What You Will See
Users in the LDAP child domain are unable to scan to the Home Directory in the parent domain.
"An application error has occurred. Please contact your Systems Administrator."
Products Affected
MFPs running Scan-to-Network File (SNF) versions 3.4.2 and 3.5.0.
Suggested Remedy
Create separate scan destinations for users in the parent and child (admin) domains.
| For the child scan destination... | Specific Authentication Instructions |
| use the Address Book LDAP port for the child domain (3268)... | Users will enter their credentials on the touch screen with username only. (No Domain) |
| For the parent scan destination... |
the LDAP port for the parent domain populate, also populate the 'Domain' entry field with the fully qualified domain name.... |
NOTES:
- The LDAP Address Book setup in the Network/Ports Menu must be set to use Global Catalog port 3268.
- The customer's Active Directory configuration must be modified on their server to replicate the Home Directory attribute to Global Catalog.
Important: This is not the default AD configuration. This remedy will not be viable if you are unwilling or unable to modify your Active Directory server configuration.
Explanation
A problem occurs when you try to scan across domains because SMBclient and LDAP have different formats for users/domains.
- SMB uses domain\user
- LDAP uses something a lot more complicated, such as cn=user, dc=domain, dc=...
Still Need Help?
If you need additional assistance, please see
contact
information below to
Lexmark Technical Support. NOTE: When calling for support, you will need the model type and serial number (SN) of your printer. Please call from near your computer and printer in case the technician asks you to perform a task on these devices.
LEGACY ID: SO7389
Audience:INTERNAL ONLY
Additional Information
LDAP referrals are really preferred on all platforms given the required changes to Active Directory.
Devices that currently support LDAP referrals:
- HomeStretch EC 3 (X548, X792, X86 and X925 MFPs)
- Winner's Circle EC 1 and greater.
NOTE: This excludes SNF Basic.
Challenges
To iterate the difficulty of this solution:
- The LDAP Address Book setup in the Network/Ports Menu must be set to use Global Catalog port 3268.
- The customer's Active Directory configuration must be modified on their server to replicate the homeDirectory attribute to Global Catalog.
- This is not the default AD configuration, and many customers are not willing to modify their Active Directory server configuration to make this work.
LEGACY ID: SO7389