You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by Timothy <ti...@gmail.com> on 2013/05/16 16:44:56 UTC

LDAP Synchronization

Hi, it's me again :)

I'm still trying to configure LDAP synchronization. I have followed the [1]
guide but when I select
org.apache.syncope.core.propagation.impl.LDAPMembershipPropagationActions as
Actions Class in the sync task, I get the message that I shoud enable a
replication plugin under configuration. Can't seem to find the thing though

However, when I select
org.apache.syncope.core.propagation.impl.DefaultSyncActions as Actions Class
the synchronization works in one way. Users I have created in OpenDJ are
visible in Syncope but any changes I do in Syncope have no effect in OpenDJ.

[1]
http://blog.tirasa.net/blogs/index.php/ilgrosso/unlock-full-ldap-features-in

Am I missing something obvious?

Thanks and kind regards,

Timothy



--
View this message in context: http://syncope-dev.1063484.n5.nabble.com/LDAP-Synchronization-tp5713692.html
Sent from the syncope-dev mailing list archive at Nabble.com.

Re: LDAP Synchronization

Posted by Francesco Chicchiriccò <il...@apache.org>.

On 16/05/2013 16:44, Timothy wrote:
> Hi, it's me again :)
>
> I'm still trying to configure LDAP synchronization. I have followed the [1]
> guide but when I select
> org.apache.syncope.core.propagation.impl.LDAPMembershipPropagationActions as
> Actions Class in the sync task, I get the message that I shoud enable a
> replication plugin under configuration. Can't seem to find the thing though

Where is such message coming from? It sounds strange.

LDAPMembershipPropagationActions will enable the propagation of 
memberships from Syncope to LDAP, e.g. when creating user A with role R 
in Syncope, user A will be assigned to role R in LDAP as well, under 
some conditions.

> However, when I select
> org.apache.syncope.core.propagation.impl.DefaultSyncActions as Actions Class
> the synchronization works in one way. Users I have created in OpenDJ are
> visible in Syncope but any changes I do in Syncope have no effect in OpenDJ.

Synchronized users are not assigned any resource by default: you will 
need to change the user template [2] for the LDAP synchronization task 
so that every new user synchronized from LDAP will also get the LDAP 
resource assigned. This will enable the propagation to LDAP of any 
modification occuring on Syncope.

Anyway, have you read the "Changelog" section towards the end of [1]? 
There is something related to OpenDJ.

Regards.

> [1] http://blog.tirasa.net/blogs/index.php/ilgrosso/unlock-full-ldap-features-in
[2] 
https://cwiki.apache.org/confluence/display/SYNCOPE/Tasks#Tasks-SpecifyUserTemplate

-- 
Francesco Chicchiriccò

ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/