Hello,
I'd like to sync users and groups from AD to the executable plugin in
order to call REST API.
I am new to lsc so I tried to write the lsc.xml to the best of my
understanding but when running lsc I get this:
ERROR - org.lsc.exception.LscConfigurationException: Configuration
exception: org.ls
Hi,
I'm trying to sync groups and users from AD. Everything is working
okay but in case of nested groups, I'd like to flatten them to a
single group with all the users.
Running the foloowing filter with ldapsearch gives the expected results:
(memberOf:1.2.840.113556.1.4.1941:=cn=LargeGroup,ou=ad-
On Thu, Feb 1, 2018 at 12:13 PM, Soisik Froger
wrote:
> On 01/02/2018 10:19, Lior Dotan wrote:
>>
>> Hi,
>>
>> I'm trying to sync groups and users from AD. Everything is working
>> okay but in case of nested groups, I'd like to flatten them to a
>&g
On Thu, Feb 1, 2018 at 12:47 PM, Soisik Froger
wrote:
> On 01/02/2018 11:19, Lior Dotan wrote:
>>
>> I have a task for syncing users and one for groups, I am trying to run
>> the filter in the group task:
>
>
> I don't think that setting filters that pick up
On Thu, Feb 1, 2018 at 6:57 PM, Clément OUDOT wrote:
> Hello,
>
> if this can help, I have a small script that I use in LSC to convert
> group of groups from AD to a flatten group in OpenLDAP.
>
Thanks, this looks promising.
I've plaved the js function right above the other js code in the
dataset
On Thu, Feb 1, 2018 at 8:02 PM, Clément OUDOT wrote:
> 2018-02-01 18:15 GMT+01:00 Lior Dotan :
>> On Thu, Feb 1, 2018 at 6:57 PM, Clément OUDOT wrote:
>>> Hello,
>>>
>>> if this can help, I have a small script that I use in LSC to convert
>>>
>> id=CN=GroupA,OU=ad-testing,DC=ad-testing,DC=test,DC=io
>> Reason: javax.script.ScriptException: ReferenceError: "ldap" is not
>> defined in nashorn:mozilla_compat.js at line number 67
>> Feb 01 18:15:21 - ERROR - Error while synchronizing ID {cn=[Bass
>> Players]}: org.lsc.exception.LscServiceEx
> In this case you only have srcLdap object and you must adapt the
> script to use only this source connection to resolve groups. In my
> script, destination connection is only used to convert source user DN
> into destination user DN.
I was able to change your script to my needs.
Thanks a lot for
Hi,
I am syncing data from Active Directory and it's working fine in sync
mode but when running in async mode I see the following error in the
log and the data is no longer being synced.
Feb 13 14:18:46 ip-10-0-135-60 sync[12163]: Feb 13 14:18:46 - DEBUG -
Asynchronous synchronize SyncUserTask
Fe
a:624)
[na:1.8.0_151]
at java.lang.Thread.run(Thread.java:748) [na:1.8.0_151]
On Tue, Feb 13, 2018 at 5:04 PM, Lior Dotan wrote:
> Hi,
>
> I am syncing data from Active Directory and it's working fine in sync
> mode but when running in async mode I see the following erro
Hi All,
I'm trying to sync from AD but getting the error below. With tcpdump I
saw that AD is returning data so I'm not sure what's the issue. I also
ran ldapsearch with the same filter and got the right results. I
started with ObjectClass=* but that didn't work as well.
Jun 11 15:46:14 - INFO -
You are correct of course but I did try with (objectClass=*) at first
and I got the same error, which is why I tried to change the filter.
In the past using async and (objectClass=*) worked okay.
On Mon, Jun 11, 2018 at 4:58 PM Clément OUDOT wrote:
>
>
>
> Le 11/06/2018 à 15:22,
On Mon, Jun 11, 2018 at 5:11 PM Clément OUDOT wrote:
>
>
>
> Le 11/06/2018 à 16:01, Lior Dotan a écrit :
>
> You are correct of course but I did try with (objectClass=*) at first
> and I got the same error, which is why I tried to change the filter.
> In the past usin
On Mon, Jun 11, 2018 at 6:39 PM Clément OUDOT wrote:
>
>
> I don't see any other solution than switching to ldapSourceService.
>
>
Using ldapSourceService seems to work well, thanks!
___
Ldap Synchronization Connector (LSC) - http://lsc-p
Hi,
I'm trying to sync groups from AD to external scripts which I was able
to do in the past.
The problem now is that the update script is called with 'cn= ' only,
without the group name even though the get script is called with the
group name.
Any idea what's going on?
Jun 12 08:35:51 - INFO -
On Tue, Jun 12, 2018 at 10:05 AM Clément OUDOT
wrote:
>
>
>
> Le 12/06/2018 à 08:28, Lior Dotan a écrit :
> > Hi,
> >
> > I'm trying to sync groups from AD to external scripts which I was able
> > to do in the past.
> > The problem now is th
On Tue, Jun 12, 2018 at 11:32 AM Clément OUDOT
wrote:
>
>
>
> Le 12/06/2018 à 09:10, Lior Dotan a écrit :
> > On Tue, Jun 12, 2018 at 10:05 AM Clément OUDOT
> > wrote:
> >>
> >>
> >> Le 12/06/2018 à 08:28, Lior Dotan a écrit :
> >>>
Thanks, works like a charm!
On Tue, Jun 12, 2018 at 11:48 AM Clément OUDOT
wrote:
>
>
>
> Le 12/06/2018 à 10:43, Lior Dotan a écrit :
> > On Tue, Jun 12, 2018 at 11:32 AM Clément OUDOT
> > wrote:
> >>
> >>
> >> Le 12/06/2018 à 09:10, Lior Dot
Hi All,
In my AD, all the users and groups that I want to sync are in
OU=test,DC=example,DC=com.
However some of the groups have users in another OU
(OU=test2,DC=example,DC=com) that I don't want to sync.
When I try to sync the group memberships I get errors for those users
and the sync fails:
jav
On Fri, Nov 16, 2018 at 9:37 PM Clément OUDOT wrote:
>
>
>
> Le 14/11/2018 à 21:10, Lior Dotan a écrit :
> > Hi All,
> >
> > My question is, is there a way to filter out the users from the second
> > OU and only sync group memberships for users in the first
Hi,
I'm syncing from an AD that has special characters in the DN:
ou=unit & 1,dc=example,dc=com
I have followed the guide in
https://lsc-project.org/documentation/2.0/configuration/connections/ldap
When I define the in a task I can use CDATA and enter the
text as is without any problems. But in
Hi,
I'm trying to sync group members from AD 2016. I usually use this
filter to get the members:
But for this AD, the filter doesn't return any data. I also tried
running the same filter with ldapsearch and again got no results.
So I tried to use:
With ldapsearch I do get all the results but w
On Thu, Nov 29, 2018 at 10:27 PM Clément OUDOT
wrote:
>
>
>
> Le 29/11/2018 à 16:30, Lior Dotan a écrit :
> > Hi,
> >
> > I'm trying to sync group members from AD 2016. I usually use this
> > filter to get the members:
> >
> >
> > But fo
On Thu, Nov 29, 2018 at 10:43 PM Jon C Kidder wrote:
>
> The first query may also be returning an empty result set because the group
> membership exceeds 1500 values and is being returned using Microsoft's
> "Range" implementation. There are notes on this phenomenon including a work
> around s
> We need to see the full lsc.xml file to help you.
Here is the lsc.xml file:
http://lsc-project.org/XSD/lsc-core-2.1.xsd";
xmlns:exec="http://lsc-project.org/XSD/lsc-executable-plugin-1.0.xsd";
revision="0">
ldap-src-conn
ldap://dc.acme.corp:389/OU=Offices,DC=acme,DC=corp
ads...@acme.corp
not
> So, are you sure to have "group" objects under
> OU=Offices,DC=acme,DC=corp branch ?
Yes there are groups under sub-OU like:
OU=NYC,OU=Offices,DC=acme,DC=corp
I also used the same filter to get the groups so I'm certain that LSC
can see the groups.
__
DOT wrote:
>
>
>
> Le 30/11/2018 à 10:43, Lior Dotan a écrit :
> >> So, are you sure to have "group" objects under
> >> OU=Offices,DC=acme,DC=corp branch ?
> > Yes there are groups under sub-OU like:
> > OU=NYC,OU=Offices,DC=acme,DC=corp
> >
>
Hi
When I store users in my destination, I store them in lower case.
Some of the users in the source AD has upper case in their e-mail and
LSC always syncs them to the destination on each run.
I am using this as the main id:
"mail=" +
srcBean.getDatasetFirstValueById("mail".toLowerCase())
but LSC
> Hello,
>
> you need indeed to force the value in lowercase in the dataset, so it
> will be stored in lowercase in destination, and then when comparing
> values, they will both be in lower case, so LSC should try to update the
> value in destination.
If the value is initially set to lowercase in
> Try to use 'java.lang.System.out.println' in your js code to print the
> value at the end of the dataset to check is in lowercase.
I had a small error in my javascript code, it should be:
-mail.toLowerCase();
+mail = mail.toLowerCase();
After fixi
On Tue, Dec 11, 2018 at 11:35 AM Clément OUDOT
wrote:
>
>
>
> Le 11/12/2018 à 08:46, Lior Dotan a écrit :
> >> Try to use 'java.lang.System.out.println' in your js code to print the
> >> value at the end of the dataset to check is in lowercase.
> >
> Hello,
>
> so the issue is not when comparing attribute values, but when looking
> for entry in destination. LSC could not find it so instead modiyind
> destination entry, it tries to create a new one.
>
> You must fix your scripts so the GET script returns the correct entry,
> see https://lsc-pr
On Wed, Dec 12, 2018 at 11:10 AM Lior Dotan wrote:
>
> > Hello,
> >
> > so the issue is not when comparing attribute values, but when looking
> > for entry in destination. LSC could not find it so instead modiyind
> > destination entry, it tries to create a n
Hi,
In my AD I have an OU that contains several other OUs with users and
groups that I'd like to sync.
However, I would like to skip some of these OUs.
+--+ OU1
|
OU ---+---+ OU2
|
+--+ OU3
In this example, I would like to only sync
> You can script conditions for create, update, delete: returning false will
> prevent the action, returning true will allow it.
Thanks, that indeed sounds like what I am looking for.
But I couldn't get it to work. I tried to debug it with the following code:
On Thu, Feb 21, 2019 at 5:32 PM Soisik Froger wrote:
>
> On 21/02/2019 15:48, Lior Dotan wrote:
> > Thanks, that indeed sounds like what I am looking for.
> > But I couldn't get it to work. I tried to debug it
Hi,
I am syncing from AD to REST API using the executable plugin, there
are about 2100 users in the AD.
The problem is that LSC is stuck during the clean phase. I debugged it
and saw that LSC calls my LIST plugin and my plugin starts writing to
stdout but after about 1100 users it stops outputting
On Tue, Mar 5, 2019 at 10:30 AM Soisik Froger wrote:
> Hi Lior,
> I have a fix ready and I will send a PR request to the dev team today.
Hi Soisik,
Thanks a lot for fixing this issue. Is it possible for you to send me
a jar file with the fix so I can test it too?
Thanks,
Lior.
_
Hi
> I have a fix ready and I will send a PR request to the dev team today.
I can confirm that this is indeed working.
Thanks for the fix!
___
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
lsc-user
Hi,
I'm syncing from AD to the executable plugin based on the source OU:
+--+ OU1
|
OU ---+---+ OU2
|
+--+ OU3
In this example, I would like to only sync OU1 & OU3.
If a user was in OU1 (and thus synced to the destination) and then
> I would consider setting up a cleanFilter that do not return any entry, and,
> in the delete condition, write a script that search your entry in source
> using srcLdap.search(base,filter) : either make several searches in each of
> your synced OUs, or do a top search and check the DN of the re
On Tue, Mar 12, 2019 at 6:22 PM Soisik Froger wrote:
> Try srcLdap.search("", filter). LSC will append contextDn to the base
> parameter. If you set it, the research will not work as it will look into
> base + contextDN (the part in connection URL). It could also be a specific OU
> ("ou=ou1").
Hi,
I'm syncing users from AD with LSC and it's working great.
However, I only want to read users from AD that have first name, last name
& e-mail address (and optionally a mobile phone number).
Currently I am using this filter:
(&(objectCategory=person)(objectClass=user))
Is there a way to filer
Hi,
Currently I have two tasks to sync groups from AD:
1) A task the syncs the group
2) a task that assigns users to the group according to the AD membership
To get the groups I use this filter:
(objectClass=group)
Is it possible to only retrieve groups that has members?
Cheers,
Lior
__
On Fri, Apr 3, 2020 at 3:34 PM Clément OUDOT
wrote:
>
> Le 03/04/2020 à 13:11, Lior Dotan a écrit :
> > Hi,
> >
> > Currently I have two tasks to sync groups from AD:
> > 1) A task the syncs the group
> > 2) a task that assigns users to the group according to
On Fri, Apr 3, 2020, 15:34 Clément OUDOT wrote:
>
> Le 03/04/2020 à 13:08, Lior Dotan a écrit :
> > Hi,
> >
> > I'm syncing users from AD with LSC and it's working great.
> > However, I only want to read users from AD that have first name, last
> >
Hi,
I am syncing from AD to the executable plugin. I noticed that LSC is stuck
during the clean phase of cleaning the groups of an AD with 10,000+ groups.
After some debugging I saw the my plugin can write about 700Kb before it's
stuck.
When I added a short delay every 10 groups everything works,
On Tue, Apr 7, 2020 at 12:31 PM Clément OUDOT
wrote:
>
> Le 07/04/2020 à 11:12, Lior Dotan a écrit :
> > Hi,
> >
> > I am syncing from AD to the executable plugin. I noticed that LSC is
> > stuck during the clean phase of cleaning the groups of an AD with
>
Hi,
I'm syncing from AD to the executable plugin and started getting the error
below, after that the process is stuck.
Can you advise me how to debug this?
Thanks,
Lior.
Apr 13 11:37:46 lab01 sync[8943]: Apr 13 11:37:46 - ERROR - All entries:
1294, to modify entries: 1264, successfully modified
On Wed, Apr 15, 2020, 19:44 Clément OUDOT wrote:
>
> Le 13/04/2020 à 20:15, Lior Dotan a écrit :
> > Hi,
> >
> > I'm syncing from AD to the executable plugin and started getting the
> > error below, after that the process is stuck.
> > Can you ad
Hi,
I'm using LSC to sync from AD to the executable plugin.
For the groups I have created two tasks, one that create groups and the
second task for syncing the members of each groups.
While this works fine, I prefer to sync both in a single iteration. So I
created a single task that does both but
Hi,
I'm trying to create a custom sync destination service.
I took the executable plugin service as a reference.
I copied my jar file to the lib directory of my LSC installation and I
configured the lsc.xml file accordingly.
Is there anything else I'm missing?
I'm failing in the initialization of
On Mon, May 18, 2020 at 10:34 AM Clément OUDOT
wrote:
>
> Hello,
>
> did you updated the namespace? for example with executable plugin:
> https://lsc-project.org/documentation/plugins/executable#xml_namespace
>
> You need also to load the plugin at startup, see
> https://lsc-project.org/documenta
Hi,
My original setting had the users base DN set as:
OU=test,DC=example,DC=com
But since it returned too many users I changed it to:
OU=ActiveUsers,OU=test,DC=example,DC=com
However, all the users from other OUs are still present.
This happens because my getOneFilter looks like this:
&(mail={ma
On Tue, May 19, 2020 at 11:03 AM Clément OUDOT
wrote:
>
>
> Le 18/05/2020 à 18:04, Lior Dotan a écrit :
> > Hi,
> >
> > My original setting had the users base DN set as:
> > OU=test,DC=example,DC=com
> >
> > But since it returned too many users I
On Tue, May 19, 2020 at 11:21 AM Clément OUDOT
wrote:
>
>
> Le 19/05/2020 à 10:14, Lior Dotan a écrit :
> > On Tue, May 19, 2020 at 11:03 AM Clément OUDOT
> > wrote:
> >>
> >> Le 18/05/2020 à 18:04, Lior Dotan a écrit :
> >>> Hi,
> >
On Tue, May 19, 2020 at 12:43 PM Clément OUDOT
wrote:
>
>
> Le 19/05/2020 à 10:29, Lior Dotan a écrit :
> > On Tue, May 19, 2020 at 11:21 AM Clément OUDOT
> > wrote:
> >>
> >> Le 19/05/2020 à 10:14, Lior Dotan a écrit :
> >>> On Tue, May 19, 202
57 matches
Mail list logo
