lsc.properties

1. # Adapted from http://lists.lsc-project.org/pipermail/lsc-users/2010-October/000471.html
2. ##############################
3. # Destination LDAP directory #
4. ##############################
5. dst.java.naming.provider.url = ldap://dc1.example.net:389/DC=example,DC=net
6. dst.java.naming.security.authentication = simple
7. dst.java.naming.security.principal = CN=lscsync,CN=Users,DC=example,DC=net
8. dst.java.naming.security.credentials = ********
9. dst.java.naming.referral = ignore
10. dst.java.naming.ldap.derefAliases = never
11. dst.java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory
12. dst.java.naming.ldap.version = 3
13.  
14. #########################
15. # Source LDAP directory #
16. #########################
17. src.java.naming.provider.url = ldap://ldap.example.org:389/dc=example,dc=org
18. src.java.naming.security.authentication = simple
19. src.java.naming.security.principal = cn=Directory Manager
20. src.java.naming.security.credentials = ********
21. src.java.naming.referral = ignore
22. src.java.naming.ldap.derefAliases = never
23. src.java.naming.factory.initial = com.sun.jndi.ldap.LdapCtxFactory
24. src.java.naming.ldap.version = 3
25. src.java.naming.ldap.pageSize = 1000
26.  
27. #######################
28. # Tasks configuration #
29. #######################
30. lsc.tasks = ldap2ad_user
31.  
32. ####
33. #### ldap2ad_user : Source
34. ####
35. lsc.tasks.ldap2ad_user.srcService = org.lsc.jndi.SimpleJndiSrcService
36. lsc.tasks.ldap2ad_user.srcService.baseDn = ou=People
37. # lsc.tasks.ldap2ad_user.srcService.filterAll = (&(objectclass=posixAccount)(uid=*))
38. lsc.tasks.ldap2ad_user.srcService.filterAll = (&(objectclass=posixAccount)(uid=sobrien))
39. lsc.tasks.ldap2ad_user.srcService.pivotAttrs = uid
40. lsc.tasks.ldap2ad_user.srcService.filterId = (&(objectClass=posixAccount)(|(uid={uid})(uid={samaccountname})))
41. lsc.tasks.ldap2ad_user.srcService.attrs = description uid cn sn userPassword givenName displayName mail mailAlternateAddress
42.  
43. ####
44. #### ldap2ad_user : Destination
45. ####
46. lsc.tasks.ldap2ad_user.dstService = org.lsc.jndi.SimpleJndiDstService
47. lsc.tasks.ldap2ad_user.dstService.baseDn = CN=Users
48. lsc.tasks.ldap2ad_user.dstService.filterAll = (&(objectClass=inetOrgPerson)(sAMAccountName=*))
49. lsc.tasks.ldap2ad_user.dstService.pivotAttrs = samaccountname
50. lsc.tasks.ldap2ad_user.dstService.filterId = (&(objectClass=inetOrgPerson)(|(sAMAccountName={samaccountname})(sAMAccountName={uid})))
51. lsc.tasks.ldap2ad_user.dstService.attrs = description name givenName displayName cn sn objectClass sAMAccountName userPrincipalName userAccountControl uid mail proxyAddresses
52. lsc.tasks.ldap2ad_user.bean = org.lsc.beans.SimpleBean
53.  
54. # escaping commas in the dn does not seem to work:
55. # lsc.tasks.ldap2ad_user.dn = "CN=" + srcBean.getAttributeValueById("cn").split(",").join("\\\\\\\\,") + ",CN=Users"
56. # lsc.tasks.ldap2ad_user.dn = "CN=" + srcBean.getAttributeValueById("cn").split(",").join("\\\\2C") + ",CN=Users"
57.  
58. # escaping single-quote?
59. # lsc.tasks.ldap2ad_user.dn = "CN=" + srcBean.getAttributeValueById("cn").split("'").join("\\\\\\\\\\\\\\\\'") + ",CN=Users"
60. # lsc.tasks.ldap2ad_user.dn = "CN=" + srcBean.getAttributeValueById("cn").split("'").join("\\\\\\\\'") + ",CN=Users"
61. # lsc.tasks.ldap2ad_user.dn = "CN=" + srcBean.getAttributeValueById("cn").split("'").join("\\\\27") + ",CN=Users"
62. lsc.tasks.ldap2ad_user.dn = "CN=" + srcBean.getAttributeValueById("cn") + ",CN=Users"
63.  
64. dn.real_root = DC=example,DC=net
65.  
66. lsc.syncoptions.ldap2ad_user = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
67. lsc.syncoptions.ldap2ad_user.default.action = K
68. lsc.syncoptions.ldap2ad_user.default.delimiter = $
69. lsc.syncoptions.ldap2ad_user.sn.action = F
70. # lsc.syncoptions.ldap2ad_user.sn.force_value = srcBean.getAttributeValueById("sn").split("'").join("\27")
71. lsc.syncoptions.ldap2ad_user.sn.force_value = srcBean.getAttributeValueById("sn")
72. lsc.syncoptions.ldap2ad_user.objectClass.action = F
73. lsc.syncoptions.ldap2ad_user.objectClass.create_value = "top"$"person"$"organizationalPerson"$"user"$"inetOrgPerson"$"posixAccount"
74. lsc.syncoptions.ldap2ad_user.sAMAccountName.create_value = srcBean.getAttributeValueById("uid")
75. lsc.syncoptions.ldap2ad_user.uid.action = F
76. lsc.syncoptions.ldap2ad_user.uid.force_value = srcBean.getAttributeValueById("uid")
77. lsc.syncoptions.ldap2ad_user.userPrincipalName.create_value = srcBean.getAttributeValueById("uid") + "@example.net"
78. lsc.syncoptions.ldap2ad_user.cn.action = F
79. # lsc.syncoptions.ldap2ad_user.cn.force_value = srcBean.getAttributeValueById("cn").split("'").join("\27")
80. lsc.syncoptions.ldap2ad_user.cn.force_value = srcBean.getAttributeValueById("cn")
81. lsc.syncoptions.ldap2ad_user.givenName.action = F
82. lsc.syncoptions.ldap2ad_user.givenName.force_value = srcBean.getAttributeValueById("givenName")
83. lsc.syncoptions.ldap2ad_user.mail.action = F
84. lsc.syncoptions.ldap2ad_user.mail.force_value = srcBean.getAttributeValueById("mail")
85. lsc.syncoptions.ldap2ad_user.proxyAddresses.action = F
86. lsc.syncoptions.ldap2ad_user.proxyAddresses.force_value = srcBean.getAttributeValueById("mailAlternateAddress")
87. lsc.syncoptions.ldap2ad_user.name.action = F
88. lsc.syncoptions.ldap2ad_user.name.create_value = srcBean.getAttributeValueById("displayName")
89. lsc.syncoptions.ldap2ad_user.userAccountControl.force_value = \
90. AD.userAccountControlSet( "0", [ AD.UAC_SET_PASSWD_NOTREQD, AD.UAC_SET_NORMAL_ACCOUNT, AD.UAC_UNSET_ACCOUNTDISABLE, AD.UAC_SET_DONT_EXPIRE_PASSWORD, AD.UAC_SET_PASSWD_CANT_CHANGE ])