I'm attempting to run ARSLSYNC on my RHEL7 CMOD 10.5 development box. It's been giving me fits. No matter what I do the only way I'm getting any output is with these settings in ars.cfg
ARS_LDAP_SERVER_TYPE=AD
#ARS_LDAP_USER_FILTER=(&(objectClass=user)(memberOf=CN=CMOD_XXX_Business_dev,"OU=XXXX Groups,DC=xxx,DC=xxxx,DC=xxxxx,DC=com"))
ARS_LDAP_GROUP_USER_FILTER_USE_DN=FALSE
ARS_LDAP_USER_FILTER=(objectClass=user)
ARS_LDAP_GROUP_FILTER=(objectClass=group)
ARS_LDAP_GROUP_MAPPED_ATTRIBUTE=CN
ARS_LDAP_IGN_GROUPS=Security,CMOD_Admin,CMOD_Operations
The above gives me EVERYBODY in AD except CMOD_XXX_Business_dev. I can't get the filters to work to bring in the only group with 4 users into my Dev environment. According to my identity people the group exists in AD and has 4 users defined.
If I attempt to use the USER_FILTER code ARSLSYNC doesn't find the users or group running with the just -t -v options.
Has anyone been successful using ARSLSYNC to provision users in CMOD that are part of Group?
I am in consultation with IBM Lab Services as part of a work effort to authenticate a small group of users accessing documents via the Thick Client via AD and SSL, which is working fine. Lab Services is also looking at the issue as I've sent them the trace and output.
I'm running CMOD MP 10.5.0.5 on a RHEL7 server with DB2 11
I know next to nothing about AD or LDAP.
