2012/9/25 Chris Visser <[email protected]>
> Hi,****
>
> ** **
>
> I’m trying to sync from my AD to a local OpenLDAP server.****
>
> ** **
>
> According the output of lsc -f /etc/lsc/ -c all -s all –n LSC connects
> fine to both servers but I get the following error:****
>
> Sep 25 14:42:50 - INFO - Starting sync for ad-src-task****
>
> Sep 25 14:42:50 - ERROR - Unable to get object for id=CN=Username
> OU=Users,OU=JHB,OU=Infrastructure,OU=Divisions,DC=RTT,DC=co,DC=za****
>
> ** **
>
> And proceeds to list every user in the AD like that and ending with:****
>
> Sep 25 14:42:50 - ERROR - All entries: 49, to modify entries: 0, modified
> entries: 0, errors: 49****
>
> Sep 25 14:42:50 - INFO - Starting clean for ad-src-task****
>
> Sep 25 14:42:50 - ERROR - Empty or non existant destination (no IDs found)
> ****
>
> ** **
>
> My tasks are:****
>
> <task>****
>
> <name>ad-src-task</name>****
>
> <bean>org.lsc.beans.SimpleBean</bean>****
>
> <ldapSourceService>****
>
> <name>ad-src-service</name>****
>
> <connection reference="AD" />****
>
> <baseDn>ou=Divisions,dc=rtt,dc=co,dc=za</baseDn>****
>
> <pivotAttributes>****
>
> <string>samAccountName</string>****
>
> </pivotAttributes>****
>
> <fetchedAttributes>****
>
> <string>sAMAccountName</string>****
>
> <string>mail</string>****
>
> </fetchedAttributes>****
>
> <getAllFilter>(objectClass=person)</getAllFilter>****
>
>
> <getOneFilter>(&(objectClass=person)(uid=sAMAccountName))</getOneFilter>
> ****
>
>
> <getCleanFilter>(&(objectClass=person)(uid=sAMAccountName))</getCleanFilter>
> ****
>
> <interval>15</interval>****
>
> </ldapSourceService>****
>
> <ldapDestinationService>****
>
> <name>ldap-dst-service</name>****
>
> <connection reference="OpenLDAP" />****
>
> <baseDn>ou=Divisions,dc=rtt,dc=co,dc=za</baseDn>****
>
> <pivotAttributes>****
>
> <string>uid</string>****
>
> </pivotAttributes>****
>
> <fetchedAttributes>****
>
> <string>objectClass</string>****
>
> <string>uid</string>****
>
> <string>mail</string>****
>
> </fetchedAttributes>****
>
> <getAllFilter>(objectClass=user)</getAllFilter>****
>
> <getOneFilter>((objectClass=user))</getOneFilter>****
>
> <getCleanFilter>((objectClass=user))</getCleanFilter>****
>
> </ldapDestinationService>****
>
> <propertiesBasedSyncOptions>****
>
> <mainIdentifier>"mail=" +
> srcBean.getDatasetFirstValueById("mail")</mainIdentifier>****
>
> <defaultDelimiter>;</defaultDelimiter>****
>
> <defaultPolicy>FORCE</defaultPolicy>****
>
> <dataset>****
>
> <name>objectClass</name>****
>
> <policy>FORCE</policy>****
>
> <forceValues>****
>
> <string>"top";"user";"person";"organizationalPerson"</string>****
>
> </forceValues>****
>
> </dataset>****
>
> <dataset>****
>
> <name>uid</name>****
>
> <policy>KEEP</policy>****
>
> <createValues>****
>
> <string>srcBean.getDatasetFirstValueById("sAMAccountName")</string>*
> ***
>
> </createValues>****
>
> </dataset>****
>
> </propertiesBasedSyncOptions>****
>
> ** **
>
> </task>****
>
> **
>
Check you configuration. In Source filters, you do not have { } around the
pivot attribute.
Read this example:
http://lsc-project.org/wiki/documentation/2.0/tutorials/openldaptoactivedirectory
Clément.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
