On 07/05/2019 18:35, jehan procaccia TEM-TSP wrote:
> Hello
>
> I finnaly came up to the below js script in order to write destination DN in
> sub-OUs depending on the source edupersonPrimaryAffiliation value :
>
> for this example, Src ldap contains
>
> uid=proto,ou=People,dc=site,dc=fr and edupersonPrimaryAffiliation=*student*
>
> I want Dst ldap to sync that user to
> uid=proto,*ou=student*,ou=active,ou=People,dc=site,dc=fr
>
> <mainIdentifier>
> <![CDATA[js:
> var dst_ou="";
> var dst_dn= srcBean.getMainIdentifier();
> dst_ou =
> srcBean.getDatasetFirstValueById("edupersonPrimaryAffiliation");
> if ( dst_ou == "student" ) { dst_ou =
> "student,ou=active"; java.lang.System.out.println("ifstud dstdn dstou : " +
> dst_dn + dst_ou); }
> else if ( dst_ou == "staff" ) { dst_ou =
> "staff,ou=active"; java.lang.System.out.println("ifstaff dstdn dstou : " +
> dst_dn + dst_ou); }
> else { dst_ou = "old";
> java.lang.System.out.println("elseold dstdn dstou : " + dst_dn + dst_ou);}
> dest_dn = "uid=" + srcBean.getDatasetFirstValueById("uid")
> +",ou=" + dst_ou + ",dc=site,dc=fr"
> dest_dn;
> ]]>
> </mainIdentifier>
>
> lsc run do show my "if" test positively (System.out.println ...)
>
> ifstud dstdn dstou : uid=proto,ou=People,dc=site,dc=fr student,ou=active
>
> it works fine the 1st time I run lsc, but sucessive runs (now that
> uid=proto,*ou=student*,ou=active,ou=People,dc=site,dc=fr has been created on
> Dst ldap) show me errors:
>
> mai 07 17:20:31 - ERROR - Error while adding entry
> uid=proto,ou=student,ou=active,dc=site,dc=fr in directory
> :javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Entry Already
> Exists]; remaining name 'uid=proto,ou=student,ou=active'
> mai 07 17:20:31 - ERROR - Error while synchronizing ID
> uid=proto,ou=student,ou=active,dc=site,dc=fr: java.lang.Exception: Technical
> problem while applying modifications to the destination
> # Tue May 07 17:20:31 GMT+01:00 2019
> dn: uid=proto,ou=student,ou=active,dc=site,dc=fr
> changetype: add
>
> it seems that lsc doesn't update an already existing Dst dn !?
>
> What did I miss ?
>
Hi,
You stated "that uid=proto,*ou=student*,ou=active,*ou=People*,dc=site,dc=fr has
been created on Dst ldap" but actually the entry that was created is different
( "uid=proto,ou=student,ou=active,dc=site,dc=fr")
If LSC does not find your entry so it will try to create it, check your
destination baseDN (should be "ou=active,dc=site,dc=fr" and not
"ou=People,dc=site,dc=fr") and the getOneFilter.
Regards.
--
Soisik Froger | Software Architect
[email protected]
Worteks | https://www.worteks.com
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
