0 синхронизированы пользователь и группа. Ниже приведены мой журнал и настройки ldap. Все, что я хочу сделать, это: 1. сопоставить группу AD "ccusers" с группой в TeamCity и создать всех пользователей в этой группе. 2. Или добавьте всех пользователей из группы AD «ccusers» в группу «Все пользователи» в TeamCity.
Как я могу это настроить?
[2014-02-10 09:11:01,871] INFO - jetbrains.buildServer.LDAP - Starting synchronization session
[2014-02-10 09:11:01,871] INFO - jetbrains.buildServer.LDAP - Fetching remote users and groups
[2014-02-10 09:11:01,902] WARN - jetbrains.buildServer.LDAP - Total results: 0
[2014-02-10 09:11:01,917] INFO - jetbrains.buildServer.LDAP - LDAP groups mapping loaded
[2014-02-10 09:11:01,964] WARN - jetbrains.buildServer.LDAP - Total results: 1
[2014-02-10 09:11:01,964] INFO - jetbrains.buildServer.LDAP - Last synchronization statistics: created users=0, updated users=0, deleted users=0, remote users=0, matched users=0, created groups=0, updated groups=0, deleted groups=0, remote groups=0, matched groups=0, duration=93ms, errors=[]
# LDAP SYNCHRONIZATION
####################################################################################################
### USERS SETTINGS ###
# Set to "true" to enable the synchronization for existig users' properties.
# For users creation and deletion, see teamcity.options.groups.synchronize and consider mapping "All Users" group
teamcity.options.users.synchronize=true
# The user search LDAP filter used to retrieve users to synchronize.
# The search is performed inside the LDAP entry denoted by "teamcity.users.base".
# Note: during the process of user authentication the "teamcity.users.login.filter" filter is used, not this one.
#teamcity.users.filter=(objectClass=user)
teamcity.users.filter=(&(objectCategory=Person)(memberof=CN=ccusers,OU=UNIX%20Security%20Groups,OU=CTD_CM_RMG,OU=Corporate%20Clients%20V2,DC=office,DC=adroot,DC=bmogc,DC=net))
### GROUPS SETTINGS ###
# These settings are mandatory if groups synchronization is turned on (ldap-mapping.xml exists)
# Set to "true" to enable the synchronization for groups listed in ldap-mapping.xml file.
# IMPORTANT NOTE: TeamCity groups should be alredy created manually and listed in ldap-mapping.xml file.
teamcity.options.groups.synchronize=true
# The groups base DN. If defined, groups are retrieved only from the LDAP subtree denoted by this DN.
# This DN should be "relative" to the root specified by "java.naming.provider.url".
# If omitted, it is assumed empty and group searches are performed under the entry denoted by "java.naming.provider.url".
#teamcity.groups.base=CN=users
#teamcity.groups.base=DC=office,DC=adroot,DC=bmogc,DC=net
# The group search LDAP filter used to retrieve groups to synchronize.
# The search is performed inside the LDAP entry denoted by "teamcity.groups.base".
#teamcity.groups.filter=(objectClass=group)
teamcity.groups.filter=(&(objectClass=Group)(|(cn=ccusers)))
# Set to "true" to enable automatic user creation and deletion during group synchronization.
teamcity.options.createUsers=false
teamcity.options.deleteUsers=false
### OPTIONAL SETTINGS ###
# The time interval between synchronizations (in milliseconds). By default, it is one hour.
teamcity.options.syncTimeout = 3600000
# The attribute that indicates the member of the group.
# Note: LDAP property should contain the full DN of the member.
teamcity.groups.property.member=member
# The name of LDAP attribute containing the DN. By default, 'distinguishedName' is used.
#teamcity.property.distinguishedName=distinguishedName
teamcity.property.distinguishedName=cn
# The name of LDAP attribute to retrieve user's full name
teamcity.users.property.displayName=displayName
# The name of LDAP attribute to retrieve user's email
teamcity.users.property.email=mail
Если я хорошо понимаю, вам следует отредактировать ldap-mapping.xml (или создать его как копию из ldap-mapping.xml.dist). Вы можете создать карту в этом файле.
<!DOCTYPE mapping SYSTEM "ldap-mapping.dtd">
<mapping>
<group-mapping teamcityGroupKey="ALL_USERS_GROUP" ldapGroupDn="CN=ccusers,OU=UNIX%20Security%20Groups,OU=CTD_CM_RMG,OU=Corporate%20Clients%20V2,DC=office,DC=adroot,DC=bmogc,DC=net"/>
</mapping>
Обновлено:
Я сравнил ваш журнал и свой. Я вижу т.е. "Статистика: ... удаленные пользователи = 27, ... удаленная группа = 1". Так что я предполагаю, что у вас может быть ошибка в вашем фильтре или базе. Я отлаживал свои фильтры в LDAP Apanche Directory Studio.