Re: [lsc-users] writing a config file

Alexander Amaral Tue, 14 Aug 2012 22:05:16 -0700

I ran into this too.. I had to set the values exactly in the order as laid out in the schema:

            <xsd:extension base="serviceType">
                <xsd:sequence>
                    <xsd:element name="baseDn" type="xsd:string" />
                    <xsd:element name="pivotAttributes" type="valuesType" minOccurs="0" />
                    <xsd:element name="fetchedAttributes" type="valuesType" minOccurs="0" />
                    <xsd:choice>
                        <xsd:element name="getAllFilter" type="xsd:string" />
                        <xsd:element name="allFilter" type="xsd:string" />
                    </xsd:choice>
                    <xsd:choice>
                        <xsd:element name="getOneFilter" type="xsd:string" />
                        <xsd:element name="oneFilter" type="xsd:string" />
                    </xsd:choice>
                </xsd:sequence>
            </xsd:extension>

On 8/14/2012 9:38 PM, Jurgen Weber wrote:

ok, thanks... I am now stuck at:

Aug 15 13:44:15 - ERROR - org.lsc.exception.LscConfigurationException: javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'pivotAttributes'. One of '{"http://lsc-project.org/XSD/lsc-core-2.0.xsd":cleanFilter, "http://lsc-project.org/XSD/lsc-core-2.0.xsd":filterAsync, "http://lsc-project.org/XSD/lsc-core-2.0.xsd":dateFormat, "http://lsc-project.org/XSD/lsc-core-2.0.xsd":interval}' is expected.]
org.lsc.exception.LscConfigurationException: javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'pivotAttributes'. One of '{"http://lsc-project.org/XSD/lsc-core-2.0.xsd":cleanFilter, "http://lsc-project.org/XSD/lsc-core-2.0.xsd":filterAsync, "http://lsc-project.org/XSD/lsc-core-2.0.xsd":dateFormat, "http://lsc-project.org/XSD/lsc-core-2.0.xsd":interval}' is expected.]

with the config file:
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd" revision="0">
<connections>
    <ldapConnection>
       <name>AD</name>
       <url>ldap://ad.nav.matrix:389/dc=asdfasdf,dc=local</url>
       <username>CN=Administrator,CN=Users,DC=asdfasdf,DC=local</username>
       <password>asdf</password>
       <authentication>SIMPLE</authentication>
       <pageSize>1000</pageSize>
    </ldapConnection>
    <ldapConnection>
       <name>openldap</name>
       <url>ldap://asdf.asdf.asdf:389/dc=matrix</url>
       <username>cn=asdf,dc=matrix</username>
       <password>asdf</password>
       <authentication>SIMPLE</authentication>
    </ldapConnection>
</connections>
<tasks>
    <task>
      <name>adUser</name>
      <bean>org.lsc.beans.SimpleBean</bean>
      <ldapSourceService>
        <name>openldap-src-service</name>
    <connection reference="openldap" />
        <baseDn>ou=People</baseDn>
        <getAllFilter>(objectClass=posixAccount)</getAllFilter>
        <getOneFilter>(&(objectClass=posixAccount)(uid={uid}))</getOneFilter>
        <cleanFilter>(&(objectClass=posixAccount)(uid=*))</cleanFilter>
    <filterAsync>modifytimestamp>={0}</filterAsync>
    <dateFormat>yyyyMMddHHmmss</dateFormat>
    <interval>5</interval>
        <pivotAttributes><string>uid</string></pivotAttributes>
    <fetchedAttributes>
    <string>cn</string>
    <string>ns</string>
    <string>objectclass</string>
    <string>uid</string>
    <string>mail</string>
    <string>userPassword</string>
    <string>sambaNTPassword</string>
    </fetchedAttributes>
      </ldapSourceService>
      <ldapDestinationService>
        <name>ad-dst-service</name>
    <connection reference="AD" />
        <baseDn>CN=Users</baseDn>
        <getAllFilter>(&(sAMAccountName=*)(objectClass=user))</getAllFilter>
        <getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter>
        <pivotAttributes><string>sAMAccountName</string></pivotAttributes>
    <fetchedAttributes>
    <string>cn</string>
    <string>ns</string>
    <string>objectclass</string>
    <string>uid</string>
    <string>mail</string>
    <string>userPassword</string>
    <string>sambaNTPassword</string>
    </fetchedAttributes>
      </ldapDestinationService>
</task>
</tasks>
<audits>
     <audit>
    <csv>
    <filename>/tmp/audit.csv</filename>
    <append>true</append>
    <operations>create, delete</operations>
    <attrs>cn;dn;uid</attrs>
    <separator>,</separator>
    <outputHeader>true</outputHeader>
    </csv>
     </audit>
     <audit>
    <ldif>
    <filename>/tmp/audit.csv</filename>
    <append>true</append>
    <operations>create, delete</operations>
    <logOnlyLdif>true</LogOnlyLdif>
    </ldif>
     </audit>
</audits>
<security>
    <encryption>
      <keyfile>$LSC_HOME/etc/lsc.key</keyfile>
      <algorithm>AES</algorithm>
      <strength>128</strength>
    </encryption>
</security>
</lsc>

any ideas?

Thanks

On 15/08/12 13:09, dunkan wrote:
Yea I think most of the tutorials are outdated, look at http://lsc-project.org/wiki/documentation/2.0/configuration/service/sourceldap to see the syntax.
Here is an example that I was using, some of it is optional.

<tasks>

<task>

<name>adUser</name>

<bean>org.lsc.beans.SimpleBean</bean>

<ldapSourceService>

<name>ad-src-service</name>

<connection reference="AD" />

<baseDn>cn=Users,dc=itlab,dc=example,dc=com</baseDn>

<pivotAttributes><string>sAMAccountName</string></pivotAttributes>

<fetchedAttributes>

<string>title</string>

<string>cn</string>

<string>uid</string>

<string>uidNumber</string>

<string>gidNumber</string>

<string>sAMAccountName</string>

<string>loginShell</string>

<string>homeDirectory</string>

<string>unixuserpassword</string>

</fetchedAttributes>

<getAllFilter>(& (objectClass=user) (sAMAccountName=*) (uidNumber=*))</getAllFilter>

<getOneFilter>(& (objectClass=user) (uidNumber=*)(sAMAccountName={sAMAccountName}) )</getOneFilter>

<cleanFilter>(& (objectClass=user) (sAMAccountName=*) (uidNumber=*))</cleanFilter>

</ldapSourceService>
-Joel
On Tue, Aug 14, 2012 at 7:57 PM, Jurgen Weber <[email protected]> wrote:
Yeah, thanks. That has gotten me further. ;) So simple.

Now I have a

Aug 15 12:40:08 - ERROR - org.lsc.exception.LscConfigurationException: javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'source'. One of '{"http://lsc-project.org/XSD/lsc-core-2.0.xsd":bean}' is expected.]
org.lsc.exception.LscConfigurationException: javax.xml.bind.UnmarshalException
- with linked exception:
[org.xml.sax.SAXParseException: cvc-complex-type.2.4.a: Invalid content was found starting with element 'source'. One of '{"http://lsc-project.org/XSD/lsc-core-2.0.xsd":bean}' is expected.]
    at org.lsc.configuration.JaxbXmlConfigurationHelper.getConfiguration(JaxbXmlConfigurationHelper.java:172) ~[lsc-core-2.0.jar:na]

the problem seems to be this bit:

<task>
      <name>adUser</name>
      <source class="ldapSrcService">
        <name>ad-src-service</name>
        <baseDn>cn=Users</baseDn>

I pulled this from:

http://lsc-project.org/wiki/documentation/2.0/tutorials/openldaptoactivedirectory

So it looks like the tutorial is no longer valid? Is this from 1.? or something and 2.0 has different syntax?

Jurgen
On 15/08/12 12:49, dunkan wrote:

Hi Jurgen,

Add the xmlns to your lsc element, something like this:

<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd" id="1" revision="0">

-Joel

On Tue, Aug 14, 2012 at 5:04 PM, Jurgen Weber <[email protected]> wrote:

Hi

I am trying to sync from openldap to AD and I can not get the xml to work.... All I get is the following exception:

[org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'lsc'.]

and yes, I have the element defined. Using version 2.0. Config file:

<lsc>
<connections>
<ldapConnection>
<id>AD</id>
<authentication>simple</authentication>
<url>ldap://asdfasdf:389/dc=asdf,dc=local</url>
<username>CN=Administrator,CN=Users,DC=asdf,DC=local</username>
<password>asdf</password>
<pageSize>1000</pageSize>
</ldapConnection>
<ldapConnection>
<id>openldap</id>
<authentication>SIMPLE</authentication>
<url>ldap://asdf:389/dc=matrix</url>
<username>cn=admin,dc=matrix</username>
<password>asdf</password>
</ldapConnection>
</connections>
<tasks>
<task>
<name>adUser</name>
<source class="ldapSrcService">
<name>ad-src-service</name>
<baseDn>cn=Users</baseDn>
<getAllFilter>(&(sAMAccountName=*)(objectClass=user))</getAllFilter>
<getOneFilter>(&(objectClass=inetOrgPerson)(uid={uid}))</getOneFilter>
<pivotAttributes><string>sAMAccountName</string></pivotAttributes>
</source>
<destination class="ldapDstService">
<name>openldap-dst-service</name>
<baseDn>ou=People</baseDn>
<getAllFilter>(&(uid=*)(objectClass=posixAccount))</getAllFilter>
<getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter>
<pivotAttributes><string>uid</string></pivotAttributes>
</destination>
<propertiesBasedSyncOptions>
<mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") + ",ou=users"</mainIdentifier>
<defaultPolicy>FORCE</defaultPolicy>
<defaultDelimiter>;</defaultDelimiter>
<dataset>
<name>objectClass</name>
<policy>FORCE</policy>
<forceValues>
<string>"top";"user";"person";"organizationalPerson"</string>
</forceValues>
</dataset>
<dataset>
<name>sAMAccountName</name>
<policy>KEEP</policy>
<createValues>
<string>srcBean.getDatasetFirstValueById("uid")</string>
</createValues>
</dataset>
<dataset>

<name>userPrincipalName</name>
<policy>FORCE</policy>
<forceValues>
<string>srcBean.getDatasetFirstValueById("uid") + "@asdf.local"</string>
</forceValues>
</dataset>
<dataset>
<name>userAccountControl</name>
<policy>KEEP</policy>
<createValues>
<string>AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT])</string>
</createValues>
</dataset>
<dataset>

<name>pwdLastSet</name>
<policy>KEEP</policy>
<createValues>
<string>"1"</string>
</createValues>
</dataset>
<dataset>

<name>unicodePwd</name>
<policy>KEEP</policy>
<createValues>
<string>AD.getUnicodePwd("changeit")</string>
</createValues>
</dataset>
</>
</task>
</tasks>
</lsc>

So what is wrong with this?

Thanks

--
Jurgen Weber

Systems Engineer
IT Infrastructure Team Leader

THE ICONIC | E [email protected] | www.theiconic.com.au

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
-- 
Jurgen Weber

Systems Engineer
IT Infrastructure Team Leader 
THE ICONIC | E [email protected] | www.theiconic.com.au
-- 
Jurgen Weber

Systems Engineer
IT Infrastructure Team Leader 

THE ICONIC | E [email protected] | www.theiconic.com.au
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Re: [lsc-users] writing a config file

Reply via email to