|
|
|
## Fusiondirectory LSC
|
|
|
|
|
|
|
|
### XML
|
|
|
|
|
|
|
|
Un exemple de configuration en XML
|
|
|
|
|
|
|
|
```xml
|
|
|
|
<?xml version="1.0" ?>
|
|
|
|
<lsc xmlns="http://lsc-project.org/XSD/lsc-core-2.1.xsd" revision="0">
|
|
|
|
|
|
|
|
<connections>
|
|
|
|
<!-- OpenLDAP connection -->
|
|
|
|
<ldapConnection>
|
|
|
|
<name>openldap</name>
|
|
|
|
<url>ldap://192.168.56.103/dc=nodomain</url>
|
|
|
|
<username>cn=admin,dc=nodomain</username>
|
|
|
|
<password>tester</password>
|
|
|
|
<authentication>SIMPLE</authentication>
|
|
|
|
<referral>IGNORE</referral>
|
|
|
|
<derefAliases>NEVER</derefAliases>
|
|
|
|
<version>VERSION_3</version>
|
|
|
|
<pageSize>-1</pageSize>
|
|
|
|
<factory>com.sun.jndi.ldap.LdapCtxFactory</factory>
|
|
|
|
<tlsActivated>false</tlsActivated>
|
|
|
|
</ldapConnection>
|
|
|
|
<!-- AD connection -->
|
|
|
|
<ldapConnection>
|
|
|
|
<name>ad</name>
|
|
|
|
<url>ldaps://dc.test.opensides.be/DC=test,DC=opensides,DC=be</url>
|
|
|
|
<username>administrator@test.opensides.be</username>
|
|
|
|
<password>jonathan0#</password>
|
|
|
|
<authentication>SIMPLE</authentication>
|
|
|
|
<pageSize>1000</pageSize>
|
|
|
|
</ldapConnection>
|
|
|
|
</connections>
|
|
|
|
|
|
|
|
<audits>
|
|
|
|
<csvAudit>
|
|
|
|
<name>csv</name>
|
|
|
|
<append>true</append>
|
|
|
|
<operations>create, delete</operations>
|
|
|
|
<file>/tmp/dump.csv</file>
|
|
|
|
<datasets>cn, dn</datasets>
|
|
|
|
<separator>,</separator>
|
|
|
|
</csvAudit>
|
|
|
|
</audits>
|
|
|
|
|
|
|
|
<tasks>
|
|
|
|
<task>
|
|
|
|
<name>samba4</name>
|
|
|
|
<bean>org.lsc.beans.SimpleBean</bean>
|
|
|
|
<ldapSourceService>
|
|
|
|
<name>openldap-source-service</name>
|
|
|
|
<connection reference="openldap" />
|
|
|
|
<baseDn>ou=people,dc=nodomain</baseDn>
|
|
|
|
<pivotAttributes>
|
|
|
|
<string>uid</string>
|
|
|
|
</pivotAttributes>
|
|
|
|
<fetchedAttributes>
|
|
|
|
<string>cn</string>
|
|
|
|
<string>givenName</string>
|
|
|
|
<string>sn</string>
|
|
|
|
<string>userPassword</string>
|
|
|
|
<string>uid</string>
|
|
|
|
</fetchedAttributes>
|
|
|
|
<getAllFilter>(&(objectClass=sambaSamAccount)(uid=_UID_))</getAllFilter>
|
|
|
|
<getOneFilter>(&(objectClass=sambaSamAccount)(uid={uid}))</getOneFilter>
|
|
|
|
<cleanFilter>(&(objectClass=sambaSamAccount)(uid=_UID_))</cleanFilter>
|
|
|
|
</ldapSourceService>
|
|
|
|
|
|
|
|
<ldapDestinationService>
|
|
|
|
<name>ad-dst-service</name>
|
|
|
|
<connection reference="ad" />
|
|
|
|
<baseDn>CN=Users,DC=test,DC=opensides,DC=be</baseDn>
|
|
|
|
<pivotAttributes>
|
|
|
|
<string>sAMAccountName</string>
|
|
|
|
</pivotAttributes>
|
|
|
|
<fetchedAttributes>
|
|
|
|
<string>cn</string>
|
|
|
|
<string>givenName</string>
|
|
|
|
<string>objectclass</string>
|
|
|
|
<string>pwdLastSet</string>
|
|
|
|
<string>sAMAccountName</string>
|
|
|
|
<string>sn</string>
|
|
|
|
<string>userPrincipalName</string>
|
|
|
|
<string>unicodePwd</string>
|
|
|
|
<string>userAccountControl</string>
|
|
|
|
</fetchedAttributes>
|
|
|
|
<getAllFilter><![CDATA[(&(objectClass=user)(sAMAccountName=_UID_))]]></getAllFilter>
|
|
|
|
<getOneFilter><![CDATA[(&(objectClass=user)(sAMAccountName={uid}))]]></getOneFilter>
|
|
|
|
</ldapDestinationService>
|
|
|
|
|
|
|
|
<propertiesBasedSyncOptions>
|
|
|
|
<mainIdentifier>"CN=" + srcBean.getDatasetFirstValueById("uid") + ",CN=Users,DC=test,DC=opensides,DC=be"</mainIdentifier>
|
|
|
|
<defaultDelimiter>;</defaultDelimiter>
|
|
|
|
<defaultPolicy>FORCE</defaultPolicy>
|
|
|
|
<conditions>
|
|
|
|
<create>true</create>
|
|
|
|
<update>true</update>
|
|
|
|
<delete>true</delete>
|
|
|
|
<changeId>false</changeId>
|
|
|
|
</conditions>
|
|
|
|
<dataset>
|
|
|
|
<name>objectclass</name>
|
|
|
|
<policy>KEEP</policy>
|
|
|
|
<createValues>
|
|
|
|
<string>"user"</string>
|
|
|
|
<string>"organizationalPerson"</string>
|
|
|
|
<string>"person"</string>
|
|
|
|
<string>"top"</string>
|
|
|
|
</createValues>
|
|
|
|
</dataset>
|
|
|
|
<dataset>
|
|
|
|
<name>sAMAccountName</name>
|
|
|
|
<policy>KEEP</policy>
|
|
|
|
<createValues>
|
|
|
|
<string>srcBean.getDatasetFirstValueById("uid")</string>
|
|
|
|
</createValues>
|
|
|
|
</dataset>
|
|
|
|
<dataset>
|
|
|
|
<name>userPrincipalName</name>
|
|
|
|
<policy>FORCE</policy>
|
|
|
|
<forceValues>
|
|
|
|
<string>srcBean.getDatasetFirstValueById("uid") + "@test.opensides.be"</string>
|
|
|
|
</forceValues>
|
|
|
|
</dataset>
|
|
|
|
<dataset>
|
|
|
|
<name>cn</name>
|
|
|
|
<policy>FORCE</policy>
|
|
|
|
<forceValues>
|
|
|
|
<string>srcBean.getDatasetFirstValueById("uid")</string>
|
|
|
|
</forceValues>
|
|
|
|
</dataset>
|
|
|
|
<dataset>
|
|
|
|
<name>userAccountControl</name>
|
|
|
|
<policy>KEEP</policy>
|
|
|
|
<createValues>
|
|
|
|
<string>AD.userAccountControlSet("0", [AD.UAC_SET_NORMAL_ACCOUNT])</string>
|
|
|
|
</createValues>
|
|
|
|
</dataset>
|
|
|
|
<dataset>
|
|
|
|
<name>pwdLastSet</name>
|
|
|
|
<policy>KEEP</policy>
|
|
|
|
<createValues>
|
|
|
|
<string>"-1"</string>
|
|
|
|
</createValues>
|
|
|
|
</dataset>
|
|
|
|
<dataset>
|
|
|
|
<name>unicodePwd</name>
|
|
|
|
<policy>FORCE</policy>
|
|
|
|
<createValues>
|
|
|
|
<string>AD.getUnicodePwd("_USERPASSWORD_")</string>
|
|
|
|
</createValues>
|
|
|
|
</dataset>
|
|
|
|
</propertiesBasedSyncOptions>
|
|
|
|
</task>
|
|
|
|
</tasks>
|
|
|
|
|
|
|
|
<security>
|
|
|
|
<encryption>
|
|
|
|
<keyfile>etc/lsc.key</keyfile>
|
|
|
|
<algorithm>AES</algorithm>
|
|
|
|
<strength>128</strength>
|
|
|
|
</encryption>
|
|
|
|
</security>
|
|
|
|
</lsc>
|
|
|
|
``` |
|
|
\ No newline at end of file |
