Thank you for your mail. Just want to let you know in the end it turned out that I was using a wrong base dn. If I remember correctly the base dn is used in the context of what is configured in the src connection url: Example:
<url>ldap://localhost:389/dc=lsc-project,dc=org</url> ... ldap.search("ou=users,ou=demo", "(sAMAccountName=" + uid + ")"); will in the end find user with uid in the subtree ou=users,ou=demo,dc=lsc-project,dc=org of the ldap directory. On 11/6/19 11:44 PM, Clément OUDOT wrote: > > > Le 06/11/2019 à 19:00, Marian Thieme a écrit : >> Hello, >> >> in the tutorial: >> there is mentioned the some javascript in order to fetch the users in >> the destination directory. I am trying to get this code adapted to my >> needs. I have question regarding the line: >> var destDn = ldap.search("ou=users,ou=demo", "(sAMAccountName=" + uid >> + ")"); >> How is the search function specified? What are the arguments? >> RIght now I've organized users in the destination dir (AD) like this: >> dc: CN=User Name,OU=People,DC=example,DC=org ... objectClass: person >> cn: User Name sAMAccountName=marian.thieme uid=u12345 ... >> I tried to lookup users in the AD like this: ldap.search("ou=people", >> "(uid=" + uid + ")"); >> But I am unsure about the 2 arguments I've to provide to ldap.search() >> I can see from DEBUG logs that e.g. user dn: >> uid=u12345,ou=people,dc=ldap,dc=example,dc=net does exist in the >> source directory. >> Since I have uid in the destination dir as well, I asume I can use >> the uid to lookup the user. >> However, a valid ldap query to retrieve the user "CN=User Name" with >> uid u12345 from AD would be something like: ldapsearch -b >> ou=people,$OBJECT_DN "(&(objectclass=person)(uid=u12345))" > > > Hello, > > you can find some information here: > https://lsc-project.org/javadoc/2.1-SNAPSHOT/org/lsc/jndi/ScriptableJndiServices.html > > Note that search method returns an array, you have to take the first > element to get the DN. And the value of the base parameter is > concatened to the context set un LDAP URL at the connection level, so > remove the context of the base value to avoid an error. > > > -- > Clément Oudot | Identity Solutions Manager > > [email protected] > > Worteks | https://www.worteks.com > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users
