i updated but not working.
On Fri, Aug 23, 2013 at 2:27 AM, Clément OUDOT <[email protected]> wrote: > > > > 2013/8/22 N E N U <[email protected]> > >> Hi, >> >> I am having trouble syncing users from openldap to AD, below is the >> config i am using. >> error: synchronization aborted because no source object has been found ! >> can you direct me through my errors. >> >> lsc.xml >> >> >> <?xml version="1.0" ?> >> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; id="1" >> revision="0"> >> <connections> >> <ldapConnection> >> <name>AD</name> >> <url>xxxxxx</url> >> <username>xxxxxxxx</username> >> <password>xxxxxxxxx</password> >> <authentication>SIMPLE</authentication> >> <pageSize>1000</pageSize> >> </ldapConnection> >> <ldapConnection> >> <name>openldap</name> >> <url>xxxxxxxxxxxxxxxx</url> >> <username>xxxxxxxxxxxxxxxxxxxxx</username> >> <password>xxxxxxxxxxxxxxxxxxxx</password> >> <authentication>SIMPLE</authentication> >> <pageSize>1000</pageSize> >> </ldapConnection> >> </connections> >> <tasks> >> <task> >> <name>FullAD</name> >> <bean>org.lsc.beans.SimpleBean</bean> >> <ldapSourceService> >> <name>openldap-source-service</name> >> <connection reference="openldap" /> >> <baseDn>ou=People,dc=xx,dc=xx</baseDn> >> <pivotAttributes> >> <string>uid</string> >> </pivotAttributes> >> <fetchedAttributes> >> <string>description</string> >> <string>cn</string> >> <string>sn</string> >> <string>userPassword</string> >> <string>objectClass</string> >> <string>uid</string> >> <string>mail</string> >> </fetchedAttributes> >> >> <getAllFilter>(&(uid=*)(objectClass=inetOrgPerson))</getAllFilter> >> >> <getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter> >> </ldapSourceService> >> <ldapDestinationService> >> <name>opends-dst-service</name> >> <connection reference="AD" /> >> <baseDn>ou=Users,ou=test,dc=yy,dc=yy</baseDn> >> <pivotAttributes> >> <string>saMAccountName</string> >> </pivotAttributes> >> <fetchedAttributes> >> <string>description</string> >> <string>cn</string> >> <string>sn</string> >> <string>userPassword</string> >> <string>objectClass</string> >> <string>uid</string> >> <string>mail</string> >> </fetchedAttributes> >> >> <getAllFilter>(&(sAMAccountName=*)(objectClass=user))</getAllFilter> >> >> <getOneFilter>(&(objectClass=inetOrgPerson)(uid={uid}))</getOneFilter> >> </ldapDestinationService> >> <propertiesBasedSyncOptions> >> <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") + >> ",ou=Users,ou=test,dc=yy,dc=yy"</mainIdentifier> >> <defaultDelimiter>;</defaultDelimiter> >> <defaultPolicy>FORCE</defaultPolicy> >> <dataset> >> <name>objectClass</name> >> <policy>FORCE</policy> >> <forceValues> >> <string>"top";"user";"person";"organizationalPerson"</string> >> </forceValues> >> </dataset> >> <dataset> >> <name>sAMAccountName</name> >> <policy>KEEP</policy> >> <createValues> >> <string>srcBean.getDatasetFirstValueById("uid")</string> >> </createValues> >> </dataset> >> <dataset> >> <!-- userPrincipalName = uid + "@lsc-project.org" --> >> <name>userPrincipalName</name> >> <policy>FORCE</policy> >> <forceValues> >> <string>srcBean.getDatasetFirstValueById("uid") + "@lsc-project.org >> "</string> >> </forceValues> >> </dataset> >> <dataset> >> <name>userAccountControl</name> >> <policy>KEEP</policy> >> <createValues> >> <string>AD.userAccountControlSet( "0", >> [AD.UAC_SET_NORMAL_ACCOUNT])</string> >> </createValues> >> </dataset> >> <dataset> >> <!-- pwdLastSet = 0 to force user to change password on next >> connection --> >> <name>pwdLastSet</name> >> <policy>KEEP</policy> >> <createValues> >> <string>"0"</string> >> </createValues> >> </dataset> >> <dataset> >> <!-- unicodePwd = "changeit" at creation (requires SSL connection >> to AD) --> >> <name>unicodePwd</name> >> <policy>KEEP</policy> >> <createValues> >> <string>AD.getUnicodePwd("changeit")</string> >> </createValues> >> </dataset> >> </propertiesBasedSyncOptions> >> </task> >> </tasks> >> </lsc> >> >> >> >> >> sample ldap user ldif >> >> dn: uid=at,ou=People,dc=xx,dc=xx >> uid: at >> cn: Service Batch jobs daemon >> sn: Service Batch jobs daemon >> objectClass: person >> objectClass: inetorgPerson >> objectClass: organizationalPerson >> objectClass: posixAccount >> objectClass: top >> objectClass: shadowAccount >> userPassword: {crypt}! >> shadowLastChange: 14265 >> shadowMax: 99999 >> shadowWarning: 7 >> loginShell: /bin/bash >> uidNumber: 25 >> gidNumber: 25 >> homeDirectory: /var/spool/atjobs >> gecos: Service Batch jobs daemon >> >> >> > > Hi, > > use pageSize -1 in OpenLDAP connection definition. > > > Clément. > -- *--Sri* * * *"Your imagination is your preview of life’s coming attractions.” ~ Albert Einstein*
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
