2012/10/17 Christian Bösch <[email protected]>:
> Hello,
>
> I have 3 questions regarding lsc2.0.1 to sync openldap to AD.
>
> 1)
> I have some users in AD with this kind of mainIdentifier:
> <mainIdentifier>"CN=" + srcBean.getDatasetFirstValueById("uid") +
> ",OU=users,DC=company,DC=net"</mainIdentifier>
> and some other with this kind:
> <mainIdentifier>"CN=" + srcBean.getDatasetFirstValueById("sn") + " "
> + srcBean.getDatasetFirstValueById("givenName") +
> ",OU=users,DC=company,DC=net"</mainIdentifier>
> So is there a way to automatically decide which one is to use, or do I have
> to create 2 tasks for each user group one?
>
You must do 2 tasks if you cannot determine from a source point of
view how the DN will be construct. If you have a source attribute
saying "Use uid" or "Use sn + givenName", you can do a test on it in
the mainIdentifier code.
> 2)
> The problem with this kind of mainIdentifier
> <mainIdentifier>"CN=" + srcBean.getDatasetFirstValueById("sn") + " "
> + srcBean.getDatasetFirstValueById("givenName") +
> ",OU=users,DC=company,DC=net"</mainIdentifier>
> is that if in the source system the name changes (marriage etc) the
> destination entry doesn't match any more.
> How can I handle this problem? I think there should be access to the dstBean?
You have to find a pivot attribute which is constant between source
and destination. LSC will then do a modrdn to update the DN.
> 3)
> I want to disable users in the destination AD, which were deleted in the
> source openldap.
> I couldn't figure out how to do this yet, so I would be glad for any ideas ;)
This is not possible now. This will be possible with the executable
plugin, but it is still in progress:
http://tools.lsc-project.org/issues/446
Clément.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org
lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users
