LDAP Lookup Settings Dialog Box

This dialog box specifies settings to look up the email address and other attributes for an authenticated user on an LDAP server.

Option Description
LDAP Server Type the address or host name of the LDAP server.
Root DN Enter the distinguished name for the node where the search should start. No value is required if Windows authentication is used. Any value entered must begin with LDAP://.

The following format must be used:

LDAP://ldapserver.domain.com:port/OU=Users,DC=domain,DC=com

Possible LDAP Ports

  • Standard LDAP: 389
  • Active Directory Global Catalog: 3268
  • LDAP over SSL: 636
  • Active Directory Global Catalog over SSL: 3269

If the field is left blank, then by default the starting point of the search will be the root node of the directory tree. Search root patterns for different cases are shown below.

Login as anonymous Choose this option to establish an anonymous connection with the LDAP server.
Login with the following credentials Choose this option to log on to the LDAP server using the specified User name and Password.
Directory Type Select the type of directory that will be searched. If an option other than Custom is selected then predefined attributes will be used to match the authenticated username and retrieving the email address.
Match User name against This is a variable set by the system administrator. Check with your system administrator to adjust this settings.
Get email address from This is a variable set by the system administrator. Check with your system administrator to adjust this settings.
Additional Attributes Type the name of the user attributes separated by a semicolon. If no attributes are specified in this box, then only the email address will be retrieved. These attributes will be available as User Attributes Replacement Tag Names (URTN). For details on the format of these URTNs, refer to Fuji Xerox AIP Component RRTs .
Test Lookup To test the search settings, enter a sample user name in the Username and click the Test button.

Search Root Patterns for Authentication

Authentication/Use Case Search Root Patterns Result
Case 1: Windows/Used when AutoStore server belongs to the Active Directory domain. Username and password should be left empty. Empty Credentials of the user under which Autostore server is running will be used.

Searches through all containers in Active Directory to which AutoStore Server belongs.

Case 2:Windows/Used when AutoStore server belongs to the Active Directory domain. Username and password should be left empty.
LDAP://distinguished_name_of_container
                        

Example: LDAP://OU=Dept,DC=md,DC=nsi,DC=com

Credentials of the user under which Autostore server is running will be used.

Searches within a specified container and its child container.

Case 1: Simple,SSL or Anonymous/Used when either AutoStore server is not a part of the domain or it is necessary to conduct search on non-active directory server.
LDAP://server_name:port
                        

Example: LDAP://abcweb.md.nsius.com:389

User name and password are necessary when Simple/SSL type is used.

Searches through the entire LDAP tree on the specified server.

Case 2: Simple,SSL or Anonymous/Used when either AutoStore server is not a part of the domain or it is necessary to conduct search on non-active directory server.
LDAP://server_name:port/distinguished_name_of_container
                        

Example: LDAP://abcweb.md.nsius.com:389/OU=Dept,DC=md,DC=nsius,DC=com

Searches within a specified container and its child container on the specified server.