Re: [lsc-users] openldap to ad sync

Mon, 22 Oct 2012 00:32:10 -0700 

2012/10/22 Christian Bösch <[email protected]>:
>
> On Oct 19, 2012, at 14:36 , Clément OUDOT <[email protected]> wrote:
>
>> 2012/10/19 Christian Bösch <[email protected]>:
>>> Hi Clement,
>>>
>>> This had the effect that all the members have been deleted in the AD group.
>>>
>>> Oct 19 14:19:15 - INFO  - # Updating object 
>>> CN=ou-is,OU=FHgroups,DC=ad,DC=abc,DC=net for groups
>>> dn: CN=ou-is,OU=FHgroups,DC=ad,DC=abc,DC=net
>>> changetype: modify
>>> delete: member
>>>
>>
>> So try with :
>>
>> var members = [];
>>
>> You should just get a compliant javacript code, LSC will jsut run it into 
>> Rhino.
>
> Hi Clement,
>
> Still no success.
> So to test I set members manually:
>
>             <string><![CDATA[
>               var members = ['CN=Lastname 
> Firstname,OU=FHusers,DC=ad,DC=abc,DC=net'];
>               members
>             ]]></string>
>
> But there is still the error:
>
> ERROR - Error while modifying entry CN=ou-is,OU=FHgroups,DC=ad,DC=abc,DC=net 
> in directory :javax.naming.OperationNotSupportedException: [LDAP: error code 
> 53 - 0000054F: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
> ]; remaining name 'CN=ou-is,OU=FHgroups'
> ERROR - Error while synchronizing ID 
> CN=ou-is,OU=FHgroups,DC=ad,DC=abc,DC=net: java.lang.NullPointerException
> dn: CN=ou-is,OU=FHgroups,DC=ad,DC=abc,DC=net
> changetype: modify
> replace: member
> member: sun.org.mozilla.javascript.NativeArray@f052d5
>

Here is a sample code that transform uniqueMember values (DN) into
memberUid values (uid) :

        <dataset>
          <name>memberUid</name>
          <policy>FORCE</policy>
          <defaultValues></defaultValues>
          <forceValues>
            <string>
              <![CDATA[
                var membersSrcDn = srcBean.getDatasetValuesById("uniqueMember");
                var memberUidValues = [];
                for  (var i=0; i<membersSrcDn.size(); i++) {
                        var memberSrcDn = membersSrcDn.get(i);
                        var agriUid = "";
                        try {
                                agriUid =
srcLdap.attribute(memberSrcDn, "uid").get(0);
                        } catch(e) {
                                continue;
                        }
                        var destMembersDn = ldap.search("ou=users",
"(agriUid=" + agriUid + ")");
                        if (destMembersDn.size() == 0 ||
destMembersDn.size() > 1) {
                                continue;
                        }
                        var destMemberDn = destMembersDn.get(0);
                        var memberUid = ldap.attribute(destMemberDn,
"uid").get(0);
                        memberUidValues.push (memberUid);
                }
                memberUidValues
              ]]>
            </string>
          </forceValues>
          <createValues></createValues>
        </dataset>


Hope this can help you to get a correct script.

Clément.
_______________________________________________________________
Ldap Synchronization Connector (LSC) - http://lsc-project.org

lsc-users mailing list
[email protected]
http://lists.lsc-project.org/listinfo/lsc-users

Reply via email to