[[Annuaire openldap OLC + LSC]]
Trace:
Show pageOld revisions
AdminRecent ChangesSitemap

* ancien site

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
docpublic:systemes:ldap:ldapolc [2017/04/02 15:04]
procacci@tem-tsp.eu [integration des branches] 		docpublic:systemes:ldap:ldapolc [2017/04/03 20:43] (current)
procacci@tem-tsp.eu [lsc.xml]
Line 1: Line 1:
  
 +
 +
 +===== Annuaire openldap OLC + LSC =====
  
 ===== references ===== ===== references =====
Line 672: Line 675:
  ead by * none  ead by * none
 olcAccess: {3}to * by * none olcAccess: {3}to * by * none
 +</code>
 +
 +si necessité de detruite une regle, exemple de ldif qui supprime la regle 3 :
 +
 +<code>
 +[root@idm ~]# cat olcAccessDelId.ldif
 +dn: olcDatabase={1}mdb,cn=config
 +changetype: modify
 +delete: olcAccess
 +olcAccess: {3}
 </code> </code>
 ===== LSC project synchro ===== ===== LSC project synchro =====
Line 749: Line 762:
 <code> <code>
  
-[root@idm ~]#  ldapdelete -H ldap://idm.tem-tsp.eu -D "cn=admin,dc=id,dc=fr" -W -x  cn=syncid,ou=system,dc=id,dc=fr+[root@idm ~]#  ldapdelete -H ldap://idm.tem-tsp.eu -D "cn=admin,dc=id,dc=fr" -W -x  cn=syncuser,ou=system,dc=id,dc=fr
 Enter LDAP Password:  Enter LDAP Password: 
 </code> </code>
Line 762: Line 775:
 [root@idm lsc]# cp lsc.xml ldap-mte2id [root@idm lsc]# cp lsc.xml ldap-mte2id
 [root@idm lsc]# cd ldap-mte2id [root@idm lsc]# cd ldap-mte2id
 +</code>
 +
 +==== lsc logic ====
 +
 +https://lsc-project.org/documentation/2.1/basics
 +
 +==== lsc.xml ====
 +
 +exemple de configuration d'une synchro ldap 2 ldap 
 +
 +{{:docpublic:systemes:ldap:lsc.xml|}}
 +
 +
 +==== execution lsc ====
 +
 +<code>
 +[root@idm ldap-mte2id]# lsc -s user --config /etc/lsc/ldap-mte2id/
 +20:27:22,073 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Could NOT find resource [logback-test.xml]
 +20:27:22,073 |-INFO in ch.qos.logback.classic.LoggerContext[default] - Found resource [logback.xml] at [file:/etc/lsc/ldap-mte2id/logback.xml]
 +20:27:22,074 |-WARN in ch.qos.logback.classic.LoggerContext[default] - Resource [logback.xml] occurs multiple times on the classpath.
 +...
 +avr. 03 20:27:22 - INFO  - Reflections took 68 ms to scan 1 urls, producing 56 keys and 117 values 
 +avr. 03 20:27:22 - INFO  - Logging configuration successfully loaded from /etc/lsc/ldap-mte2id/logback.xml 
 +avr. 03 20:27:22 - INFO  - LSC configuration successfully loaded from /etc/lsc/ldap-mte2id/
 +avr. 03 20:27:22 - INFO  - Connecting to LDAP server ldap://localhost:389/dc=id,dc=fr as cn=syncid,ou=system,dc=idm,dc=fr
 +avr. 03 20:27:22 - INFO  - Connecting to LDAP server ldap://ldapmte.idm.fr:389/dc=mte,dc=fr as cn=syncuser,ou=System,dc=mte,dc=fr
 +avr. 03 20:27:22 - INFO  - Starting sync for user
 +avr. 03 20:27:24 - INFO  - # Adding new object eduPersonPrincipalName=proc@tm-tp.eu,ou=people,ou=mte,dc=id,dc=fr for user
 +# Mon Apr 03 20:27:24 UTC 2017
 +dn: eduPersonPrincipalName=proc@tm-tp.eu,ou=people,ou=mte,dc=id,dc=fr
 +changetype: add
 +supannListeRouge: FALSE
 +...
 +objectClass: top
 +objectClass: person
 +objectClass: inetOrgPerson
 +objectClass: supannPerson
 +objectClass: eduPerson
 +objectClass: organizationalPerson
 +objectClass: labeledURIObject
 +supanncivilite: M.
 +...
 +sn: PROC
 +
 +avr. 03 20:27:24 - INFO  - All entries: 1, to modify entries: 1, successfully modified entries: 1, errors: 0
 +</code>
 +
 +log ldap associés
 +
 +<code>
 +Apr  3 20:27:22 idm slapd[4786]: conn=1207 fd=25 ACCEPT from IP=127.0.0.1:35778 (IP=0.0.0.0:389)
 +Apr  3 20:27:22 idm slapd[4786]: conn=1207 op=0 BIND dn="cn=syncuser,ou=system,dc=id,dc=fr" method=128
 +Apr  3 20:27:22 idm slapd[4786]: conn=1207 op=0 BIND dn="cn=syncuser,ou=system,dc=id,dc=fr" mech=SIMPLE ssf=0
 +Apr  3 20:27:22 idm slapd[4786]: conn=1207 op=0 RESULT tag=97 err=0 text=
 +Apr  3 20:27:23 idm slapd[4786]: conn=1207 op=1 SRCH base="ou=people,ou=mte,dc=id,dc=fr" scope=2 deref=0 filter="(&(objectClass=inetOrgPerson)(eduPersonPrincipalName=proc@tm-tp.eu))"
 +Apr  3 20:27:23 idm slapd[4786]: conn=1207 op=1 SRCH attr=description cn sn userPassword objectClass uid mail departmentNumber employeeType givenName telephoneNumber mobile LabeledURI postalAddress title jpegphoto edupersonAffiliation eduPersonPrincipalName supanncivilite supannListeRouge supannEntiteAffectation
 +Apr  3 20:27:23 idm slapd[4786]: <= mdb_equality_candidates: (eduPersonPrincipalName) not indexed
 +Apr  3 20:27:23 idm slapd[4786]: conn=1207 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text=
 +Apr  3 20:27:24 idm slapd[4786]: conn=1207 op=2 ADD dn="eduPersonPrincipalName=proc@tm-tp.eu,ou=people,ou=mte,dc=id,dc=fr"
 +Apr  3 20:27:24 idm slapd[4786]: conn=1207 op=2 RESULT tag=105 err=0 text=
 +Apr  3 20:27:24 idm slapd[4786]: conn=1207 op=3 UNBIND
 +Apr  3 20:27:24 idm slapd[4786]: conn=1207 fd=25 closed
 </code> </code>
docpublic/systemes/ldap/ldapolc.1491145499.txt.gz · Last modified: 2017/04/02 15:04 by procacci@tem-tsp.eu
Show pageOld revisions
[unknown link type]Back to top
CC Attribution-Noncommercial-Share Alike 4.0 International
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0