Xerox 7335 User Manual
177
12. Enter your required number for Maximum Number of Search Results. This is the maximum number
of addresses that will appear which match the search criteria selected by the user.
13. Enter the required time to wait for Search Time-Out. Alternatively, you may select Wait LDAP Server
Limit.
14. Place a checkmark in the Referral box if you would like the server to refer to additional LDAP servers,
when user information is initially unavailable.
15. If using Referral, enter the number of additional servers to check for user information (Hop Limit).
16. For Search Name Order, select the method that you would like LDAP to use to perform searches.
17. Click Apply, and supply the Administrator User name and password if prompted.
LDAP User Mappings
You can click the LDAP User Mappings link to specify the attributes to search for within the LDAP
database. Make sure that any entries made in the Imported Heading boxes are in LDAP nomenclature.
For example, you would enter sn (surname) to search for the user's last name, and givenName to search
for the users first name. Enter cn (Common Name) to search for the most commonly used attribute (given
name joined to surname) to identify specific users within the LDAP system.
database. Make sure that any entries made in the Imported Heading boxes are in LDAP nomenclature.
For example, you would enter sn (surname) to search for the user's last name, and givenName to search
for the users first name. Enter cn (Common Name) to search for the most commonly used attribute (given
name joined to surname) to identify specific users within the LDAP system.
LDAP Authentication
To set LDAP for authentication, click the LDAP Authentication link. For Authentication Method, choose
either Direct Authentication or Authentication of User Attributes. Direct Authentication sets
authentication with the LDAP server with the user name and password entered by the user. Authentication
of User Attributes sets authentication with the LDAP server to the attributes listed on this dialog, such as
samAccountName. Unless you are very familiar with LDAP, do not add text strings to the User Name.
either Direct Authentication or Authentication of User Attributes. Direct Authentication sets
authentication with the LDAP server with the user name and password entered by the user. Authentication
of User Attributes sets authentication with the LDAP server to the attributes listed on this dialog, such as
samAccountName. Unless you are very familiar with LDAP, do not add text strings to the User Name.
LDAP Group Access
LDAP server user groups can be used to control access to certain areas of the Xerox device. For
example, the LDAP server may contain a group of users called "Admin." You can configure the "Admin"
group on the device so that the members of that group will have administrator access to the device. When
a user logs in at the device with their network authentication account, the device performs an LDAP look-
up to determine if the user is a member of any groups. If the LDAP server confirms that the user is a
member of the "Admin" group, the user will have administrator access. In the System Administrator
Access Group box, enter the name of the group, defined at the LDAP server, that you want to provide with
system administrator access to the device. Repeat the process for other LDAP group access boxes.
example, the LDAP server may contain a group of users called "Admin." You can configure the "Admin"
group on the device so that the members of that group will have administrator access to the device. When
a user logs in at the device with their network authentication account, the device performs an LDAP look-
up to determine if the user is a member of any groups. If the LDAP server confirms that the user is a
member of the "Admin" group, the user will have administrator access. In the System Administrator
Access Group box, enter the name of the group, defined at the LDAP server, that you want to provide with
system administrator access to the device. Repeat the process for other LDAP group access boxes.
Custom Filters
For the Email Address Filter, in the box provided, type in the LDAP search string (filter) that you wish to
apply. The filter defines a series of conditions that the LDAP search must fulfill in order to return the
information you seek. The form of the typed search string (filter) is LDAP objects placed inside
parenthesis. For example, to find all users that have an E-Mail attribute (mail enabled), type
(objectClass=user) (mail=*). If you are not familiar with LDAP search strings, use an Internet browser
search to find examples.
apply. The filter defines a series of conditions that the LDAP search must fulfill in order to return the
information you seek. The form of the typed search string (filter) is LDAP objects placed inside
parenthesis. For example, to find all users that have an E-Mail attribute (mail enabled), type
(objectClass=user) (mail=*). If you are not familiar with LDAP search strings, use an Internet browser
search to find examples.