ok, thanks... I am now stuck at:
Aug 15 13:44:15 - ERROR - org.lsc.exception.LscConfigurationException:
javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content
was found starting with element 'pivotAttributes'. One of
'{"http://lsc-project.org/XSD/lsc-core-2.0.xsd":cleanFilter,
"http://lsc-project.org/XSD/lsc-core-2.0.xsd":filterAsync,
"http://lsc-project.org/XSD/lsc-core-2.0.xsd":dateFormat,
"http://lsc-project.org/XSD/lsc-core-2.0.xsd":interval}' is expected.]
org.lsc.exception.LscConfigurationException:
javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content
was found starting with element 'pivotAttributes'. One of
'{"http://lsc-project.org/XSD/lsc-core-2.0.xsd":cleanFilter,
"http://lsc-project.org/XSD/lsc-core-2.0.xsd":filterAsync,
"http://lsc-project.org/XSD/lsc-core-2.0.xsd":dateFormat,
"http://lsc-project.org/XSD/lsc-core-2.0.xsd":interval}' is expected.]
with the config file:
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; revision="0">
<connections>
<ldapConnection>
<name>AD</name>
<url>ldap://ad.nav.matrix:389/dc=asdfasdf,dc=local</url>
<username>CN=Administrator,CN=Users,DC=asdfasdf,DC=local</username>
<password>asdf</password>
<authentication>SIMPLE</authentication>
<pageSize>1000</pageSize>
</ldapConnection>
<ldapConnection>
<name>openldap</name>
<url>ldap://asdf.asdf.asdf:389/dc=matrix</url>
<username>cn=asdf,dc=matrix</username>
<password>asdf</password>
<authentication>SIMPLE</authentication>
</ldapConnection>
</connections>
<tasks>
<task>
<name>adUser</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>openldap-src-service</name>
<connection reference="openldap" />
<baseDn>ou=People</baseDn>
<getAllFilter>(objectClass=posixAccount)</getAllFilter>
<getOneFilter>(&(objectClass=posixAccount)(uid={uid}))</getOneFilter>
<cleanFilter>(&(objectClass=posixAccount)(uid=*))</cleanFilter>
<filterAsync>modifytimestamp>={0}</filterAsync>
<dateFormat>yyyyMMddHHmmss</dateFormat>
<interval>5</interval>
<pivotAttributes><string>uid</string></pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>ns</string>
<string>objectclass</string>
<string>uid</string>
<string>mail</string>
<string>userPassword</string>
<string>sambaNTPassword</string>
</fetchedAttributes>
</ldapSourceService>
<ldapDestinationService>
<name>ad-dst-service</name>
<connection reference="AD" />
<baseDn>CN=Users</baseDn>
<getAllFilter>(&(sAMAccountName=*)(objectClass=user))</getAllFilter>
<getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter>
<pivotAttributes><string>sAMAccountName</string></pivotAttributes>
<fetchedAttributes>
<string>cn</string>
<string>ns</string>
<string>objectclass</string>
<string>uid</string>
<string>mail</string>
<string>userPassword</string>
<string>sambaNTPassword</string>
</fetchedAttributes>
</ldapDestinationService>
</task>
</tasks>
<audits>
<audit>
<csv>
<filename>/tmp/audit.csv</filename>
<append>true</append>
<operations>create, delete</operations>
<attrs>cn;dn;uid</attrs>
<separator>,</separator>
<outputHeader>true</outputHeader>
</csv>
</audit>
<audit>
<ldif>
<filename>/tmp/audit.csv</filename>
<append>true</append>
<operations>create, delete</operations>
<logOnlyLdif>true</LogOnlyLdif>
</ldif>
</audit>
</audits>
<security>
<encryption>
<keyfile>$LSC_HOME/etc/lsc.key</keyfile>
<algorithm>AES</algorithm>
<strength>128</strength>
</encryption>
</security>
</lsc>
any ideas?
Thanks
On 15/08/12 13:09, dunkan wrote:
Yea I think most of the tutorials are outdated, look at
http://lsc-project.org/wiki/documentation/2.0/configuration/service/sourceldap to
see the syntax.
Here is an example that I was using, some of it is optional.
<tasks>
<task>
<name>adUser</name>
<bean>org.lsc.beans.SimpleBean</bean>
<ldapSourceService>
<name>ad-src-service</name>
<connection reference="AD" />
<baseDn>cn=Users,dc=itlab,dc=example,dc=com</baseDn>
<pivotAttributes><string>sAMAccountName</string></pivotAttributes>
<fetchedAttributes>
<string>title</string>
<string>cn</string>
<string>uid</string>
<string>uidNumber</string>
<string>gidNumber</string>
<string>sAMAccountName</string>
<string>loginShell</string>
<string>homeDirectory</string>
<string>unixuserpassword</string>
</fetchedAttributes>
<getAllFilter>(& (objectClass=user) (sAMAccountName=*)
(uidNumber=*))</getAllFilter>
<getOneFilter>(& (objectClass=user)
(uidNumber=*)(sAMAccountName={sAMAccountName}) )</getOneFilter>
<cleanFilter>(& (objectClass=user) (sAMAccountName=*)
(uidNumber=*))</cleanFilter>
</ldapSourceService>
-Joel
On Tue, Aug 14, 2012 at 7:57 PM, Jurgen Weber
<[email protected] <mailto:[email protected]>>
wrote:
Yeah, thanks. That has gotten me further. ;) So simple.
Now I have a
Aug 15 12:40:08 - ERROR -
org.lsc.exception.LscConfigurationException:
javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid
content was found starting with element 'source'. One of
'{"http://lsc-project.org/XSD/lsc-core-2.0.xsd";
<http://lsc-project.org/XSD/lsc-core-2.0.xsd>:bean}' is expected.]
org.lsc.exception.LscConfigurationException:
javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid
content was found starting with element 'source'. One of
'{"http://lsc-project.org/XSD/lsc-core-2.0.xsd";
<http://lsc-project.org/XSD/lsc-core-2.0.xsd>:bean}' is expected.]
at
org.lsc.configuration.JaxbXmlConfigurationHelper.getConfiguration(JaxbXmlConfigurationHelper.java:172)
~[lsc-core-2.0.jar:na]
the problem seems to be this bit:
<task>
<name>adUser</name>
<source class="ldapSrcService">
<name>ad-src-service</name>
<baseDn>cn=Users</baseDn>
I pulled this from:
http://lsc-project.org/wiki/documentation/2.0/tutorials/openldaptoactivedirectory
So it looks like the tutorial is no longer valid? Is this from 1.?
or something and 2.0 has different syntax?
Jurgen
On 15/08/12 12:49, dunkan wrote:
Hi Jurgen,
Add the xmlns to your lsc element, something like this:
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; id="1"
revision="0">
-Joel
On Tue, Aug 14, 2012 at 5:04 PM, Jurgen Weber
<[email protected]
<mailto:[email protected]>> wrote:
Hi
I am trying to sync from openldap to AD and I can not get the
xml to work.... All I get is the following exception:
[org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the
declaration of element 'lsc'.]
and yes, I have the element defined. Using version 2.0.
Config file:
<lsc>
<connections>
<ldapConnection>
<id>AD</id>
<authentication>simple</authentication>
<url>ldap://asdfasdf:389/dc=asdf,dc=local</url>
<username>CN=Administrator,CN=Users,DC=asdf,DC=local</username>
<password>asdf</password>
<pageSize>1000</pageSize>
</ldapConnection>
<ldapConnection>
<id>openldap</id>
<authentication>SIMPLE</authentication>
<url>ldap://asdf:389/dc=matrix</url>
<username>cn=admin,dc=matrix</username>
<password>asdf</password>
</ldapConnection>
</connections>
<tasks>
<task>
<name>adUser</name>
<source class="ldapSrcService">
<name>ad-src-service</name>
<baseDn>cn=Users</baseDn>
<getAllFilter>(&(sAMAccountName=*)(objectClass=user))</getAllFilter>
<getOneFilter>(&(objectClass=inetOrgPerson)(uid={uid}))</getOneFilter>
<pivotAttributes><string>sAMAccountName</string></pivotAttributes>
</source>
<destination class="ldapDstService">
<name>openldap-dst-service</name>
<baseDn>ou=People</baseDn>
<getAllFilter>(&(uid=*)(objectClass=posixAccount))</getAllFilter>
<getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter>
<pivotAttributes><string>uid</string></pivotAttributes>
</destination>
<propertiesBasedSyncOptions>
<mainIdentifier>"cn=" +
srcBean.getDatasetFirstValueById("cn") +
",ou=users"</mainIdentifier>
<defaultPolicy>FORCE</defaultPolicy>
<defaultDelimiter>;</defaultDelimiter>
<dataset>
<name>objectClass</name>
<policy>FORCE</policy>
<forceValues>
<string>"top";"user";"person";"organizationalPerson"</string>
</forceValues>
</dataset>
<dataset>
<name>sAMAccountName</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("uid")</string>
</createValues>
</dataset>
<dataset>
<!-- userPrincipalName = uid + "@lsc-project.org
<http://lsc-project.org>" -->
<name>userPrincipalName</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("uid") +
"@asdf.local"</string>
</forceValues>
</dataset>
<dataset>
<name>userAccountControl</name>
<policy>KEEP</policy>
<createValues>
<string>AD.userAccountControlSet( "0",
[AD.UAC_SET_NORMAL_ACCOUNT])</string>
</createValues>
</dataset>
<dataset>
<!-- pwdLastSet = 0 to force user to change password on
next connection -->
<name>pwdLastSet</name>
<policy>KEEP</policy>
<createValues>
<string>"1"</string>
</createValues>
</dataset>
<dataset>
<!-- unicodePwd = "changeit" at creation (requires SSL
connection to AD) -->
<name>unicodePwd</name>
<policy>KEEP</policy>
<createValues>
<string>AD.getUnicodePwd("changeit")</string>
</createValues>
</dataset>
</>
</task>
</tasks>
</lsc>
So what is wrong with this?
Thanks
--
Jurgen Weber
Systems Engineer
IT Infrastructure Team Leader
THE ICONIC | E [email protected]
<mailto:[email protected]> | www.theiconic.com.au
<http://www.theiconic.com.au>
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
<mailto:[email protected]>
http://lists.lsc-project.org/listinfo/lsc-users
--
Jurgen Weber
Systems Engineer
IT Infrastructure Team Leader
THE ICONIC | [email protected]
<mailto:[email protected]> |www.theiconic.com.au
<http://www.theiconic.com.au>
--
Jurgen Weber
Systems Engineer
IT Infrastructure Team Leader
THE ICONIC | E [email protected] | www.theiconic.com.au
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
