Hi all I have a problem with the sync of OpenLDAP to Active Directory. I get the error "ERROR - Error while synchronizing ID" and I do not know why. Is this Error raised because the AD LDAP Connection isn't SSL? Can you help me?
- Here is my output when I run lsc in dry mode: Sep 18 06:38:13 - DEBUG - Loading XML configuration from: /root/lsc-2.0/etc/lsc.xml Sep 18 06:38:13 - INFO - Reflections took 182 ms to scan 1 urls, producing 60 keys and 226 values Sep 18 06:38:13 - DEBUG - Importing XML schema file: schemas/lsc-core-2.0.xsd Sep 18 06:38:14 - INFO - Logging configuration successfully loaded from /root/lsc-2.0/etc/logback.xml Sep 18 06:38:14 - INFO - LSC configuration successfully loaded from /root/lsc-2.0/etc/ Sep 18 06:38:14 - INFO - Connecting to LDAP server ldap://dc1.phlu.ch:389/dc=phlu,dc=ch as cn=Administrator,cn=Users,dc=phlu,dc=ch Sep 18 06:38:14 - INFO - Connecting to LDAP server ldaps://localhost:636/o=labornet,c=ch as uid=manager,ou=People,o=labornet,c=ch Sep 18 06:38:14 - INFO - Starting sync for adUser Sep 18 06:38:14 - ERROR - Error while synchronizing ID {uid=root}: java.lang.NullPointerException Sep 18 06:38:14 - ERROR - Error while synchronizing ID {uid=bebuehler}: java.lang.NullPointerException Sep 18 06:38:14 - ERROR - Error while synchronizing ID {uid=user764}: java.lang.NullPointerException Sep 18 06:38:14 - ERROR - Error while synchronizing ID {uid=administrator}: java.lang.NullPointerException Sep 18 06:38:14 - ERROR - All entries: 4, to modify entries: 0, successfully modified entries: 0, errors: 4 Sep 18 06:38:14 - INFO - Starting clean for adUser Sep 18 06:38:14 - ERROR - Empty or non existant destination (no IDs found) - And here is my lsc.xml: <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; revision="0"> <connections> <ldapConnection> <name>src-openLDAP</name> <url>ldaps://localhost:636/o=labornet,c=ch</url> <username>uid=manager,ou=People,o=labornet,c=ch</username> <password>labor</password> <authentication>SIMPLE</authentication> </ldapConnection> <ldapConnection> <name>dst-AD</name> <url>ldap://dc1.phlu.ch:389/dc=phlu,dc=ch</url> <username>cn=Administrator,cn=Users,dc=phlu,dc=ch</username> <password>admin4real.</password> <authentication>SIMPLE</authentication> <pageSize>1000</pageSize> </ldapConnection> </connections> <tasks> <task> <name>adUser</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>ldap-src-service</name> <connection reference="src-openLDAP" /> <baseDn>ou=People,o=labornet,c=ch</baseDn> <pivotAttributes><string>uid</string></pivotAttributes> <fetchedAttributes> <string>cn</string> <string>uid</string> <string>objectclass</string> <string>userPassword</string> <string>sambaNTPassword</string> </fetchedAttributes> <getAllFilter>(objectClass=sambaSamAccount)</getAllFilter> <getOneFilter>(&(objectClass=sambaSamAccount) (uid={uid}))</getOneFilter> <cleanFilter>(&(objectClass=sambaSamAccount)(uid=*))</cleanFilter> </ldapSourceService> <ldapDestinationService> <name>ad-dst-service</name> <connection reference="dst-AD" /> <baseDn>ou=LDAP-Users,ou=PHLU,dc=phlu,dc=ch</baseDn> <pivotAttributes><string>sAMAccountName</string></pivotAttributes> <fetchedAttributes> <string>cn</string> <string>uid</string> <string>objectclass</string> <string>userPassword</string> <string>sambaNTPassword</string> </fetchedAttributes> <getAllFilter>(&(sAMAccountName=*) (objectClass=user))</getAllFilter> <getOneFilter>(&(objectClass=user) (sAMAccountName={uid}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>src.Bean.getMainIdentifier()</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <dataset> <name>objectClass</name> <policy>FORCE</policy> <forceValues> <string>"top";"user";"person";"organizationalPerson"</string> </forceValues> </dataset> <dataset> <name>sAMAccountName</name> <policy>KEEP</policy> <createValues> <string>srcBean.getDatasetFirstValueById("uid")</string> </createValues> </dataset> <dataset> <!-- userPrincipalName = uid + "@phz.ch" --> <name>userPrincipalName</name> <policy>FORCE</policy> <forceValues> <string>srcBean.getDatasetFirstValueById("uid") + "@phz.ch"</string> </forceValues> </dataset> <dataset> <name>userAccountControl</name> <policy>KEEP</policy> <createValues> <string>AD.userAccountControlSet( "0", [AD.UAC_SET_NORMAL_ACCOUNT])</string> </createValues> </dataset> <dataset> <!-- pwdLastSet = 0 to force user to change password on next connection --> <name>pwdLastSet</name> <policy>KEEP</policy> <createValues> <string>"0"</string> </createValues> </dataset> <dataset> <!-- unicodePwd = "changeit" at creation (requires SSL connection to AD) --> <name>unicodePwd</name> <policy>KEEP</policy> <createValues> <string>AD.getUnicodePwd("changeit")</string> </createValues> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> Thanks in advance, Martin _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
