Re: Synchronized LDAP users got UUID assigned as username

Mon, 29 Apr 2013 05:46:48 -0700 

On 29/04/2013 12:51, Oliver Wulff wrote:



Didn't know that I can skip it. Can you shed some light on the purpose 
of RoleOwnerSchema?





The main purpose of role owner in Syncope is to track and be able to 
manage the group owner information, available in either LDAP and Active 
Directory, for groups.



Additionally, as reported in SYNCOPE-225, "Role owner will be 
automatically entitled to make modifications on the owned role and on 
all descendants with inheritOwner = true"; this applies both when role 
owner is an user or another role.



RoleOwnerSchema is a handful shortcut for generating the group owner 
information in a suitable form (DN, for LDAP).


Hope this clarifies a bit.
Regards.


------------------------------------------------------------------------
*From:* Francesco Chicchiriccò [[email protected]]
*Sent:* 29 April 2013 11:27
*To:* [email protected]
*Subject:* Re: Synchronized LDAP users got UUID assigned as username

On 28/04/2013 15:05, Oliver Wulff wrote:



It worked using cn (if I choose uid then only synchronization did 
work but not propagation).



I've also tried to configure the roles but I can't save my resource 
setting. I get the following error:


[RequiredValuesMissing [intAttrName]]



Bug confirmed: I have created SYNCOPE-368 [1] for this.

As temporary workaround, just don't use RoleOwnerSchema.

HTH
Regards.

[1] https://issues.apache.org/jira/browse/SYNCOPE-368


------------------------------------------------------------------------
*From:* Francesco Chicchiriccò [[email protected]]
*Sent:* 26 April 2013 14:24
*To:* [email protected]
*Subject:* Re: Synchronized LDAP users got UUID assigned as username

On 26/04/2013 08:28, Marco Di Sabatino Di Diodoro wrote:

Hi Oliver,

On Apr 25, 2013, at 10:05 PM, Oliver Wulff wrote:


Hi there


I've set up an LDAP connector and corresponding resource. The 
import/synchronization works fine (for all attributes defined in my 
user schema) but the username got assigned a UUID instead of the 
username I defined as account link:

'uid=' + username + ',o=users,dc=fediz,dc=org'
or
Account User Name Attributes (uid).



In the Ldap Connector configuration you must set the Uid Attribute 
Field with value uid.


Or to "cn", if using roles as well.

I have reported some more information at 
http://blog.tirasa.net/blogs/index.php/ilgrosso/unlock-full-ldap-features-in



I've set up the LDAP connector based on the docs here:
https://connid.atlassian.net/wiki/display/BASE/LDAP


But my synchronized users got assigned a username with a UUID - not 
stored in my LDAP directory.


What am I doing wrong?


--
Francesco Chicchiriccò

ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/























					Reply via email to