Hello,
i'm trying to use lsc for disable a user when the value of a specific
attribute is change on our openldap.
the value of this attribute is written to the "company" attribute. i
have one lsc configuration dedicated to this task :
i can set this attribute to the active directory "company" attribute but
i don't know how to disable the user when this attribute is changed. is
there a way to do it ?
i tried many combination of policies with create/force/default values
but nothing works as i want
thank you for your replies
here the task :
/ <tasks>//
// <task>//
// <name>LdapSync2AD</name>//
// <bean>org.lsc.beans.SimpleBean</bean>//
// <ldapSourceService>//
// <name>openldap-source-service</name>//
// <connection reference="openldap" />//
// <baseDn>ou=ac-lyon,o=gouv,c=fr</baseDn>//
// <pivotAttributes>//
// <string>uid</string>//
// </pivotAttributes>//
// <fetchedAttributes>//
// <string>uid</string>//
// <string>fredurne</string>//
// </fetchedAttributes>//
//<getAllFilter>(!(|(fredurne=)(fredurne=X)))</getAllFilter>//
//<getOneFilter>(&(!(|(fredurne=)(fredurne=X)))(uid={uid}))</getOneFilter>//
//<cleanFilter>(&(objectClass=inetOrgPerson)(uid={sAMAccountName}))</cleanFilter>//
// </ldapSourceService>/
/ <ldapDestinationService>//
// <name>ad-dst-service</name>//
// <connection reference="ad-dc1" />//
// <baseDn>DC=ac-lyon,DC=local</baseDn>//
// <pivotAttributes>//
// <string>sAMAccountName</string>//
// </pivotAttributes>//
// <fetchedAttributes>//
// <string>sAMAccountName</string>//
// <string>userAccountControl</string>//
// <string>company</string>//
// </fetchedAttributes>//
//<getAllFilter>(objectClass=user)</getAllFilter>//
//<getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter>//
// </ldapDestinationService>/
/<mainIdentifier>dstBean.getMainIdentifier()</mainIdentifier>//
// <defaultDelimiter>;</defaultDelimiter>//
// <defaultPolicy>FORCE</defaultPolicy>//
// <conditions>//
// <create>false</create>//
// <update>true</update>//
// <delete>false</delete>//
// <changeId>false</changeId>//
// </conditions>/
/ <dataset>/
/ <name>company</name>//
// <policy>FORCE</policy>//
// <defaultValues>//
// <string>//
// var rne = srcBean.getDatasetFirstValueById("FrEduRne");//
// var affectation = rne.split("$");//
// affectation[0];//
// </string>//
// </defaultValues>//
// </dataset>//
//
// <dataset>//
// <name>userAccountControl</name>//
// <policy>FORCE</policy>//
// <createValues>//
// <string>//
//AD.userAccountControlSet(dstBean.getDatasetFirstValueById('userAccountControl'),
[AD.UAC_SET_ACCOUNTDISABLE])//
// </string>//
// </createValues>//
// </dataset>/
</propertiesBasedSyncOptions>
</task>
</tasks>
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
