Page 1 of 1

omldapsync with scope (sub/base/one)

Posted: Tue Apr 11, 2006 1:48 am
by operator
Hello all,

does anybody know a way to configure the scope (subm base or one) in an omldapsync-agreement.

Thanks
Holger Schmieder

Posted: Tue Apr 11, 2006 4:13 am
by ScalixSupport
Hi,

that would be e.g. EX_BASE1=cn=users,dc=uk,dc=scalix,dc=com in the context of AD, you just need to figure out the ldapsearch and put in the search base in the sync.cfg.

Cheers,

Sascha.

Posted: Tue Apr 11, 2006 4:55 pm
by operator
Hello Sascha,

this is not what i want. Let me explain:
base means: search only this entry
one means: seach on leve below
sub means: search all levels below

example:
OU=ORG1
OU=ORG11
cn=user11
OU=ORG12
cn=user121
cn=user122
cn=user12
...
if i do an ldapseach on OU=ORG1 and objectclass=user with scope one
it returns: cn=user11 and cn=user12

if i do the same with scope sub (this is what omldapsync is doing)
it returns: cn=user11, cn=user12, cn=user121 and cn=user122

I need the second statement because i do not want to synchronize the user below ORG12 with this agreement.

Any more ideas ???

Posted: Tue Apr 11, 2006 4:58 pm
by operator
egain the example-tree, the forum striped out my spaces:

example:
OU=ORG1
----OU=ORG11
----cn=user11
----OU=ORG12
---------cn=user121
---------cn=user122
----cn=user12

Posted: Tue Apr 11, 2006 6:23 pm
by ScalixSupport
Hi Holger,

omldapsync is a script, so you can modify it to include the "-s one" parameter. For example, where you see:

Code: Select all

            -h "$MY_HOST" \
            -p "$MY_PORT" \
            -D "$MY_LOGON" \
            -w "$MY_PASS" \
            -S "$MY_GUID" \
            -b "$MY_BASE" \
            -L "$LDFORMAT" \


You could add:


Code: Select all

            -h "$MY_HOST" \
            -p "$MY_PORT" \
            -D "$MY_LOGON" \
            -w "$MY_PASS" \
            -s "one" \
            -S "$MY_GUID" \
            -b "$MY_BASE" \
            -L "$LDFORMAT" \


You would have to test this on your own as it's not a Supported configuration. However, since that's just a call to omldapsearch, it should work.

Thanks,
Rachel

Posted: Wed Apr 12, 2006 6:56 am
by florian
And I'll log an enhancement request to make the LDAP search scope configurable through the sync.cfg config file.

-- Florian.