January 26, 2015 at 10:32 am #2807jean.austinParticipant
I am trying to get the bi-directional sync working. I could run the related examples sample2b and sample2c and see the sync working.
I need to get this working for my set-up having an OpenDJ with BaseDN as
dc=cas,dc=mj,dc=go. Under this base DN, I have a top level organisational unit IDUsers with dn as
ou=IDUsers,dc=cas,dc=mj,dc=go. The IDUsers has a number of users of a custom object type. An example user is:
uid=john.miller,ou=IDUsers,dc=cas,dc=mj,dc=go. I am able to do the CRUD on these using OpenDJ REST API and through control panel UI.
But, I am not able to get the bi-directional sync working as explained in sample2b and sample2c.
Please could anyone explain what all to change to get this working? I could not get a clear documentation on what files to change.
Many thanks.January 26, 2015 at 5:12 pm #2815laurent.bristielParticipant
before having sync working, you might want to check that you can access your OpenDJ object via the OpenIDM REST API with call like this:
$ curl \ --cacert self-signed.crt \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --request GET \ "https://localhost:8443/openidm/system/ldap/account/fc252fd9-b982-3ed6-b42a-c76d2546312c"
If that does not work, then you have to configure your connexion to OpenDJ.
This is explained in this section of the doc: Configuring ConnectorsJanuary 27, 2015 at 5:59 pm #2845jean.austinParticipant
Thank you Laurent.
For the REST call for a user, I get
I think I need to modify my URL
https://localhost:8443/openidm/system/ldap/account/for the part
system/ldap/account/but I don’t know what to change it to.
What are system, ldap and account in
system/ldap/account? Where are these defined? I guess the system and ldap would be same for my case but account is different.
I think I need to modify
openicf.openicf-ldap.jsonand change parts like
"source" : "system/ldap/account". But, no able to find what to change to from the documentation.
January 28, 2015 at 9:45 pm #2870Mike JangSpectator
- This reply was modified 6 years, 10 months ago by jean.austin.
If you use a non-existent UID at the end of the system/ldap/account endpoint, you would get a 404. One alternative to Laurent’s command is
–cacert self-signed.crt \
–header “X-OpenIDM-Username: openidm-admin” \
–header “X-OpenIDM-Password: openidm-admin” \
–request GET \
For more information on sync.json, refer to the chapter on Configuring Synchronization. It includes several examples of how you can modify sync.json.
As for openicf.openicf-ldap.json, I’m not sure. Are you referring to the provisioner.openicf-ldap.json file? If so, you can find more information in the section on the Generic LDAP Connector.
Let us know if this helps.
You must be logged in to reply to this topic.