Hi George, You don't seem to have any "objectClass" attribute in your fetchedAttributes... So your entry cannot be added to your destination directory.
You'll have to search what is a typical entry in your AD, and specifically what are the object classes associated. (ie multivalued attributes "objectClass") David Le 15/10/2012 10:05, George Dobson a écrit : > Hi, > > I set up the following lsc.xml guided by various examples with good > progress but now I'm having trouble in adding new users to AD. Updating > existing users work correctly. > > Error: > > Oct 15 18:33:58 - ERROR - Error while adding entry CN=xx > xx,OU=UsersTEST,OU=xxxx,DC=zzzz,DC=local in directory > :javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - > 0000207B: UpdErr: DSID-030511CF, problem 6002 (OBJ_CLASS_VIOLATION), data 0 > ]; remaining name 'CN=xx xx,OU=UsersTEST,OU=xxxx' > Oct 15 18:33:58 - ERROR - Error while synchronizing ID > CN=xxxx,OU=UsersTEST,OU=xxxx,DC=zzzz,DC=local: java.lang.Exception: > Technical problem while applying modifications to the destination > dn: CN=xx xx,OU=UsersTEST,OU=xxxx,DC=zzzz,DC=local > changetype: add > mail: [email protected] > samAccountName: nxxxxx > sn: xx > cn: xx xx > description: XXXXXX ([email protected]) > userPassword: C#ang3th1s > givenName: xx > > lsc.xml > > <?xml version="1.0" ?> > <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; revision="0"> > <connections> > <ldapConnection> > <name>ldap-src-conn</name> > <url>ldap://localhost:389/dc=dddd,dc=mmmm</url> > <username>uid=supersys,ou=People,dc=mmmm</username> > <password>qweqwe</password> > <authentication>SIMPLE</authentication> > <referral>IGNORE</referral> > <derefAliases>NEVER</derefAliases> > <version>VERSION_3</version> > <pageSize>-1</pageSize> > <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> > <tlsActivated>false</tlsActivated> > </ldapConnection> > <ldapConnection> > <name>ldap-dst-conn</name> > <url>ldap:/123.123.123.123:389/dc=zzzz,dc=local</url> > <username>CN=binduser,DC=zzzz,DC=local</username> > <password>bindpasswd</password> > <authentication>SIMPLE</authentication> > <referral>IGNORE</referral> > <derefAliases>NEVER</derefAliases> > <version>VERSION_3</version> > <pageSize>1000</pageSize> > <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> > <tlsActivated>false</tlsActivated> > </ldapConnection> > </connections> > <audits> > <csvAudit> > <name>csv</name> > <append>true</append> > <operations>create, delete</operations> > <file>/tmp/audit.csv</file> > <datasets>cn, dn</datasets> > <separator>;</separator> > </csvAudit> > <ldifAudit> > <name>ldif</name> > <append>false</append> > <file>/tmp/audit.ldif</file> > </ldifAudit> > </audits> > <tasks> > <task> > <name>People</name> > <bean>org.lsc.beans.SimpleBean</bean> > <ldapSourceService> > <name>openldap-source-service</name> > <connection reference="ldap-src-conn" /> > <baseDn>ou=People,dc=dddd,dc=mmmm</baseDn> > <pivotAttributes> > <string>uid</string> > </pivotAttributes> > <fetchedAttributes> > <string>description</string> > <string>cn</string> > <string>sn</string> > <string>givenName</string> > <string>userPassword</string> > <!-- <string>objectClass</string> --> > <string>uid</string> > <string>mail</string> > </fetchedAttributes> > <getAllFilter>(objectClass=inetorgperson)</getAllFilter> > <getOneFilter>(&(objectClass=inetorgperson) > (uid={uid}))</getOneFilter> > <cleanFilter>(&(objectClass=inetorgperson) > (uid={samAccountName}))</cleanFilter> > </ldapSourceService> > <ldapDestinationService> > <name>ad-dst-service</name> > <connection reference="ldap-dst-conn" /> > <baseDn>ou=UsersTEST,ou=xxxx</baseDn> > <pivotAttributes> > <string>samAccountName</string> > </pivotAttributes> > <fetchedAttributes> > <string>description</string> > <string>cn</string> > <string>sn</string> > <string>givenName</string> > <string>userPassword</string> > <!-- <string>objectClass</string> --> > <string>samAccountName</string> > <string>mail</string> > </fetchedAttributes> > <getAllFilter>(objectClass=user)</getAllFilter> > <getOneFilter>(&(objectClass=user)(samAccountName={uid}))</getOneFilter> > > </ldapDestinationService> > <propertiesBasedSyncOptions> > <mainIdentifier>"CN=" + srcBean.getDatasetFirstValueById("cn") + > ",OU=UsersTEST,OU=xxxx,DC=zzzz,DC=local"</mainIdentifier> > <defaultDelimiter>;</defaultDelimiter> > <defaultPolicy>FORCE</defaultPolicy> > <dataset> > <name>description</name> > <policy>FORCE</policy> > <forceValues> > <string>js:srcBean.getDatasetFirstValueById("sn").toUpperCase() + > " (" + srcBean.getDatasetFirstValueById("mail") + > ")"</string> > </forceValues> > </dataset> > <dataset> > <name>samAccountName</name> > <policy>KEEP</policy> > <createValues> > <string>js:srcBean.getDatasetFirstValueById("uid")</string> > </createValues> > </dataset> > <!-- > <dataset> > <name>objectClass</name> > <policy>KEEP</policy> > <createValues> > <string>"user"</string> > </createValues> > </dataset> > --> > <dataset> > <name>userPassword</name> > <policy>KEEP</policy> > <createValues> > <string>"C#ang3th1s"</string> > </createValues> > </dataset> > </propertiesBasedSyncOptions> > </task> > </tasks> > </lsc> > > I haven't implemented any security keys between the servers thinking it > wouldn't be required for this. > The attributes as shown in the output is sufficient info to create an > account manually. > > Is there something incorrectly configured of am I missing additional > steps? Thanks in advance. > > > > _______________________________________________________________ > Ldap Synchronization Connector (LSC) - http://lsc-project.org > > lsc-users mailing list > [email protected] > http://lists.lsc-project.org/listinfo/lsc-users _______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
