Hi Luca, I suggest that you look at the following sample configuration that is the use case you are trying to setup : directory to database.
https://lsc-project.org/svn/lsc/trunk/sample/postgresql/<https://lsc-project.org/svn/lsc/trunk/sample/postgresql/etc/lsc.xml> Kind regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2012/6/29 Luca Azzalini <[email protected]> > Hello everyone. > > I'm a newby to LSC-Project. I'm tying to use it to achieve a very basic > need: to populate a database table with data of users stored in MS AD, and > to keep it in synch. > > Unfortunately the "Full Tutorials" section in the wiki contains only > samples in the opposite direction (i.e. from x to LDAP). I wished that the > "ldaptodb" page was there, but it's empty. > > I plan to use LSC in synchronous mode. I want to use sAMAccountName as the > "pivot" attribute. > > In order to keep things as simple as possible, I defined the fields in the > target database table with exactly the same names as the AD fields. I guess > this makes attribute mapping (i.e. the "resultMap" section in the config > file) pointless. > > What happens is that each time I run LSC it *duplicates* the whole set of > users in my source to the target. LSC output the following message: > > All entries: 45, to modify entries: 44, successfully modified entries: > 44, errors: 0 > > but that's false: no record in the db gets modified; instead entries are > duplicated. > > Below you'll find the three configuration files I used. Did I make some > mistake? > > I didn't include any "dataset" section. I'm very confused by the > documentation about it (specifically the "Functional matrix" section in > page http://lsc-project.org/wiki/**documentation/2.0/** > configuration/syncoptions<http://lsc-project.org/wiki/documentation/2.0/configuration/syncoptions>). > I found a note by Clément OUDOT in the lsc-users mailing list archive that > says: > > if you want a direct mapping between attribute >> from source and destination, just declare the attribute in the >> <fetchedAttributes> in source and destination, and do no write any >> <dataset> for it. >> > > > so I excluded the dataset configuration. > > > Any help would be greatly appreciated. Thanks in advance! > > <<<<<<<<<<<<<<<< lsc.xml <<<<<<<<<<<<<<<<<<<<<<< > > <?xml version="1.0"?> > <lsc > xmlns="http://lsc-project.org/**XSD/lsc-core-2.0.xsd<http://lsc-project.org/XSD/lsc-core-2.0.xsd>" > revision="0"> > <connections> > <databaseConnection> > <name>database-dest-conn</**name> > <url>jdbc:sqlserver://**sqlserver.local:1433;**DatabaseName=test_db</url> > <username>test_user</username> > <password>xxxxxxx</password> > <driver>com.microsoft.**sqlserver.jdbc.**SQLServerDriver</driver> > </databaseConnection> > <ldapConnection> > <name>ldap-source-conn</name> > <url>ldap://myserver.local/DC=**local</url> > <username>local/Utenti/admkpo<**/username> > <password>xxxxxxx</password> > <authentication>SIMPLE</**authentication> > <referral>IGNORE</referral> > <derefAliases>NEVER</**derefAliases> > <version>VERSION_3</version> > <pageSize>5000</pageSize> > <factory>com.sun.jndi.ldap.**LdapCtxFactory</factory> > <tlsActivated>false</**tlsActivated> > </ldapConnection> > </connections> > <audits> > <csvAudit> > <name>csv</name> > <append>true</append> > <operations>create, delete</operations> > <file>/tmp/dump.csv</file> > <datasets>cn, dn</datasets> > <separator>,</separator> > </csvAudit> > </audits> > <tasks> > <task> > <name>dbSync</name> > <bean>org.lsc.beans.**SimpleBean</bean> > <ldapSourceService> > <name>ldap-source-service</**name> > <connection reference="ldap-source-conn"/> > <baseDn>DC=vtlab,DC=local</**baseDn> > <pivotAttributes> > <string>sAMAccountName</**string> > </pivotAttributes> > <fetchedAttributes> > <string>mail</string> > <string>sAMAccountName</**string> > <string>otherMailbox</string> > </fetchedAttributes> > <getAllFilter>(sAMAccountName=***)</getAllFilter> > <getOneFilter>(sAMAccountName=**{sAMAccountName})</**getOneFilter> > <cleanFilter>(sAMAccountName={**sAMAccountName})</cleanFilter> > </ldapSourceService> > <databaseDestinationService> > <name>database-dest-service</**name> > <connection reference="database-dest-conn"**/> > <requestNameForList>**getTestUsers</**requestNameForList> > <requestNameForObject>**getTestUser</**requestNameForObject> > <requestsNameForInsert> > <string>insertUser</string> > </requestsNameForInsert> > <requestsNameForUpdate> > <string>updateUser</string> > </requestsNameForUpdate> > <requestsNameForDelete> > <string>deleteUser</string> > </requestsNameForDelete> > </databaseDestinationService> > <propertiesBasedSyncOptions> > <mainIdentifier>srcBean.**getMainIdentifier()</**mainIdentifier> > <defaultDelimiter>;</**defaultDelimiter> > <defaultPolicy>FORCE</**defaultPolicy> > </propertiesBasedSyncOptions> > </task> > </tasks> > <security> > <encryption> > <keyfile>etc/lsc.key</keyfile> > <algorithm>AES</algorithm> > <strength>128</strength> > </encryption> > </security> > </lsc> > > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>**>>>>>>>>>>>>>>>>>>>>>> > > > <<<<<<<<<<<<<<<< Users.xml <<<<<<<<<<<<<<<<<<<<<<<<<<<<< > > <?xml version="1.0" encoding="UTF-8" standalone="no"?> > <!DOCTYPE sqlMap PUBLIC "-//iBATIS.com//DTD SQL Map 2.0//EN" " > http://www.ibatis.com/dtd/**sql-map-2.dtd<http://www.ibatis.com/dtd/sql-map-2.dtd> > "> > <sqlMap namespace="Users"> > <select id="getUser" resultClass="java.util.**HashMap" > parameterClass="java.util.Map"**> > SELECT > sAMAccountName, > mail, > otherMailbox > FROM > aa_tab_users > WHERE > sAMAccountName=#**sAMAccountName# > </select> > <select id="getUsers" resultClass="java.util.**HashMap"> > SELECT > sAMAccountName > FROM > aa_tab_users > </select> > <insert id="insertUser" parameterClass="java.util.Map"**> > INSERT INTO aa_tab_users > (sAMAccountName, mail, otherMailbox) > VALUES > (#sAMAccountName#, #mail#, #otherMailbox#) > </insert> > <update id="updateUser" parameterClass="java.util.Map"**> > UPDATE aa_tab_users > SET mail=#mail#, > otherMailbox=#otherMailbox# > WHERE sAMAccountName=#**sAMAccountName# > </update> > <delete id="deleteUser" parameterClass="java.util.Map"**> > DELETE FROM aa_tab_users WHERE sAMAccountName=#**sAMAccountName# > </delete> > </sqlMap> > > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>**>>>>>>>>>>>>>>>>>>>>>>> > > <<<<<<<<<<<<<<< sql-map-config.xml <<<<<<<<<<<<<<<<<<<<<<<<<< > > <?xml version="1.0" encoding="UTF-8" ?> > <!DOCTYPE sqlMapConfig > PUBLIC "-//ibatis.apache.org//DTD SQL Map Config 2.0//EN" > > "http://ibatis.apache.org/dtd/**sql-map-config-2.dtd<http://ibatis.apache.org/dtd/sql-map-config-2.dtd> > "> > <sqlMapConfig> > <transactionManager type="JDBC"> > <dataSource type="SIMPLE"> > <property value="${driver}" name="JDBC.Driver" /> > <property value="${url}" name="JDBC.ConnectionURL" /> > <property value="${username}" name="JDBC.Username"/> > <property value="${password}" name="JDBC.Password"/> > <property value="15" name="Pool.**MaximumActiveConnections"/> > <property value="15" name="Pool.**MaximumIdleConnections"/> > <property value="1000" name="Pool.MaximumWait"/> > </dataSource> > </transactionManager> > <sqlMap url="file://${lsc.config}/sql-**map-config.d/Users.xml"/> > </sqlMapConfig> > > > >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>**>>>>>>>>>>>>>>>>>>>>>>>>>> > > > > > > > > > > > > ______________________________**______________________________**__________ > Disclaimer:This email and any attachments are sent in strictest confidence > for the sole use of the addressee and may contain legally privileged, > confidential, and proprietary data. If you are not the intended recipient, > please advise the sender by replying promptly to this email and then delete > and destroy this email and any attachments without any further use, copying > or forwarding > ______________________________**______________________________**___ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected].**org <[email protected]> > http://lists.lsc-project.org/**listinfo/lsc-users<http://lists.lsc-project.org/listinfo/lsc-users> >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
