Page 1 of 1
omldapsync with scope (sub/base/one)
Posted: Tue Apr 11, 2006 1:48 am
by operator
Hello all,
does anybody know a way to configure the scope (subm base or one) in an omldapsync-agreement.
Thanks
Holger Schmieder
Posted: Tue Apr 11, 2006 4:13 am
by ScalixSupport
Hi,
that would be e.g. EX_BASE1=cn=users,dc=uk,dc=scalix,dc=com in the context of AD, you just need to figure out the ldapsearch and put in the search base in the sync.cfg.
Cheers,
Sascha.
Posted: Tue Apr 11, 2006 4:55 pm
by operator
Hello Sascha,
this is not what i want. Let me explain:
base means: search only this entry
one means: seach on leve below
sub means: search all levels below
example:
OU=ORG1
OU=ORG11
cn=user11
OU=ORG12
cn=user121
cn=user122
cn=user12
...
if i do an ldapseach on OU=ORG1 and objectclass=user with scope one
it returns: cn=user11 and cn=user12
if i do the same with scope sub (this is what omldapsync is doing)
it returns: cn=user11, cn=user12, cn=user121 and cn=user122
I need the second statement because i do not want to synchronize the user below ORG12 with this agreement.
Any more ideas ???
Posted: Tue Apr 11, 2006 4:58 pm
by operator
egain the example-tree, the forum striped out my spaces:
example:
OU=ORG1
----OU=ORG11
----cn=user11
----OU=ORG12
---------cn=user121
---------cn=user122
----cn=user12
Posted: Tue Apr 11, 2006 6:23 pm
by ScalixSupport
Hi Holger,
omldapsync is a script, so you can modify it to include the "-s one" parameter. For example, where you see:
Code: Select all
-h "$MY_HOST" \
-p "$MY_PORT" \
-D "$MY_LOGON" \
-w "$MY_PASS" \
-S "$MY_GUID" \
-b "$MY_BASE" \
-L "$LDFORMAT" \
You could add:
Code: Select all
-h "$MY_HOST" \
-p "$MY_PORT" \
-D "$MY_LOGON" \
-w "$MY_PASS" \
-s "one" \
-S "$MY_GUID" \
-b "$MY_BASE" \
-L "$LDFORMAT" \
You would have to test this on your own as it's not a Supported configuration. However, since that's just a call to omldapsearch, it should work.
Thanks,
Rachel
Posted: Wed Apr 12, 2006 6:56 am
by florian
And I'll log an enhancement request to make the LDAP search scope configurable through the sync.cfg config file.
-- Florian.