Hi Soisik,
one last question (hopefully).
The sync from nis to openldap works perfectly now.
In the next step I switched the destination from openldap to an AD
including changing the necessary attributes. Again I get now modify
messages. As I learned before the problem is the main identifier or a
filter. But both worked with openldap, I only change the different
attributes according to the AD:
<task>
<name>NIS2LDAP-User-SyncTask</name>
<bean>org.lsc.beans.SimpleBean</bean>
<pluginSourceService
implementationClass="org.lsc.plugins.connectors.nis.NisSrcService">
<name>nis-source-service</name>
<connection reference="nis-src-conn" />
<nis:nisSourceServiceSettings>
<name>nis-src-service</name>
<connection
reference="nis-src-conn" />
<nis:map>passwd.byname</nis:map>
</nis:nisSourceServiceSettings>
</pluginSourceService>
<ldapDestinationService>
<name>ad-dst-service</name>
<connection reference="ad-dst" />
<baseDn>DC=PPI,DC=INT</baseDn>
<pivotAttributes>
<string>sAMAccountName</string>
</pivotAttributes>
<fetchedAttributes>
<string>sAMAccountName</string>
<string>uid</string>
<string>uidNumber</string>
<string>gidNumber</string>
<string>unixHomeDirectory</string>
<string>loginShell</string>
</fetchedAttributes>
<getAllFilter>(&(objectClass=user)(!(objectClass=computer)))</getAllFilter>
<getOneFilter>(&(objectClass=user)(!(objectClass=computer))(sAMAccountName={uid}))</getOneFilter>
</ldapDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>"CN=" +
srcBean.getDatasetFirstValueById("uid")) +
",OU=HH,OU=Benutzer,DC=PPI,DC=INT"></mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>KEEP</defaultPolicy>
<conditions>
<create>false</create>
<update><![CDATA[rjs:
var update = false;
java.lang.System.out.println("checking user -> " +
srcBean.getDatasetFirstValueById("uid"));
if (
srcBean.getDatasetFirstValueById("uid").equals("mar")) {
java.lang.System.out.println("Found UID mar, compare gecos values -> " +
srcBean.getDatasetFirstValueById("gecos") + " vs " +
dstBean.getDatasetFirstValueById("gecos"));
update = true;
}
update;
]]></update>
<delete>false</delete>
<changeId>false</changeId>
</conditions>
<dataset>
<name>uidNumber</name>
<forceValues>
<string>srcBean.getDatasetFirstValueById("uidNumber")</string>
</forceValues>
</dataset>
<dataset>
<name>uid</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("uid")</string>
</forceValues>
</dataset>
<dataset>
<name>gidNumber</name>
<forceValues>
<string>srcBean.getDatasetFirstValueById("gidNumber")</string>
</forceValues>
</dataset>
<dataset>
<name>unixHomeDirectory</name>
<forceValues>
<string>srcBean.getDatasetFirstValueById("homeDirectory")</string>
</forceValues>
</dataset>
<dataset>
<name>loginShell</name>
<forceValues>
<string>srcBean.getDatasetFirstValueById("loginShell")</string>
</forceValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
Is there something special in relation to the AD ?
Regards
Martin
Von: "Martin Röh" <[email protected]>
An: "General discussions and help for Ldap Synchronization
Connector\(LSC\) - Start here!" <[email protected]>
Datum: 05.11.2018 16:50
Betreff: [lsc-users] Antwort: Re: Antwort: Re: Antwort: Re:
Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: NIS plugin and
filtering
Gesendet von: "lsc-users" <[email protected]>
Hi Soisik,
now I can see something !! Perfect !
There seems to be an error or mismatch in the mainIdentifier, but now I'm
able to analyze it.
Thank you so much :-) !
Regards
Martin
Von: "Soisik Froger" <[email protected]>
An: [email protected]
Datum: 05.11.2018 16:08
Betreff: Re: [lsc-users] Antwort: Re: Antwort: Re: Antwort: Re:
Antwort: Re: Antwort: Re: Antwort: Re: NIS plugin and filtering
Gesendet von: "lsc-users" <[email protected]>
On 05/11/2018 15:33, Martin Röh wrote:
>
> As far as I can see I have no filter in my lsc.xml and the attribute
"gecos" I try to sync is different (I think).
>
First of all make sure these values are different ; LSC won't detect any
need for change if values are identical.
> In fact some debug logging (eg. showing the status of the nis
connection, show the uid attribute from nis, etc) would be very helpful,
but the debugging functions from lsc do not show such information and I
don't have the java experience to implement it on my own in the xml file.
To make sure that entry uid "mar" is detected and that values of attribute
"gecos" on both sides do not match, you can use this code as Clement
suggested earlier :
<update><![CDATA[rjs:
var update = false;
java.lang.System.out.println("checking UID -> "
+ srcBean.getDatasetFirstValueById("uid"));
if (
srcBean.getDatasetFirstValueById("uid").equals("mar")) {
java.lang.System.out.println("Found UID mar, compare gecos values -> " +
srcBean.getDatasetFirstValueById("gecos") + " vs " +
dstBean.getDatasetFirstValueById("gecos"));
update = true;
}
update;
]]></update>
--
Soisik Froger
Worteks | https://www.worteks.com
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
