Re: [lsc-users] Antwort: Re: Antwort: Re: Antwort: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: Antwort: Re: NIS plugin and filtering

Thu, 08 Nov 2018 08:20:01 -0800 


Le 08/11/2018 à 16:59, Martin Röh a écrit :
> Hi,
>
> I test the sync with create condition "true" and then I get a (false)
> result.
>
> In the AD there is an entry like this:
>
> ***Searching...
> ldap_search_s(ld, "DC=foo,DC=bar", 2, "(samAccountName=lg)", attrList,
>  0, &msg)
> Getting 1 entries:
> *Dn: CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar*
>
>
> Then I start a sync I get this:
>
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  List of attributes
> considered for writing in destination: [uid, unixHomeDirectory,
> gidNumber, uidNumber, loginShell]
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Attribute "uid" is in FORCE
> status
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Adding attribute "uid" with
> values [lg]
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Attribute
> "unixHomeDirectory" is in FORCE status
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Adding attribute
> "unixHomeDirectory" with values [/home/lg]
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Attribute "gidNumber" is in
> FORCE status
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Adding attribute "gidNumber"
> with values [202]
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Attribute "uidNumber" is in
> FORCE status
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Adding attribute "uidNumber"
> with values [5675]
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Attribute "loginShell" is in
> FORCE status
> Nov 08 16:50:12 - DEBUG - In object
> "CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar":  Adding attribute
> "loginShell" with values [/usr/bin/bash]
> Nov 08 16:50:12 - DEBUG - Create condition false. Should have added
> object CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar
> # Thu Nov 08 16:50:12 CET 2018
> dn: CN=lg,OU=HH,OU=Benutzer,DC=foo,DC=bar
> changetype: add
> uid: lg
> unixHomeDirectory: /home/lg
> gidNumber: 202
> uidNumber: 5675
> loginShell: /usr/bin/bash
>
> Nov 08 16:50:13 - INFO  - All entries: 950, to modify entries: 1,
> successfully modified entries: 0, errors: 0
>
> This is not what I expected. The sync should MODIFY  the listed
> attribute in the destination entry and not create a new (duplicate)
> one with the list attribute.
>
> Has someone an advice what I do wrong ?

Maybe the account configured in LSC to browse AD has not enough rights
to read the entry? The issue is indeed that LSC does not find your entry
and tries to create a new one.


-- 
Clément Oudot | Identity Solutions Manager

[email protected]

Worteks | https://www.worteks.com


_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users

Reply via email to