samAccountName"))</string>
</createValues>
</dataset>
<dataset>
<name>employeetype</name>
<policy>FORCE</policy>
<createValues>
<string>js:(srcBean.getDatasetFirstValueById("employeetype") !=
null)</string>
</createValues>
</dataset>
<dataset>
<name>sn</name>
<policy>FORCE</policy>
<createValues>
<string>js:(srcBean.getDatasetFirstValueById("sn") !=
null ? srcBean.getDatasetFirstValueById("sn") :
srcBean.getDatasetFirstValueById("uid") )</string>
</createValues>
</dataset>
<dataset>
<name>uid</name>
<policy>FORCE</policy>
<createValues>
<string>js:srcBean.getDatasetFirstValueById("samAcccountName")</string>
</createValues>
</dataset>
<dataset>
<name>employeenumber</name>
<policy>FORCE</policy>
<createValues>
<string>js:srcBean.getDatasetFirstValueById("employeeNumber")</string>
</createValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
</tasks>
<security>
<encryption>
<keyfile>etc/lsc.key</keyfile>
<algorithm>AES</algorithm>
<strength>128</strength>
</encryption>
</security>
<lsc>
Em sex, 15 de jun de 2018 às 04:37, Clément OUDOT <[email protected]>
escreveu:
>
>
> Le 14/06/2018 à 21:17, Paulo Sergio a écrit :
> > Hi Clément,
> >
> > I did a few tests and I have no idea why this is happening. I change
> > the userAccountControl from AD side (souce) and I get none when
> > running lsc. As I show below.
>
> Can you show the lsc.xml file, and what you configured in ntUserFlags
> dataset?
>
>
> --
> Clément Oudot | Identity Solutions Manager
>
> [email protected]
>
> Worteks | https://www.worteks.com
>
> _______________________________________________________________
> Ldap Synchronization Connector (LSC) - http://lsc-project.org
>
> lsc-users mailing list
> [email protected]
> https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
