Access to the directory serve A comprehensive understanding of your LDAP server's structure is necessary to configure the MFP. | A LDAP browser application (Microsoft™ LDP or Softerra™) may have the ability to obtain the following information: - Your organization's structure.
- Your directory server's topology.
- Whether or not you are communicating with a parent or child domain.
- Other information about the design.
|
The DNS name* or IP address of the Domain Controller acting as the Directory Server. The address of the server hosting LDAP. Note: Avoid IP addresses in a DHCP environment. Any IP change to the domain controller may cause a communication failure with all MFPs configured to use LDAP. | dc01.company.com. Often this value comprises the fully qualified domain name (FQDN). |
Common server ports* are 389 and 3268 Port 389 will work in in an AD environment; however, multiple Domain Controllers (DCs) may cause performance issues. | - Port 3268 for global catalog server in Active Directory (AD) environments.
- Port 389 for all other LDAP environments
|
The mail attribute* This setting is required for the MFP to query for the e-mail addresses. Note: Users’ login information will be compared to this attribute. | mail Note: This setting is common in most Active Directory (AD) environments. |
The fax number attribute* This setting is required for the MFP to query for fax numbers. | facsimilietelephonenumber Note: This setting is common in most Active Directory (AD) environments. |
Search Base* Note: Start with the parent domain. Tells where in the directory "tree" to start looking and the parent domain is likely to contain ALL user account information. Note: Subsets can be used if performance becomes an issue, but then all user accounts must reside within the child domain. | Company.com entered in DN format, e.g., DC=company,DC=com Note: Distinguished name (DN) format should include DC (Domain Controller) capitalized, commas for dots and no spaces. All Active Directory (AD) queries will fail this field is left blank. |
Device Credentials* Distinguished Name (DN) and password) Note: This may be called MFP Credentials. The DN path should point to a location on the directory server where all user "service accounts" reside. This setting identifies and describes an entry in a directory on an LDAP server. Simple binds require a "service account" name and password if sharing among multiple MFPs | Place a checkmark next to Anonymous Bind for most non-Active Directory LDAP servers. Example of a full distinguished name will look similar to: CN=Lexmark,OU=Service Accounts,DC=company,DC=com |