[lsc-users] Help with clean phase

[dunkan]

Hey there,

I am nearly ready to use LSC in production syncing our AD to
LDAP environment. There is one last problem that I thought I had a handle
one, but testing is leaving me baffled.

I can add and update entries without a problem, but deleting them does not
seem to work out. I believe I need to use the clean phase in order to
delete, but regardless of the cleanfilter I set it always deletes all
entries.

I tried both of these:

        <getAllFilter>(&amp; (objectClass=user) (sAMAccountName=*)
(uidNumber=*))</getAllFilter>
        <getOneFilter>(&amp; (objectClass=user)
(uidNumber=*)(sAMAccountName={sAMAccountName}) )</getOneFilter>

<cleanFilter>(&amp;(objectClass=posixAccount)(uid={sAMAccountName}))</cleanFilter>

        <getAllFilter>(&amp; (objectClass=user) (sAMAccountName=*)
(uidNumber=*))</getAllFilter>
        <getOneFilter>(&amp; (objectClass=user)
(uidNumber=*)(sAMAccountName={sAMAccountName}) )</getOneFilter>
        <cleanFilter>(&amp; (objectClass=user)
(uidNumber=*)(sAMAccountName={sAMAccountName}) )</cleanFilter>

I saw another user recently mention that changing the pivot attribute to
samaccountname works, (I don't understand why) but that didnt make any
difference.

Should the clean filter be looking for what exists in the destination
directory using the source attributes?  Anything that matches should be
left alone right?

One other thing to mention, when looking at the ldap logs, I'm not sure if
the search is quite right:

Sep 18 01:35:18 netops-dev-2 slapd[12236]: conn=11587 op=1 SRCH
base="dc=example,dc=com" scope=0 deref=0 filter="(objectClass=*)"
Sep 18 01:35:18 netops-dev-2 slapd[12236]: conn=11587 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text=
Sep 18 01:35:18 netops-dev-2 slapd[12236]: conn=11587 op=2 SRCH
base="ou=people,dc= example,dc=com" scope=2 deref=0
filter="(objectClass=posixAccount)"
Sep 18 01:35:18 netops-dev-2 slapd[12236]: conn=11587 op=2 SRCH
attr=sAMAccountName objectClass javaSerializedData javaClassName
javaFactory javaCodeBase javaReferenceAddress javaClassNames
javaRemoteLocation


Thanks for the help,

Joel

_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
lsc-users@lists.lsc-project.org
http://lists.lsc-project.org/listinfo/lsc-users