Hi CF, Can you check some items :
- Set and export the CA certificate used in AD (see http://confluence.atlassian.com/display/CROWD/Configuring+an+SSL+Certificate+for+Microsoft+Active+Directory ) - Import the certificate in the JVM or in your own SSL truststore (see SSL and TLS activation<http://lsc-project.org/wiki/documentation/1.2/howtos/ssltls> ) - Use ldaps in the AD URI in lsc.properties (* dst.java.naming.provider.url*) The good settings should be : lsc.syncoptions.ADuser.unicodePwd.action = F lsc.syncoptions.ADuser.unicodePwd.create_value = AD.getUnicodePwd(srcBean.getAttributeValueById("initPassword")) Kind regards, -- Sebastien BAHLOUL IAM / Security specialist Ldap Synchronization Connector : http://lsc-project.org Blog : http://sbahloul.wordpress.com/ 2012/7/9 C.F. Yeung <[email protected]> > I have stored initial plain text password as "initPassword" in database. > The following syntax are not working. What is correct syntax to generate > the AD password via lsc 1.2.2? > > > =========================================================================================== > Description field shows that > the srcBean.getAttributeValueById("initPassword") is the correct stored > initial plain text password. > > =========================================================================================== > lsc.syncoptions.MySyncTask.description.action = K > lsc.syncoptions.MySyncTask.description.default_value = > srcBean.getAttributeValueById("initPassword") > ======================== > End of description > ======================== > > ================================== > All of the followings are not working > ================================== > lsc.syncoptions.MySyncTask.unicodePwd.action = K > lsc.syncoptions.MySyncTask.unicodePwd.create_value = > AD.getUnicodePwd("srcBean.getAttributeValueById("initPassword")") > lsc.syncoptions.MySyncTask.unicodePwd.action = K > lsc.syncoptions.MySyncTask.unicodePwd. default _value = > AD.getUnicodePwd("srcBean.getAttributeValueById("initPassword")") > lsc.syncoptions.MySyncTask.unicodePwd.action = K > lsc.syncoptions.MySyncTask.unicodePwd.create_value = > AD.getUnicodePwd(srcBean.getAttributeValueById("initPassword")) > lsc.syncoptions.MySyncTask.unicodePwd.action = K > lsc.syncoptions.MySyncTask.unicodePwd. default _value = > AD.getUnicodePwd(srcBean.getAttributeValueById("initPassword")) > lsc.syncoptions.MySyncTask.unicodePwd.action = K > lsc.syncoptions.MySyncTask.unicodePwd.create_value = > AD.getUnicodePwd("changeit") > lsc.syncoptions.MySyncTask.unicodePwd.action = K > lsc.syncoptions.MySyncTask.unicodePwd.default_value = > AD.getUnicodePwd("changeit") > lsc.syncoptions.MySyncTask.unicodePwd.action = F > lsc.syncoptions.MySyncTask.unicodePwd.force_value = > AD.getUnicodePwd("changeit") > ======================================== > End. Many other combinations are not working either > ======================================== > > It is very strange that the following syntax is working. But, the password > becomes text string srcBean.getAttributeValueById("initPassword") instead > of the plain text password stored in DB. > ====================================== > Working syntax, but not the password stored > ====================================== > lsc.syncoptions.MySyncTask.unicodePwd.action = F > lsc.syncoptions.MySyncTask.unicodePwd.force_value = > AD.getUnicodePwd('srcBean.getAttributeValueById("initPassword")') > =================== > End > =================== > > Thanks, > CF > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users > >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
