RMLL 2014 - LDAP Synchronization Connector

18
Clément OUDOT [email protected]

description

Presentation of LDAP Synchronization Connector, with the new features of 2.1 release, including the Executable plugin.

Transcript of RMLL 2014 - LDAP Synchronization Connector

Page 2: RMLL 2014 - LDAP Synchronization Connector

2

About the speaker

Page 3: RMLL 2014 - LDAP Synchronization Connector

What is LSC ?

Free softwareFree software TechnologiesTechnologies InteroperabilityInteroperability

BSD license

Community leadership

Java

XML configuration

JS/Groovy scripting

Perl (monitoring)

LDAP (jndi)

Active Directory

SGBD (jdbc)

Google Apps

Files (CSV)

Page 4: RMLL 2014 - LDAP Synchronization Connector

OpenLDAP Active Directory

Page 5: RMLL 2014 - LDAP Synchronization Connector

LDAPv3 advanced support

StartTLSStartTLS

Paged Paged ResultResult

LDAP SyncLDAP Sync(Syncrepl)(Syncrepl)

Page 6: RMLL 2014 - LDAP Synchronization Connector

Scripting helpers

LQLLQL

SecuritySecurity

SambaSambaLSC

Active Active DirectoryDirectory

Page 7: RMLL 2014 - LDAP Synchronization Connector

LDAP Query Language

srcLdap.attribute( srcLdap.list( "ou=services", "uniqueMember=" + srcBean.getDistinguishName() + "" ), 'description').get(0)

Access to srcLdap (source) and ldap (destination) connection objects

attributeattribute searchsearch listlist

readread supsup

Page 8: RMLL 2014 - LDAP Synchronization Connector

Plugins

NISNIS ExecutableExecutable OBMOBM

Page 9: RMLL 2014 - LDAP Synchronization Connector

The “sync” phase

Source Destination

1122

33

4455

List all entriesRead pivot

Get each entryRead attributes

Get each entryRead attributes

LSC

Calculatemodifications

Applymodifications

Page 10: RMLL 2014 - LDAP Synchronization Connector

The “clean” phase

Source Destination

11

22

3344

List all entriesRead pivot

Get each entry

LSC

Calculatedeletions

Applydeletions

Page 11: RMLL 2014 - LDAP Synchronization Connector

Configuration overview

● Main configuration file: lsc.xml

● Logs : logback.xml● SQL queries : sql-map-

config.xml / sql-map-config.d/

ConnectionsConnections

TasksTasks

ServicesServices

RulesRules

Page 12: RMLL 2014 - LDAP Synchronization Connector

LDAP connection<ldapConnection>  <name>ldap­dst­conn</name>  <url>ldap://HOSTNAME/SUFFIX</url>  <username>DN</username>  <password>PWD</password>  <authentication>SIMPLE</authentication>  <referral>IGNORE</referral>  <derefAliases>NEVER</derefAliases>  <version>VERSION_3</version>  <pageSize>­1</pageSize>  <factory>com.sun.jndi.ldap.LdapCtxFactory</factory>  <tlsActivated>false</tlsActivated></ldapConnection>

Page 13: RMLL 2014 - LDAP Synchronization Connector

Database connection

<databaseConnection>  <name>jdbc­src­conn</name>  <url>jdbc:JDBC_URL</url>  <username>USER</username>  <password>PWD</password>  <driver>JDBC_DRIVER</driver></databaseConnection>

Page 14: RMLL 2014 - LDAP Synchronization Connector

Dataset

<dataset>  <name>cn</name>  <policy>FORCE</policy>  <forceValues>    <string><[CDATA[srcBean.getDatasetFirstValueById("FIRSTNAME") + srcBean.getDatasetFirstValueById("NAME");    ]]></string>  </forceValues></dataset>

Page 15: RMLL 2014 - LDAP Synchronization Connector

Executable plugin

LDIF Source ServiceLDIF Destination

ServiceLDAP Destination

Service

LISTGET

ADDUPDATEREMOVERENAME

LISTGETADDUPDATEREMOVERENAME

Page 16: RMLL 2014 - LDAP Synchronization Connector

16

Thanks

RMLL Staf LSC team LINAGORA

Page 17: RMLL 2014 - LDAP Synchronization Connector

17

Stay tuned

IRC

#lsc-project@freenode

http://lists.lsc-project.org/

https://www.ohloh.net/p/lsc

http://lsc-project.org

Page 18: RMLL 2014 - LDAP Synchronization Connector