Hi again, and thanks for all the help with LSC so far!
I'm now trying to sync groups from LDAP to AD, and I'm getting
WILL_NOT_PERFORM from AD. I have a bit of JavaScript that is intended
to create the list of group members (excerpt):
<dataset>
<name>member</name>
<policy>FORCE</policy>
<forceValues>
<string>
<![CDATA[js:
var umembers = srcBean.getAttributeValuesById("memberUid").toArray() ;
for (var i=0; i<umembers.length; i++ ) {
try {
umembers[i] = ldap.attribute(ldap.list( "CN=Users",
"(sAMAccountName=" + umembers[i] + ")" ).get(0),
'distinguishedname').get(0);
} catch (e) {
umembers[i]=null;
}
}
var members = new Array();
var j=0;
for (var i=0; i<umembers.length; i++) {
if (umembers[i]!==null) {
members[j++]=umembers[i];
}
}
members
]]>
</string>
</forceValues>
</dataset>
...but I must have got something wrong. It seems to be trying to write
out some sort of reference to the attributes rather than the text of the
attribute itself:
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": List of attributes considered
for writing in destination: [member, samAccountName, cn, description,
name, objectClass]
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "member" is in FORCE
status
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Adding attribute "member" with
values [sun.org.mozilla.javascript.internal.NativeJavaObject@4ca68fd8,
sun.org.mozilla.javascript.internal.NativeJavaObject@410d3f0d,
sun.org.mozilla.javascript.internal.NativeJavaObject@2e097617,
sun.org.mozilla.javascript.internal.NativeJavaObject@4b2dd538,
sun.org.mozilla.javascript.internal.NativeJavaObject@6f27f79d,
sun.org.mozilla.javascript.internal.NativeJavaObject@782cbc86,
sun.org.mozilla.javascript.internal.NativeJavaObject@1638fff7]
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "samAccountName" is
in FORCE status
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "samAccountName" will
not be written to the destination
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "cn" is in FORCE status
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "cn" will not be
written to the destination
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "description" is in
FORCE status
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "description" will
not be written to the destination
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "name" is in FORCE status
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "name" will not be
written to the destination
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "objectClass" is in
FORCE status
Jun 29 12:06:54 - DEBUG - In object
"CN=safety,CN=Users,DC=example,DC=net": Attribute "objectClass" will
not be written to the destination
Jun 29 12:06:54 - ERROR - Error while modifying entry
CN=safety,CN=Users,DC=example,DC=net in directory
:javax.naming.OperationNotSupportedException: [LDAP: error code 53 -
0000054F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
]; remaining name 'CN=safety,CN=Users'
Jun 29 12:06:54 - ERROR - Error while synchronizing ID
CN=safety,CN=Users,DC=example,DC=net: java.lang.Exception: Technical
problem while applying modifications to the destination
Jun 29 12:06:54 - DEBUG - java.lang.Exception: Technical problem while
applying modifications to the destination
java.lang.Exception: Technical problem while applying modifications to
the destination
at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:746)
[lsc-core-trunk-SNAPSHOT.jar:na]
at org.lsc.SynchronizeTask.run(AbstractSynchronize.java:646)
[lsc-core-trunk-SNAPSHOT.jar:na]
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
[na:1.6.0_24]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
[na:1.6.0_24]
at java.lang.Thread.run(Thread.java:662) [na:1.6.0_24]
dn: CN=safety,CN=Users,DC=example,DC=net
changetype: modify
replace: member
member: sun.org.mozilla.javascript.internal.NativeJavaObject@4ca68fd8
member: sun.org.mozilla.javascript.internal.NativeJavaObject@410d3f0d
member: sun.org.mozilla.javascript.internal.NativeJavaObject@2e097617
member: sun.org.mozilla.javascript.internal.NativeJavaObject@4b2dd538
member: sun.org.mozilla.javascript.internal.NativeJavaObject@6f27f79d
member: sun.org.mozilla.javascript.internal.NativeJavaObject@782cbc86
member: sun.org.mozilla.javascript.internal.NativeJavaObject@1638fff7
Jun 29 12:06:54 - ERROR - All entries: 1, to modify entries: 1,
successfully modified entries: 0, errors: 1
2012/06/29 12:06:55 [lsc] LSC finished running
Any idea where I went wrong?
Full lsc.xml at http://pastebin.com/PB11mzWr
By the way, I am running the latest SVN (r1764) now... was hoping
upgrading from RC2 might help, but no.
Thanks!
--
Roy McMorran
Systems Administrator
MDI Biological Laboratory
[email protected]
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
