Exporting LDAP users data to CSV file, depending of LDAP groups

Build the LSC-sample connector, then package and install it.

You have to active the overlay memberOf, so that user entries could have the memberOf attribute. This attribut should be indexed.

Take care to :

• specify a EmptyJndiDstServer for the dstService task property ;
• force LSC to not create or delete entries into the destination directory ;
• execute LSC in dry-run mode to force logging (options -n, or -nc, -nd, …)
• indicate the LDAP group in the filterAll property of the source directory, through the memberOf attribute

So, edit lsc.properties, to create/modify a synchronization task :

lsc.tasks = application1

lsc.tasks.application1.type = ldap2ldap
lsc.tasks.application1.object = org.lsc.objects.inetOrgPerson
lsc.tasks.application1.dn = \"uid=\" + srcBean.getAttributeValueById(\"uid\") + \
  \",ou=People\"
lsc.tasks.application1.bean = org.lsc.beans.person
lsc.tasks.application1.condition.create = false
lsc.tasks.application1.condition.delete = false
lsc.tasks.application1.srcService.pivotAttrs = uid
lsc.tasks.application1.srcService.filterId = (&(objectClass=inetOrgPerson)(uid={uid}))
lsc.tasks.application1.srcService.filterAll = \
  (&(objectClass=inetOrgPerson)(memberOf=cn=group1,ou=Groups,dc=example,dc=net))
lsc.tasks.application1.srcService.baseDn = ou=people
lsc.tasks.application1.srcService.attrs = uid cn sn givenName mail objectclass
lsc.tasks.application1.srcService = org.lsc.jndi.SimpleJndiSrcService
lsc.tasks.application1.dstService.pivotAttrs = uid
lsc.tasks.application1.dstService.filterId = (&(objectClass=inetOrgPerson)(uid={uid}))
lsc.tasks.application1.dstService.filterAll = (objectClass=inetOrgPerson)
lsc.tasks.application1.dstService.baseDn = ou=people
lsc.tasks.application1.dstService.attrs = uid cn sn givenName mail objectclass
lsc.tasks.application1.dstService = org.lsc.jndi.EmptyJndiDstService

lsc.syncoptions.application1 = org.lsc.beans.syncoptions.PropertiesBasedSyncOptions
lsc.syncoptions.application1.default.action = F

Now, edit log4j.properties to add a CSV appender :

log4j.appender.LSC_CSV = org.apache.log4j.FileAppender
log4j.appender.LSC_CSV.File = /path/to/lsc/tmp/lsc-output.csv
log4j.appender.LSC_CSV.layout = org.lsc.utils.log4j.csv.CsvLayout
log4j.appender.LSC_CSV.layout.logOperation = create
log4j.appender.LSC_CSV.layout.attrs = uid;sn;givenName;cn;mail
log4j.appender.LSC_CSV.layout.separator = ;
log4j.appender.LSC_CSV.Threshold = DEBUG
log4j.appender.LSC_CSV.Append = false

Note that the value in the log4j.appender.LSC_CSV.File property is very important, it will be read by the wrapper. You can have more informations on this logger here: Managing output format through Log4j.

You have to select the DEBUG level for LSC :

log4j.logger.lsc = DEBUG, LSC, LSC_CSV

But you can override log level in appender, by specifying the Threshold property :

log4j.appender.LSC.Threshold = INFO

Suppose your binary is /path/to/lsc/bin/lsc-ldap2csv/, then create a simple shell script that will call this binary :

# touch /path/to/lsc/bin/lsc-ldap2csv-wrapper

Then edit it :

#!/bin/bash

# Global configuration
LSC_HOME=/path/to/lsc
LSC_BIN=$LSC_HOME/bin/lsc-ldap2csv

# Indicates tasks. Then, in the same order, CSV files.
LSC_TASKS="application1:application2"
LSC_CSV_DIR="$LSC_HOME/csv"

# Have to be configure at exactly the same value in log4j.properties
LSC_OUT=$LSC_HOME/tmp/lsc-output.csv

function main()
{
  IFSO=$IFS
  IFS=':'
  for task in $LSC_TASKS
  do
    if [ -e $LSC_OUT ]; then
      rm -f $LSC_OUT
    fi
    if [ -e $LSC_CSV_DIR/$task.csv ]; then
      mv $LSC_CSV_DIR/$task.csv $LSC_CSV_DIR/$task.csv.bak
    fi
    $LSC_BIN -s $task -n
    mv $LSC_OUT $LSC_CSV_DIR/$task.csv
  done
  IFS=$IFSO
}

main

Finally, create a cron task in /etc/cron.d/ that will run this wrapper :

45 * * * * root [ -x /path/to/lsc/bin/lsc-ldap2csv-wrapper ] \
  && /path/to/lsc/bin/lsc-ldap2csv-wrapper > /dev/null 2>&1