LDAP Group Sync With AEM

Question

HiI m using CQ(5.6.1) and LDAP(ApacheDS).I have completed the ldap user sync to CQ, Now I have to do the group sync, groups have already been created in ldap, I have to add the user to the ldap groups dynamically depending on the country specific sites e.g. if user is trying to access the Worldwide site then I need to add that user to the worldwide group and same user group need to be synchronized to CQ whenever user gets synchronized with CQ.However there is an attribute “autocreate.user.membership” through which we can add the user to a default group but here the prerequisite of case study is different.I tried with the “memberOf” attribute and specify the group “dn” but when I am trying to add this property through java api, it’s throwing an error of SvcErr:DSID-031A11E5, problem 5003(WILL_NOT_PERFORM). I have also tried to synchronize the admin user that client has provided, it contains all the attributes like “memberOf”  and group “dn” value has already been specified for the memberOf attribute, through JMX(com.adobe.granite.ldap) and sync the user using syncUser method  but only user is getting synchronized , group is not getting synchronized. I have attached the ldap_login configuration file that I am using to connect to ldap.I have followed the same web links but that did not work for group sync.I am using AEM 5.6.1 and LDAP(Active Directory), I have completed the ldap user sync to CQ, Now I have to do the group sync, groups have already been created in ldap, I have to add the user to the ldap groups dynamically depending on the country specific sites e.g. if user is trying to access the Worldwide site then I need to add that user to the worldwide group and same user group need to be synchronized to CQ whenever user gets synchronized with CQ.However there is an attribute “autocreate.user.membership” through which we can add the user to a default group but here the prerequisite of case study is different.I tried with the “memberOf” attribute and specify the group “dn” but when I am trying to add this property through java api, it’s throwing an error of SvcErr:DSID-031A11E5, problem 5003(WILL_NOT_PERFORM). I have also tried to synchronize the admin user that client has provided, it contains all the attributes like “memberOf”  and group “dn” value has already been specified for the memberOf attribute, through JMX(com.adobe.granite.ldap) and sync the user using syncUser method  but only user is getting synchronized , group is not getting synchronized. I have attached the ldap_login configuration file that I am using to connect to ldap.

Sam205505050 · Accepted Answer

you have to use callback mechanishm whenever user is synced. Follow this : http://dev.day.com/docs/en/crx/current/administering/ldap_authentication.html#CALLBACKS

1. mention this parameter syncCallbackClass in ldap_login.conf

2. get the userid from map

3. Assign the user to the group you want.

Anonymous · Answer

I have tried that but repo session is not available in the callback class, i have also tried to get the repo session through jndi but this also didn't work. Everytime, it throws a repository exception.

가입하기

소셜 로그인

커뮤니티에 로그인

소셜 로그인

파일을 바이러스 검사 중입니다.

이 파일은 다운로드할 수 없습니다