Sample 2d - Synchronizing LDAP Groups

-------------------------------------

Copyright (c) 2012 ForgeRock AS

This work is licensed under a Creative Commons Attribution-

NonCommercial-NoDerivs 3.0 Unported License. See

This sample is the same as sample 2c except that it focuses on synchronizing

LDAP groups.

To run this sample, launch OpenIDM with the sample configuration as follows:

$ /path/to/openidm/startup.sh -p samples/sample2d

or follow the documentation in the Install Guide:

http://openidm.forgerock.org/doc/install-guide/index.html#more-sample2d

The sample configuration connects to a local OpenDJ server with the following

parameters:

"host" : "localhost",

"port" : 1389,

"principal" : "cn=Directory Manager",

"credentials" : "password",

Unlike sample2, this sample sync.json configuration contains three mappings -

two for user objects and one for group objects. The number of attributes mapped

is limited.

New groups are created from LDAP by running a reconciliation against the LDAP

groups. Reconciliation synchronizes the cn and dn of the groups as well as the

description and the uniqueMember attribute which contains a list of all the

member DNs of this group.