HI, I cannot get the configuration of my LDAP Identity Store right. What I want is a synchronization of user, groups and group memberships, meaning that everything change in Syncope is propagated to LDAP and vice-versa.
With my current configuration below, I am able to pull users from LDAP (pull task) and propagate new users to LDAP when created in Syncope. What is not working is the synchronization of users existing in both systems. Syncope claims about a missing remote key. This is particularly strange when creating a user in Syncope. On the result screen of the user creation, the remote key is correctly display. When I close that screen and open the "Manage resources" dialog for that user, the remote key is gone and thus propagation of updates to LDAP fails. Any hints would be greatly appreciated! Regards, Martin I'm using OpenLDAP. The tree looks like this dc=example,dc=com · ou=people o uid=johndoe o ... · ou=groups o cn=testgroup Here is the configuration of the LDAP connector (properties not listed were not touched = default value) Bundle net.tirasa.connid.bundles.ldap Host localhost TCP Port 389 Principal cn=syncope,dc=exmaple,dc=com Password ****** Base Contexts dc=exmaple,dc=com Password Attribute userPassword Account Object Classes top, person, organizationalPerson, inetOrgPerson Account User Name Attributes uid, cn Group Object Classes top, groupOfuniqueNames Group Name Attributes cn Group Member Attribute uniqueMember Maintain LDAP Group Membership [(Haken)] Password Hash Algorithm SSHA VLV Sort Attribute uid Uid Attribute entryUUID Read Schema [(Haken)] Base Contexts to Synchronize (leer) Object Classes to Synchronize inetOrgPerson, groupOfUniqueNames Attributes to Synchronize (leer) Remove Log Entry Object Class from Filter [(Haken)] Enable Password Synchronization [(Fehler)] Status management class net.tirasa.connid.bundles.ldap.commons.AttributeStatusManagement Capabilities (all selected) And this is the configuration of my LDAP resource: Propagation Actions LDAPPAsswordPropagationAction LDAPMembershipPropagationAction Override Capabilities? [(Fehler)] Account Policy (none) Password Policy (none) Pull Policy (none)) Finally, the mapping configuration Type User Object Class __ACCOUNT__ Mapping username Int: username ext: uid Remote key: yes Mapping email Int: email Ext: mail Mapping password Int: password Ext: userPassword Password: yes Object Link 'uid=' + username + ',ou=people,dc=example,dc=com'
