Dear All,
I have faced the following scenario:
Customer uses IBM Domino Lotus ldap as additional ldap (some applications are authorizing from it), so I am going to create account collector.
Issue 1:
The accounts' CN attribute is not collected
CN=<account's fqdn>
cn=<account name>
mail=<account mail address>
displayname=<account's lotus style fqdn, like Zoltan Izsak/Engineering/IT/RSA/HU>
objectclass=dominoPerson
objectclass=inetOrgPerson
objectclass=organizationalPerson
objectclass=person
objectclass=top
mailaddress=<o365 account mailbox address>
department=<some department id>
employeeid=<user id>
dominocertificate=<some certificate>
givenname=<givenname, like Zoltan>
sn=<last name, like Izsak>
uid=<account id, which is concatenated first name and last name, like zoltanizsak>
maildomain=<company name>
location=Bank
I would like to collect CN for obvious reasons but I can only collect cn. Even if not collecting cn, CN is not collected, like it was not existing. The collector data source type is ldap. I have tried OpenLDAP, Other and OID as well. I tried to collect into several Aveksa attributes. None of the combinations could collect CN.
Any idea?
Issue 2:
The same ldap contains groups as well. An example:
CN=LocalDomainAdmins
cn=LocalDomainAdmins
mail=localdomainadmins@<company name>.local
displayname=LocalDomainAdmins
objectclass=dominoGroup
objectclass=groupOfNames
objectclass=top
member=<member 1 fqdn>
member=<member 2 fqdn>
maildomain=<company domain>
The account collector was not able to collect any groups. I tried to filter on objectclass=dominoGroup and objectclass=groupOfNames but both returned 0 groups. Base DN is near to the ldap root and I am searching in the subtree as well.
Any idea what is the problem?
