>>>
Or to "cn", if using roles as well.
>>>
You said the uid attribute name should be cn if using roles as well. I've
configured uid because cn is usually the full name in an ldap directory (as
mentioned before).
How, I've configured the roles and get the following exception:
[LDAP: error code 65 - OBJECT_CLASS_VIOLATION: failed for MessageType :
ADD_REQUEST
Message ID : 14
Add Request :
Entry
dn[n]: cn=TestRole,ou=groups,dc=fediz,dc=org
objectClass: groupOfNames
objectClass: top
member: uid=admin,ou=system
uid: TestRole
cn: TestRole
: ERR_277 Attribute uid not declared in objectClasses of entry
cn=TestRole,ou=groups,dc=fediz,dc=org]
Is this the reason why you mentioned this?
If yes, then I think it makes sense to provide two configuration items, one for
group and one for the user.
Thanks
Oli
________________________________
From: Oliver Wulff [[email protected]]
Sent: 29 April 2013 20:40
To: [email protected]
Subject: RE: Synchronized LDAP users got UUID assigned as username
Hi Francesco
I've configured my connector now to use uid for the uid attribute instead of
cn. Usually, cn is the fullname and not the login name (marriage, divorce, etc.
-> name change) which would finally result into having the fullname as the
login id (username) in syncope. Provisioning didn't work before for me because
cn is a mandatory attribute. Therfore, I've created a derived attribute
fullname in the schema and configured a mapping for internal "fullname" to
external "cn" and it worked.
Thanks
Oli
________________________________
From: Francesco Chicchiriccò [[email protected]]
Sent: 26 April 2013 14:24
To: [email protected]
Subject: Re: Synchronized LDAP users got UUID assigned as username
On 26/04/2013 08:28, Marco Di Sabatino Di Diodoro wrote:
Hi Oliver,
On Apr 25, 2013, at 10:05 PM, Oliver Wulff wrote:
Hi there
I've set up an LDAP connector and corresponding resource. The
import/synchronization works fine (for all attributes defined in my user
schema) but the username got assigned a UUID instead of the username I defined
as account link:
'uid=' + username + ',o=users,dc=fediz,dc=org'
or
Account User Name Attributes (uid).
In the Ldap Connector configuration you must set the Uid Attribute Field with
value uid.
Or to "cn", if using roles as well.
I have reported some more information at
http://blog.tirasa.net/blogs/index.php/ilgrosso/unlock-full-ldap-features-in
I've set up the LDAP connector based on the docs here:
https://connid.atlassian.net/wiki/display/BASE/LDAP
But my synchronized users got assigned a username with a UUID - not stored in
my LDAP directory.
What am I doing wrong?
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/
