Le 20/03/2019 à 20:58, Christiaan Louw a écrit :
> Thank you.
>
> That helped a lot. Really hope you guys are still willing to help me get over
> the last hurdle or two.
>
> So I recreated my config file after reading up on the links provided.
> I also had to go verify what I want from AD and what I need to be in OpenLDAP
> for it to work.
>
> Now I am at least reading data but I don’t think my Filters work yet.
>
> If I use the filter like (&(objectClass=person)(telephoneNumber=*)) on the AD
> server using a program like LDAPAdmin, I get only valid results.
> Any idea how I can incorporate that into the config file OR does it look like
> its working in the LOG file ill add at the bottom?(Just curious because there
> are a lot of errors.)
>
> Also I'm not sure why my log shows errors about writing to OPENLDAP.
The error is: [LDAP: error code 21 - objectclass: value #0 invalid per
syntax
Indeed, you made a typo in the objectClass name : replace
"interOrgPerson" by "inetOrgPerson"
Then, I suggest you simplify you configuration by using sAMAccountName
as pivot in the source, and only uid as pivot in the destination. I
don't see the need to use homePhone as pivot in destination.
Then use these filters in source:
<getAllFilter><![CDATA[(&(objectClass=person)(telephoneNumber=*))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=person)(sAMAccountName={sAMAccountName}))]]></getOneFilter>
<cleanFilter><![CDATA[(&(objectClass=person)(sAMAccountName={uid}))]]></cleanFilter>
And in destination :
<getAllFilter><![CDATA[(objectClass=inetOrgPerson)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(uid={sAMAccountName}))]]></getOneFilter>
--
Clément Oudot | Identity Solutions Manager
[email protected]
Worteks | https://www.worteks.com
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
