Alright, I am now syncing another DB, this time on a PostgresQL-Server, and am
facing the same/similar problem.
The sync is very simple, I identify via a unique identifier called `hsmNID` and
try to sync another field in the DB called `uid`. However, the update condition
does not work that way and if I enable the create condition lsc wants to create
every entry.
Could you please help me with this? As is, I cannot really use
LDAP<->DB-synchronisation at all, sadly.
Lsc.xml:
<task>
<name>LDAP-sva</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>ldap-src-sva</name>
<connection reference="ldapslave-src-conn" />
<baseDn>ou=Users,dc=domain,dc=de</baseDn>
<pivotAttributes>
<string>hsmNID</string>
</pivotAttributes>
<fetchedAttributes>
<string>hsmNID</string>
<string>uid</string>
</fetchedAttributes>
<getAllFilter><![CDATA[(&(objectClass=inetOrgPerson)(eduPersonPrimaryAffiliation=2)(hsmNID=*))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=inetOrgPerson)(eduPersonPrimaryAffiliation=2)(hsmNID={hsmNID}))]]></getOneFilter>
<cleanFilter><![CDATA[(&(objectClass=inetOrgPerson)(eduPersonPrimaryAffiliation=2)(hsmNID={hsmNID}))]]></cleanFilter>
</ldapSourceService>
<databaseDestinationService>
<name>db-dest-sva</name>
<connection reference="sva-conn" />
<requestNameForList>getEmployeeList</requestNameForList>
<requestNameForObject>getEmployeeByNID</requestNameForObject>
<requestsNameForInsert>
<string>insertSVA</string>
</requestsNameForInsert>
<requestsNameForUpdate>
<string>updateUID</string>
</requestsNameForUpdate>
<requestsNameForDelete>
<string>deleteSVA</string>
</requestsNameForDelete>
</databaseDestinationService>
<propertiesBasedSyncOptions>
<mainIdentifier>srcBean.getMainIdentifier()</mainIdentifier>
<defaultDelimiter>;</defaultDelimiter>
<defaultPolicy>FORCE</defaultPolicy>
<conditions>
<create>true</create>
<update>true</update>
<delete>false</delete>
<changeId>false</changeId>
</conditions>
<dataset>
<name>uid</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("uid")</string>
</forceValues>
</dataset>
<dataset>
<name>hsmNID</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("hsmNID")</string>
</forceValues>
</dataset>
</propertiesBasedSyncOptions>
</task>
SVAdb.xml:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE sqlMap PUBLIC "-//iBATIS.com//DTD SQL Map 2.0//EN"
"http://www.ibatis.com/dtd/sql-map-2.dtd";>
<sqlMap namespace="svadb">
<select id="getEmployeeByNID" resultClass="java.util.HashMap"
parameterClass="java.util.Map">
SELECT
hsmNID,
uid
FROM
public.ldap_sync
WHERE
hsmNID = CAST(#hsmNID# AS VARCHAR)
</select>
<select id="getEmployeeList" resultClass="java.util.HashMap">
SELECT
hsmNID
FROM
public.ldap_sync
</select>
<insert id="insertSVA" parameterClass="java.util.Map">
INSERT INTO
public.ldap_sync (uid,hsmnid)
VALUES
(#uid#,CAST(#hsmNID# AS VARCHAR))
</insert>
<update id="updateUID" parameterClass="java.util.Map">
UPDATE ldap_sync
SET uid = #uid#
WHERE
hsmNID = CAST(#hsmNID# AS VARCHAR)
</update>
<delete id="deleteSVA" parameterClass="java.util.Map">
TRUE
</delete>
</sqlMap>
-----Ursprüngliche Nachricht-----
Von: lsc-users <[email protected]> Im Auftrag von
Alexander Herr
Gesendet: Montag, 6. Mai 2019 16:41
An: General discussions and help for Ldap Synchronization Connector (LSC) -
Start here! <[email protected]>
Betreff: Re: [lsc-users] LDAP -> MySQL-Synchronization: Not Updating Fields
despite Difference
Hm, seems like it doesn't even evaluate the other attributes?
May 06 16:23:36 - DEBUG - In object
"CN=herr,OU=Mitarbeiter,OU=RZ,DC=adfs,DC=wd,DC=hs-merseburg,DC=de": List of
attributes considered for writing in destination: [sAMAccountName] May 06
16:23:36 - DEBUG - In object
"CN=herr,OU=Mitarbeiter,OU=RZ,DC=adfs,DC=wd,DC=hs-merseburg,DC=de": Attribute
"sAMAccountName" is in KEEP status May 06 16:23:36 - DEBUG - Entry
"CN=herr,OU=Mitarbeiter,OU=RZ,DC=adfs,DC=wd,DC=hs-merseburg,DC=de" will not be
written to the destination May 06 16:23:36 - INFO - All entries: 1, to modify
entries: 0, successfully modified entries: 0, errors: 0
In the propertiesBasedSyncOptions, do I have to use the attribute as defined in
the lsc.xml, since in the ibatis file the columns are already translated?
-----Ursprüngliche Nachricht-----
Von: lsc-users <[email protected]> Im Auftrag von Clément
OUDOT
Gesendet: Montag, 6. Mai 2019 16:10
An: [email protected]
Betreff: Re: [lsc-users] LDAP -> MySQL-Synchronization: Not Updating Fields
despite Difference
Le 06/05/2019 à 15:56, Alexander Herr a écrit :
> Alright, I have removed all configurations pertaining 'uid', the actual
> attribute is now canonically 'sAMAccountName' and the only occurrence of
> 'uid' is now in ibatis when it is working on the actual column of the table.
> FWIW, 'uid' is present in the AD and is actually the same value as
> 'sAMAccountName' but for some reason, I wasn't able to sync at all with 'uid'
> being the pivot-attribute.
>
> Anyway, for some reason, the attribute 'sn'/'Name' is still not forced by the
> current configuration.
Ok, try to set DEBUG loglevel in logback.xml to get more information.
--
Clément Oudot | Identity Solutions Manager
[email protected]
Worteks | https://www.worteks.com
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
