I have an Openldap server 2.4 on Centos 6 and this is the config file slapd.conf:
# allows anyone and everyone to read anything but restricts # updates to rootdn. (e.g., "access to * by * read") # # rootdn can always read and write EVERYTHING! # enable on-the-fly configuration (cn=config) database config access to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" manage by * none # enable server status monitoring (cn=monitor) database monitor access to * by dn.exact="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read by dn.exact="cn=root,dc=meyclub,dc=net" read by * none ####################################################################### # database definitions ####################################################################### database bdb suffix "dc=meyclub,dc=net" checkpoint 1024 15 rootdn "cn=root,dc=meyclub,dc=net" # Cleartext passwords, especially for the rootdn, should # be avoided. See slappasswd(8) and slapd.conf(5) for details. # Use of strong authentication encouraged. # rootpw secret # rootpw {crypt}ijFYNcSNctBYg rootpw {SSHA}ymkqc5nI9efKS1H2V3i47W+zAARg/naL # The database directory MUST exist prior to running slapd AND # should only be accessible by the slapd and slap tools. # Mode 700 recommended. directory /var/lib/ldap # Indices to maintain for this database index objectClass eq,pres index ou,cn,mail,surname,givenname eq,pres,sub index uidNumber,gidNumber,loginShell eq,pres index uid,memberUid eq,pres,sub index nisMapName,nisMapEntry eq,pres,sub # Replicas of this database #replogfile /var/lib/ldap/openldap-master-replog #replica host=ldap-1.example.com:389 starttls=critical # bindmethod=sasl saslmech=GSSAPI # authcId=host/ldap-master.example....@example.com and this is the xml file that i'm using : its the same one of tutorila (the Sample): <?xml version="1.0" ?> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd" revision="0"> <connections> <ldapConnection> <name>dst-ldap</name> <url>ldap://localhost:389/dc=meyclub,dc=net</url> <username>cn=root,dc=meyclub,dc=net</username> <password>Proweb</password> <authentication>SIMPLE</authentication> <referral>IGNORE</referral> <derefAliases>NEVER</derefAliases> <version>VERSION_3</version> <pageSize>-1</pageSize> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> <tlsActivated>false</tlsActivated> <saslMutualAuthentication>false</saslMutualAuthentication> </ldapConnection> <ldapConnection> <name>src-ad</name> <url>ldap://srv-ad-06.meyclub.net:389/dc=meyclub,dc=net</url> <username>cn=Aziza LICHIR,ou=Informatique,ou=SMH,ou=Utilisateurs,dc=meyclub,dc=net</username> <password>Proweb38</password> <authentication>SIMPLE</authentication> <pageSize>1000</pageSize> </ldapConnection> </connections> <audits/> <tasks> <task> <name>MySyncTask</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>MySyncTask-src</name> <connection reference="src-ad" /> <baseDn>ou=STRASBOURG,ou=Utilisateurs,dc=meyclub,dc=net</baseDn> <pivotAttributes> <string>mail</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>givenName</string> <string>mail</string> <string>sAMAccountName</string> </fetchedAttributes> <getAllFilter>(&(mail=*)(objectClass=user))</getAllFilter> <getOneFilter>(&(objectClass=organizationalPerson)(mail={mail}))</getOneFilter> <cleanFilter>(&(objectClass=organizationalPerson)(mail={mail}))</cleanFilter> <interval>6</interval> </ldapSourceService> <ldapDestinationService> <name>MySyncTask-dst</name> <connection reference="dst-ldap"/> <baseDn>ou=people,dc=meyclub,dc=net</baseDn> <pivotAttributes> <string>mail</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>sn</string> <string>objectClass</string> <string>givenName</string> <string>mail</string> <string>uid</string> </fetchedAttributes> <getAllFilter>(objectClass=inetOrgPerson)</getAllFilter> <getOneFilter>(&(objectClass=inetOrgPerson)(mail={mail}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"mail=" + srcBean.getDatasetFirstValueById("mail") + ",ou=people,dc=meyclub,dc=net"</mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <dataset> <name>objectClass</name> <policy>FORCE</policy> <forceValues> <string>"inetOrgPerson"</string> <string>"organizationalPerson"</string> <string>"person"</string> <string>"top"</string> </forceValues> <delimiter>,</delimiter> </dataset> <dataset> <name>uid</name> <policy>FORCE</policy> <forceValues> <string> srcBean.getDatasetFirstValueById("sAMAccountName")</string> </forceValues> </dataset> <dataset> <name>default</name> <policy>FORCE</policy> </dataset> </propertiesBasedSyncOptions> </task> <task> <name>GroupSyncTask</name> <bean>org.lsc.beans.SimpleBean</bean> <ldapSourceService> <name>GroupSyncTask-src</name> <connection reference="src-ad" /> <baseDn>OU=Groupe_Securite,DC=meyclub,DC=net</baseDn> <pivotAttributes> <string>cn</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>member</string> </fetchedAttributes> <getAllFilter>(&(member=*)(objectClass=group))</getAllFilter> <getOneFilter>(&(objectClass=group)(cn={cn}))</getOneFilter> <cleanFilter>(&(objectClass=group)(cn={cn}))</cleanFilter> <interval>100</interval> </ldapSourceService> <ldapDestinationService> <name>GroupSyncTask-dst</name> <connection reference="dst-ldap"/> <baseDn>ou=group,dc=meyclub,dc=net</baseDn> <pivotAttributes> <string>cn</string> </pivotAttributes> <fetchedAttributes> <string>cn</string> <string>member</string> </fetchedAttributes> <getAllFilter>(objectClass=groupOfNames)</getAllFilter> <getOneFilter>(&(objectClass=groupOfNames)(cn={cn}))</getOneFilter> </ldapDestinationService> <propertiesBasedSyncOptions> <mainIdentifier>"cn=" + srcBean.getDatasetValuesById("cn")+ ",ou=group,dc=meyclub,dc=net" </mainIdentifier> <defaultDelimiter>;</defaultDelimiter> <defaultPolicy>FORCE</defaultPolicy> <dataset> <name>objectClass</name> <policy>FORCE</policy> <forceValues> <string>"groupOfNames"</string> <string>"top"</string> </forceValues> <delimiter>$</delimiter> </dataset> <dataset> <name>default</name> <policy>FORCE</policy> </dataset> </propertiesBasedSyncOptions> </task> </tasks> </lsc> 2013/4/9 Clément OUDOT <clem.ou...@gmail.com> > > > 2013/4/9 Aziza Lichir <aziza.lic...@gmail.com> > >> I did exactely what you said but it doesnt recognise the ou=group i get >> this error : >> >> avr. 09 12:23:07 - DEBUG - Loading XML configuration from: >> /root/lsc-2.0.1/sample/hsqldb/bin/../etc/lsc.xml >> avr. 09 12:23:08 - INFO - Reflections took 400 ms to scan 1 urls, >> producing 60 keys and 226 values >> avr. 09 12:23:08 - DEBUG - Importing XML schema file: >> schemas/lsc-core-2.0.xsd >> avr. 09 12:23:08 - INFO - Logging configuration successfully loaded from >> /root/lsc-2.0.1/sample/hsqldb/bin/../etc/logback.xml >> avr. 09 12:23:08 - INFO - LSC configuration successfully loaded from >> /root/lsc-2.0.1/sample/hsqldb/bin/../etc/ >> avr. 09 12:23:08 - INFO - Connecting to LDAP server >> ldap://localhost:389/dc=meyclub,dc=net as cn=root,dc=meyclub,dc=net >> avr. 09 12:23:09 - INFO - Connecting to LDAP server ldap:// >> srv-ad-06.meyclub.net:389/dc=meyclub,dc=net as cn=Aziza >> LICHIR,ou=Informatique,ou=SMH,ou=Utilisateurs,dc=meyclub,dc=net >> >> ....... >> >> avr. 09 12:23:11 - ERROR - Error while looking for >> (&(objectClass=groupOfNames)(cn=GG_OrdinateursWindows7)) in >> ou=group,dc=meyclub,dc=net: javax.naming.NameNotFoundException: [LDAP: >> error code 32 - No Such Object]; remaining name 'ou=group' >> avr. 09 12:23:11 - ERROR - Error while synchronizing ID >> {cn=GG_OrdinateursWindows7}: org.lsc.exception.LscServiceException: >> javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; >> remaining name 'ou=group' >> avr. 09 12:23:11 - ERROR - All entries: 39, to modify entries: 0, >> successfully modified entries: 0, errors: 39 >> avr. 09 12:23:11 - INFO - Starting clean for GroupSyncTask >> avr. 09 12:23:11 - ERROR - javax.naming.NameNotFoundException: [LDAP: >> error code 32 - No Such Object]; remaining name 'ou=group' >> avr. 09 12:23:11 - ERROR - Empty or non existant destination (no IDs >> found) >> >> >> > > Are you sure to have modifed the destination service and not the source > service? Could you send your complete configuration? > > Clément. > -- *___________________________________________________________* ** *Aziza Lichir* *Tél : 0777053628 *
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list lsc-users@lists.lsc-project.org http://lists.lsc-project.org/listinfo/lsc-users