Le 29/11/2018 à 21:57, Lior Dotan a écrit : > On Thu, Nov 29, 2018 at 10:27 PM Clément OUDOT > <[email protected]> wrote: >> >> >> Le 29/11/2018 à 16:30, Lior Dotan a écrit : >>> Hi, >>> >>> I'm trying to sync group members from AD 2016. I usually use this >>> filter to get the members: >>> <getOneFilter><![CDATA[(&(objectClass=group)(cn={cn}))]]></getOneFilter> >>> >>> But for this AD, the filter doesn't return any data. I also tried >>> running the same filter with ldapsearch and again got no results. >>> So I tried to use: >>> <getOneFilter><![CDATA[(memberOf:1.2.840.113556.1.4.1941:=cn={cn})]]></getOneFilter> >>> >>> With ldapsearch I do get all the results but with LSC I get this error: >>> Synchronization aborted because no source object has been found ! >>> >>> Is there a way to use the 1.2.840.113556.1.4.1941 filter with LSC? >> You should be able to do it, but as far as I understand, the second >> filter is to find users which belong to groups, and the first filter is >> to find groups. Are you sure of what you want to do? >> > I was able to sync the users and the groups but not the group memberships. > I tried to debug this by running ldapsearch and it too didn't return > any results for the first query. > > But you are of course correct, the second query is totally different.
We need to see the full lsc.xml file to help you. -- Clément Oudot | Identity Solutions Manager [email protected] Worteks | https://www.worteks.com _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
