Closed SchaffnerMi closed 7 months ago
soisik
commented
7 months ago Hello Michel,
Indeed, in asynchronous mode you need to use another settings for requesting the source directory in async mode if the default do not work for you.
The setting is filterAsync, see https://lsc-project.org/documentation/latest/service_source_ldap.html for more information on how it works.
SchaffnerMi
commented
7 months ago Hello,
Thank you for your answer, thanks to your link I was able to see that the pivot attribute had to be written in capital letters which was not my case. I will modify it and test it in lowercase.
getOneFilter><![CDATA[(&(objectClass=groupOfNames)(entryUUID={entryUUID}))]]></getOneFilter>
to
getOneFilter><![CDATA[(&(objectClass=groupOfNames)(entryuuid={entryuuid}))]]></getOneFilter>
In the same time, for the filter "FilterAsync" , do you have any examples of uses?
Thank you again for your help
SchaffnerMi
commented
7 months ago Tested in lowercase it didn't change anything.
I will also try to use "filterAsync".
soisik
commented
7 months ago This is an example on requesting change periodically, for requesting an AD:
<filterAsync><![CDATA[(&(objectClass=user)(whenChanged>={0}))]]></filterAsync>and for requesting an OpenLDAP directory:
<filterAsync><![CDATA[(&(objectClass=inetOrgPerson)(modifytimestamp>={0}))]]></filterAsync>Unfortunately this doesn't seem to work:
The pivot for the source is:
<string>entryUUID</string>
The pivot for the destination is:
<string>description</string>
OPEN LDAP (source)
<getAllFilter><![CDATA[(&(objectClass=groupOfNames)(cn=unistra:manuels:domaines:2ip:gg_*))]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=groupOfNames)(entryUUID={entryUUID}))]]></getOneFilter>
<filterAsync><![CDATA[(&(objectClass=groupOfNames)(modifytimestamp>={0}))]]></filterAsync>
AD (destination)
<getAllFilter><![CDATA[(objectClass=group)]]></getAllFilter>
<getOneFilter><![CDATA[(&(objectClass=group)(description={entryUUID}))]]></getOneFilter>
<filterAsync><![CDATA[(&(objectClass=group)(whenChanged>={0}))]]></filterAsync>
Despite this, LSC try to creat this group:
Did I do something wrong?
soisik
commented
7 months ago In source, your getAllFilter and filterAsync filters should look alike:
<getAllFilter><![CDATA[(&(objectClass=groupOfNames)(cn=unistra:manuels:domaines:2ip:gg_*))]]></getAllFilter>
<filterAsync><![CDATA[(&(objectClass=groupOfNames)(cn=unistra:manuels:domaines:2ip:gg_*)(modifytimestamp>={0}))]]></filterAsync>In destination, you have no need for any filterAsync; only your source directory will be requested for changes.
SchaffnerMi
commented
7 months ago Lsc is still trying to create this group: cn=unistra:automatiques:personnels:composantes:122:ens-tous I don't understand why it is even not in to the filter which is cn=unistra:manuels:domaines:2ip:gg_*
SchaffnerMi
commented
7 months ago Finally after a while he still tried to create other groups like this: cn=unistra:manuels:divers:748:cap:groupe-pg
SchaffnerMi
commented
7 months ago Hello,
This works, I looked on the wrong server (Sorry for that). The groups are created according to the LDAP filter. Thank you again for your help. We can close the issue.
Have a nice day!
Hello,
In my case the ldap filter below is not taken into account:
<getAllFilter><![CDATA[(&(objectClass=groupOfNames)(cn=unistra:manuels:domaines:2ip:gg_*))]]></getAllFilter>the result in our LDAP should be only this groups
But in fact we found that only in asynchrone mode, LSC try to search others groups in others paths like this:
Do you have any idea why this behavior with asynchro task?
Thanks in advance for your help, Michel