Le 06/09/2018 à 15:56, Matjaz Premerl a écrit : > Hi, > > Thanks for such quick example. For now I'm not so familiar with term > "mainIdentifier". I've read the documentation, this is something which > is directly related with the selection of pivot attribute?
The mainIdentifier is equal to the Distinguished Name when destination is LDAP. It is not related to the pivotAttribute. > I mean in the mainIdentifier section, the name of pivot attribute > should be defined normally? Also you're showing "ldap" in the calling > the sample script. ldap is some already existing "object" which can be > used against the LDAP target settings? > Or is just your example, and we also should develop own "ldap" object > with some anothe java script? ldap is an object provided by LSC, see https://lsc-project.org/javadoc/2.1-SNAPSHOT/org/lsc/jndi/ScriptableJndiServices.html > Anyway, I don't how this will react if e.g. we manually move on AD > user object in the AD management tool and DN is changed? > Is this something that we should be careful in the mainIdentitfier > section and not to hardcode such values, regarding proper ou=XXX > structure? > Sorry, if I'm asking to much, but before some next steps I want to be > clear what some section do in the LSC.XML and what is the real purpose. To not erase moved objects in AD, you can have a first task that will create the entry, and another task that can update it. For the second task, the mainIdentifier will be "", which means LSC will not try to compute it. This is a use case I already implemented in production. -- Clément Oudot | Identity Solutions Manager [email protected] Worteks | https://www.worteks.com _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
