Configure the sync pipe and sync classes
The following procedures define a Sync Pipe and two Sync Classes. The first Sync Class is used to match the accounts
objects. The second Sync Class matches the group
objects.
-
Continuing from the previous session, enter a name for the Sync Pipe.
-
When prompted to define one or more Sync Classes, enter
yes
.
Configure the accounts Sync Class
-
Enter a name for the Sync Class. For example, type
accounts_sync_class
. -
If restricting entries to specific subtrees, enter one or more base distinguished name (DN)s. If not, press Enter to accept the default (no).
-
To set an Lightweight Directory Access Protocol (LDAP) search filter, type
yes
and enter the filter"(accountid=*)"
. Press Enter again to continue. This property sets the LDAP filters and returns all entries that match the search criteria to be included in the Sync Class. In this example, specify that any entry with anaccountID
attribute be included in the Sync Class. If the entry does not contain any of these values, it will not be synchronized to the target server. -
Choose to synchronize all attributes, specific attributes, or exclude specific attributes from synchronization, or press Enter to accept the default (all).
-
Specify the operations that will be synchronized for the Sync Class, or press Enter to accept the default.
Configure the groups Sync Class
For this example, configure another Sync Class to handle the groups
object class. The procedures are similar to that of the configuration steps for the account_sync_class
Sync Class.
-
On the Sync Class menu, enter a name for a new sync class, such as
groups_sync_class
. -
To restrict entries to specific subtrees, enter one or more base DNs.
-
Set an LDAP search filter. Type
yes
to set up a filter and enter the filter"(objectClass=groupOfUniqueNames)"
. This property sets the LDAP filters and returns all entries that match thegroupOfUniqueNames
attribute to be included in the Sync Class. If the entry does not contain any of these values, it will not be synchronized to the target server. -
Choose to synchronize all attributes, specific attributes, or exclude specific attributes from synchronization, or press Enter to accept the default (all).
-
Specify the operations that will be synchronized for the Sync Class, or press Enter to accept the default.
-
At the prompt to enter the name of another Sync Class, press Enter to continue.
-
On the Default Sync Class Operations menu, press Enter to accept the default. The Default Sync Class determines how all entries that do not match any other Sync Class are handled.
-
Review the configuration, and press Enter to write the configuration to the server.
Use the dsconfig
tool to make changes to this configuration. See Configuring PingDataSync for configuration options and details.