Try to send some logs (LSC and OpenLDAP) if you want us to help you.
2013/8/27 N E N U <[email protected]> > i updated but not working. > > > On Fri, Aug 23, 2013 at 2:27 AM, Clément OUDOT <[email protected]>wrote: > >> >> >> >> 2013/8/22 N E N U <[email protected]> >> >>> Hi, >>> >>> I am having trouble syncing users from openldap to AD, below is the >>> config i am using. >>> error: synchronization aborted because no source object has been found ! >>> can you direct me through my errors. >>> >>> lsc.xml >>> >>> >>> <?xml version="1.0" ?> >>> <lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.0.xsd"; id="1" >>> revision="0"> >>> <connections> >>> <ldapConnection> >>> <name>AD</name> >>> <url>xxxxxx</url> >>> <username>xxxxxxxx</username> >>> <password>xxxxxxxxx</password> >>> <authentication>SIMPLE</authentication> >>> <pageSize>1000</pageSize> >>> </ldapConnection> >>> <ldapConnection> >>> <name>openldap</name> >>> <url>xxxxxxxxxxxxxxxx</url> >>> <username>xxxxxxxxxxxxxxxxxxxxx</username> >>> <password>xxxxxxxxxxxxxxxxxxxx</password> >>> <authentication>SIMPLE</authentication> >>> <pageSize>1000</pageSize> >>> </ldapConnection> >>> </connections> >>> <tasks> >>> <task> >>> <name>FullAD</name> >>> <bean>org.lsc.beans.SimpleBean</bean> >>> <ldapSourceService> >>> <name>openldap-source-service</name> >>> <connection reference="openldap" /> >>> <baseDn>ou=People,dc=xx,dc=xx</baseDn> >>> <pivotAttributes> >>> <string>uid</string> >>> </pivotAttributes> >>> <fetchedAttributes> >>> <string>description</string> >>> <string>cn</string> >>> <string>sn</string> >>> <string>userPassword</string> >>> <string>objectClass</string> >>> <string>uid</string> >>> <string>mail</string> >>> </fetchedAttributes> >>> >>> <getAllFilter>(&(uid=*)(objectClass=inetOrgPerson))</getAllFilter> >>> >>> <getOneFilter>(&(objectClass=user)(sAMAccountName={uid}))</getOneFilter> >>> </ldapSourceService> >>> <ldapDestinationService> >>> <name>opends-dst-service</name> >>> <connection reference="AD" /> >>> <baseDn>ou=Users,ou=test,dc=yy,dc=yy</baseDn> >>> <pivotAttributes> >>> <string>saMAccountName</string> >>> </pivotAttributes> >>> <fetchedAttributes> >>> <string>description</string> >>> <string>cn</string> >>> <string>sn</string> >>> <string>userPassword</string> >>> <string>objectClass</string> >>> <string>uid</string> >>> <string>mail</string> >>> </fetchedAttributes> >>> >>> <getAllFilter>(&(sAMAccountName=*)(objectClass=user))</getAllFilter> >>> >>> <getOneFilter>(&(objectClass=inetOrgPerson)(uid={uid}))</getOneFilter> >>> </ldapDestinationService> >>> <propertiesBasedSyncOptions> >>> <mainIdentifier>"cn=" + srcBean.getDatasetFirstValueById("cn") + >>> ",ou=Users,ou=test,dc=yy,dc=yy"</mainIdentifier> >>> <defaultDelimiter>;</defaultDelimiter> >>> <defaultPolicy>FORCE</defaultPolicy> >>> <dataset> >>> <name>objectClass</name> >>> <policy>FORCE</policy> >>> <forceValues> >>> <string>"top";"user";"person";"organizationalPerson"</string> >>> </forceValues> >>> </dataset> >>> <dataset> >>> <name>sAMAccountName</name> >>> <policy>KEEP</policy> >>> <createValues> >>> <string>srcBean.getDatasetFirstValueById("uid")</string> >>> </createValues> >>> </dataset> >>> <dataset> >>> <!-- userPrincipalName = uid + "@lsc-project.org" --> >>> <name>userPrincipalName</name> >>> <policy>FORCE</policy> >>> <forceValues> >>> <string>srcBean.getDatasetFirstValueById("uid") + "@ >>> lsc-project.org"</string> >>> </forceValues> >>> </dataset> >>> <dataset> >>> <name>userAccountControl</name> >>> <policy>KEEP</policy> >>> <createValues> >>> <string>AD.userAccountControlSet( "0", >>> [AD.UAC_SET_NORMAL_ACCOUNT])</string> >>> </createValues> >>> </dataset> >>> <dataset> >>> <!-- pwdLastSet = 0 to force user to change password on next >>> connection --> >>> <name>pwdLastSet</name> >>> <policy>KEEP</policy> >>> <createValues> >>> <string>"0"</string> >>> </createValues> >>> </dataset> >>> <dataset> >>> <!-- unicodePwd = "changeit" at creation (requires SSL connection >>> to AD) --> >>> <name>unicodePwd</name> >>> <policy>KEEP</policy> >>> <createValues> >>> <string>AD.getUnicodePwd("changeit")</string> >>> </createValues> >>> </dataset> >>> </propertiesBasedSyncOptions> >>> </task> >>> </tasks> >>> </lsc> >>> >>> >>> >>> >>> sample ldap user ldif >>> >>> dn: uid=at,ou=People,dc=xx,dc=xx >>> uid: at >>> cn: Service Batch jobs daemon >>> sn: Service Batch jobs daemon >>> objectClass: person >>> objectClass: inetorgPerson >>> objectClass: organizationalPerson >>> objectClass: posixAccount >>> objectClass: top >>> objectClass: shadowAccount >>> userPassword: {crypt}! >>> shadowLastChange: 14265 >>> shadowMax: 99999 >>> shadowWarning: 7 >>> loginShell: /bin/bash >>> uidNumber: 25 >>> gidNumber: 25 >>> homeDirectory: /var/spool/atjobs >>> gecos: Service Batch jobs daemon >>> >>> >>> >> >> Hi, >> >> use pageSize -1 in OpenLDAP connection definition. >> >> >> Clément. >> > > > > -- > *--Sri* > * > * > *"Your imagination is your preview of life’s coming attractions.” ~ > Albert Einstein* >
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
