[lsc-users] Need help stopping clean phase from deleting everything

shrd . swnn Tue, 10 Dec 2019 05:59:42 -0800

Hello,


I'm new to LSC and need help with configuration. I run OpenLDAP  servers with 
aliases for my mail servers. Currently I run a program daily to harvest aliases 
from Active Directory. I've configured LSC to the point where it will pull a 
test alias from AD. But in the clean phase, it immediately gets removed. I 
don't use the LDAP servers for authentication, so for security reasons I don't 
stored  any user names,uids or passwords on the OpenLDAP servers. I'm including 
my lsc.xml.

[output]

Dec 10 08:45:35 - INFO  - Logging configuration successfully loaded from 
/usr/local/src/lsc-2.2-SNAPSHOT/../lsc-2.1.4/ad2ldap/logback.xml
Dec 10 08:45:35 - INFO  - LSC configuration successfully loaded from 
/usr/local/src/lsc-2.2-SNAPSHOT/../lsc-2.1.4/ad2ldap/
Dec 10 08:45:35 - INFO  - Connecting to LDAP server 
ldap://nsc-dev-mail-db-002.acme.com:389/OU=aliases,DC=acme,DC=com as 
cn=Manager,DC=acme,DC=com
Dec 10 08:45:35 - INFO  - Connecting to LDAP server 
ldap://ad.acme.com:3268/DC=ad,DC=acme,DC=com as t...@ad.acme.com
Dec 10 08:45:35 - INFO  - Starting sync for MySyncTask
Dec 10 08:45:35 - DEBUG - Using pagedResults control for 10 entries at a time
Dec 10 08:45:36 - DEBUG - Unsupported scripting engine: Oracle Nashorn
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  List of attributes 
considered for writing in destination: [sendmailMTAKey, 
sendmailMTAAliasGrouping, sendmailMTACluster, objectClass, 
sendmailMTAAliasValue]
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Attribute 
"sendmailMTAKey" is in KEEP status
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Adding attribute 
"sendmailMTAKey" with values [Test.C.User]
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Attribute 
"sendmailMTAAliasGrouping" is in KEEP status
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Adding attribute 
"sendmailMTAAliasGrouping" with values [aliases]
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Attribute 
"sendmailMTACluster" is in KEEP status
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Adding attribute 
"sendmailMTACluster" with values [acme.com]
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Attribute 
"objectClass" is in KEEP status
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Adding attribute 
"objectClass" with values [sendmailMTA, sendmailMTAAlias, 
sendmailMTAAliasObject]
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Attribute 
"sendmailMTAAliasValue" is in KEEP status
Dec 10 08:45:37 - DEBUG - In object 
"sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com":  Adding attribute 
"sendmailMTAAliasValue" with values [test.c.u...@acme.com]
Dec 10 08:45:37 - INFO  - # Adding new object 
sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com for MySyncTask
# Tue Dec 10 08:45:37 EST 2019
dn: sendmailMTAKey=Test.C.User,OU=aliases,DC=acme,DC=com
changetype: add
sendmailMTAKey: Test.C.User
sendmailMTAAliasGrouping: aliases
sendmailMTACluster: acme.com
objectClass: sendmailMTA
objectClass: sendmailMTAAlias
objectClass: sendmailMTAAliasObject
sendmailMTAAliasValue: test.c.u...@acme.com

Dec 10 08:45:37 - INFO  - All entries: 1, to modify entries: 1, successfully 
modified entries: 1, errors: 0
Dec 10 08:45:37 - INFO  - Starting clean for MySyncTask
Dec 10 08:45:37 - INFO  - # Removing object 
sendmailMTAKey=Test.C.User,ou=aliases,dc=acme,dc=com for MySyncTask
# Tue Dec 10 08:45:37 EST 2019
dn: sendmailMTAKey=Test.C.User,ou=aliases,dc=acme,dc=com
changetype: delete

Dec 10 08:45:37 - INFO  - All entries: 1, to modify entries: 1, successfully 
modified entries: 1, errors: 0



[lsc.xml]
<?xml version="1.0" ?>
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.2.xsd"; revision="0">
    <connections>
      <ldapConnection>
        <name>src-ad</name>
        <!-- url>ldap://ds-dc-ad-01.ad.acme.com:3268/DC=ad,DC=acme,DC=com</url 
-->
        <url>ldap://ba.ad.acme.com:3268/DC=ad,DC=acme,DC=com</url>
        <username>u...@ad.acme.com</username>
        <password>pass</password>
        <authentication>SIMPLE</authentication>
        <pageSize>10</pageSize>
        <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
      </ldapConnection>
      <ldapConnection>
        <name>dst-ldap</name>
        
<url>ldap://nsc-dev-mail-db-002.acme.com:389/OU=aliases,DC=acme,DC=com</url>
        <username>cn=Manager,DC=acme,DC=com</username>
        <password>pass</password>
        <authentication>SIMPLE</authentication>
        <referral>IGNORE</referral>
        <derefAliases>NEVER</derefAliases>
        <version>VERSION_3</version>
        <pageSize>-1</pageSize>
        <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
      </ldapConnection>
      <ldapConnection>
        <name>dst-ldap</name>
        
<url>ldap://nsc-dev-mail-db-002.acme.com:389/OU=aliases,DC=acme,DC=com</url>
        <username>cn=Manager,DC=acme,DC=com</username>
        <password>pass</password>
        <authentication>SIMPLE</authentication>
        <referral>IGNORE</referral>
        <derefAliases>NEVER</derefAliases>
        <version>VERSION_3</version>
        <pageSize>-1</pageSize>
        <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
        <tlsActivated>false</tlsActivated>
        <saslMutualAuthentication>false</saslMutualAuthentication>
      </ldapConnection>
    </connections>
  <audits>
        <csvAudit>
           <name>csv</name>
           <append>true</append>
           <operations>create, delete</operations>
           <file>/tmp/dump.csv</file>
           <datasets>dn, SendmailMTAKey</datasets>
           <separator>,</separator>
        </csvAudit>
  </audits>
    <tasks>
        <task>
        <name>MySyncTask</name>
        <bean>org.lsc.beans.SimpleBean</bean>
        <ldapSourceService>
            <name>MySyncTask-src</name>
            <connection reference="src-ad" />
            <!-- baseDn>OU="LAN Configs",DC=ad,DC=acme,DC=com</baseDn -->
            <baseDn>DC=ad,DC=acme,DC=com</baseDn>
            <pivotAttributes>
                <string>mail</string>
            </pivotAttributes>
            <fetchedAttributes>
                <string>mail</string>
                <string>mailNickName</string>
                <!-- string>displayName</string>
                <string>cn</string>
                <string>sn</string>
                <string>givenName</string>
                <string>distinguishedName</string -->
            </fetchedAttributes>
            <!-- 
getAllFilter>(&amp;(mail=sherrod.c.sw...@acme.com)(objectClass=user))</getAllFilter
 -->
            
<getAllFilter>(&amp;(|(objectClass=person)(objectClass=group))(mail=sherrod.c.sw...@acme.com)(!(objectClass=contact))(!
        (cn=SystemMailbox*))) </getAllFilter>
            <!-- 
getOneFilter>(&amp;(mail="test.u...@acme.com")(objectClass=user))</getOneFilter 
-->
        
<getOneFilter>(&amp;(|(objectClass=person)(objectClass=group))(mail={mail})(!(objectClass=contact))(!(cn=SystemMailbox*)))
 </     getOneFilter>
            <cleanFilter>(&amp;(mail=)(objectClass=person))</cleanFilter>
            <interval>6</interval>
        </ldapSourceService>
        <ldapDestinationService>
            <name>MySyncTask-dst</name>
            <connection reference="dst-ldap"/>
            <baseDn>OU=aliases,DC=acme,DC=com</baseDn>
            <pivotAttributes>
                <string>mail</string>
            </pivotAttributes>
            <fetchedAttributes>
                <string>objectClass</string>
                <string>sendmailMTAAliasValue</string>
                <string>sendmailMTACluster</string>
                <string>sendmailMTAAliasGrouping</string>
                <string>sendmailMTAKey</string>
            </fetchedAttributes>
            <getAllFilter>(sendmailMTAAliasValue=*)</getAllFilter>
            <getOneFilter>(sendmailMTAKey={SendmailMTAKey})</getOneFilter>
        </ldapDestinationService>
        <propertiesBasedSyncOptions>
                <!-- mainIdentifier>"sendmailMTAKey=" + 
srcBean.getDatasetFirstValueById("mailNickName") + 
",OU=aliases,DC=acme,DC=com"</  mainIdentifier -->
                <mainIdentifier>js:"sendmailMTAKey=" + 
srcBean.getDatasetFirstValueById("mail").replace('@acme.com', '') + 
",OU=aliases,   DC=acme,DC=com"</mainIdentifier>
                <pivotTransformation>
                    <transformation fromAttribute="mail" 
toAttribute="SendmailMTAKey" pivotOrigin="SOURCE"><![CDATA[js:
                        value.replace('@acme.com', '');
                        ]]></transformation>
                    <transformation fromAttribute="SendmailMTAKey" 
toAttribute="mail" pivotOrigin="DESTINATION"><![CDATA[js:
                        value.replace('@acme.com', '');
                        ]]></transformation>
                </pivotTransformation>
                <defaultDelimiter>;</defaultDelimiter>
                <defaultPolicy>KEEP</defaultPolicy>
                <conditions>
                    <create>true</create>
                    <update>true</update>
                    <delete>true</delete>
                    <changeId>false</changeId>
                </conditions>
                <dataset>
                    <name>objectClass</name>
                    <policy>KEEP</policy>
                    <forceValues>
                    <string>"sendmailMTA"</string>
                    <string>"sendmailMTAAlias"</string>
                    <string>"sendmailMTAAliasObject"</string>
                    </forceValues>
                    <delimiter>,</delimiter>
                </dataset>
                <dataset>
                    <name>sendmailMTAKey</name>
                    <policy>KEEP</policy>
                    <forceValues>
                    
<string>js:srcBean.getDatasetFirstValueById("mail").replace('@acme.com', 
'')</string>
                </forceValues>
                </dataset>
                <dataset>
                    <name>default</name>
                    <policy>KEEP</policy>
                </dataset>
                <dataset>
                    <name>sendmailMTACluster</name>
                    <policy>KEEP</policy>
                    <createValues>
                    <string>"acme.com"</string>
                </createValues>
                </dataset>
                <dataset>
                    <name>sendmailMTAAliasGrouping</name>
                    <policy>KEEP</policy>
                    <createValues>
                    <string>"aliases"</string>
                </createValues>
                </dataset>
                <dataset>
                    <name>sendmailMTAAliasValue</name>
                    <policy>KEEP</policy>
                    <createValues>
                        <string>
                            srcBean.getDatasetFirstValueById("mail");
                        </string>
                    </createValues>
                        </string>
                    </createValues>
                </dataset>
                </propertiesBasedSyncOptions>
            </task>
    </tasks>
</lsc>




Any help is appreciated,


Sherrod
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
lsc-users@lists.lsc-project.org
https://lists.lsc-project.org/cgi-bin/mailman/listinfo/lsc-users

[lsc-users] Need help stopping clean phase from deleting everything

Reply via email to