ARSCO
asked on
Xerox WorkCentre 5050 and LDAP Access Windows 2003 AD
First I'm new to LDAP and it's taken me all day to learn the little I do know so any help with likely be helpful!
I'm running a Windows 2003 AD and am trying to get our new Xerox WorkCentre 5050 to pull LDAP information for its Scan to E-mail and Faxing services.
I referenced http://www.petri.co.il/anonymous_ldap_operations_in_windows_2003_ad.htm to setup anonymous LDAP access. However I still can not get the Xerox to pull any information.
The Xerox machine asks for:
IP Address:
Search Directory Root:
Login Credentials:
Search Name Order: (Common Name or Surname and Given Name)
I give it the ip address of our Global Catalog Server. Not sure what to enter for search directory, I've tried "OU=Domain Users,DC=Domain,DC=Com" and "CN=Users,DC=Domain,DC=Com ". For login credentials, I've tried both anonymous and given it an account with domain admins privs. As for search order, I've been using Common Name.
It then asks for LDAP Server [TYPE] and gives me the choices of: Exchange, Domino, NDS, ADS and Netscape. I know Domino is for Lotus Notes so I have not tried this. But I've tried all the rest with no results.
Anyone have any ideas?
Thanks in advance!
I'm running a Windows 2003 AD and am trying to get our new Xerox WorkCentre 5050 to pull LDAP information for its Scan to E-mail and Faxing services.
I referenced http://www.petri.co.il/anonymous_ldap_operations_in_windows_2003_ad.htm to setup anonymous LDAP access. However I still can not get the Xerox to pull any information.
The Xerox machine asks for:
IP Address:
Search Directory Root:
Login Credentials:
Search Name Order: (Common Name or Surname and Given Name)
I give it the ip address of our Global Catalog Server. Not sure what to enter for search directory, I've tried "OU=Domain Users,DC=Domain,DC=Com" and "CN=Users,DC=Domain,DC=Com
It then asks for LDAP Server [TYPE] and gives me the choices of: Exchange, Domino, NDS, ADS and Netscape. I know Domino is for Lotus Notes so I have not tried this. But I've tried all the rest with no results.
Anyone have any ideas?
Thanks in advance!
ASKER
Yes I know having the user as a domain admin is bad, I'm simply trying to get it working; once I get there I will restrict the account used and their access.
I simply can't get it working even with domain privs. This is getting REALLY frustrating.
I simply can't get it working even with domain privs. This is getting REALLY frustrating.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok I got it working. I just ditched the anonymous stuff and setup a basic domain user and changed the root directory to "DC=domain,DC=com".
This worked well. I just went to the area's I didn't want this user to be able to access and denied read access to them.
Thanks for the help.
This worked well. I just went to the area's I didn't want this user to be able to access and denied read access to them.
Thanks for the help.
Glad to help.
Further to your message, AD by default doesn't allow anonymous binds. So that was probably your issue.
i'm sorry but it isn't work.
there are no eroor on dc's event viewer, and the eroro is the same check your credential, no ldap server connection.
Directory Root: i insert only domain because i have multiple containers, i.e. DC=Domain,DC=com.
Logon Credentials: CN=LDAPAccount,CN=Users,DC =Domain,DC =com in my case it's too long, because my domain is a child domain. so what's it the solution?
could i insert "domain\accountname"?
i select system authentication ldap server, is it right?
Could you help me, please?
there are no eroor on dc's event viewer, and the eroro is the same check your credential, no ldap server connection.
Directory Root: i insert only domain because i have multiple containers, i.e. DC=Domain,DC=com.
Logon Credentials: CN=LDAPAccount,CN=Users,DC
could i insert "domain\accountname"?
i select system authentication ldap server, is it right?
Could you help me, please?
You should ask a new question not in an existing closed question. I may be able to help you, but you would be limited to a very few experts that may be monitoring this question.
Click the Ask Now button under "Not what you are looking for? Ask an Expert" in Accepted Solution above. This will open a Related Question Wizard and all experts will have a chance to see your question.
thank you i'll do that
Hi pber i've already opened question and the following the code my question:
ID:24077817Author:dexiait
ID:24077817Author:dexiait
i've got a solution.
it's important insert directory root:
ou=users, dc,domain,dc=com
on xerox 5645 directory root is called "indirizzo ip server alternativo"
see you attach file.
New-Text-Document.doc
it's important insert directory root:
ou=users, dc,domain,dc=com
on xerox 5645 directory root is called "indirizzo ip server alternativo"
see you attach file.
New-Text-Document.doc
Search Directory Root: that would be the container where your users are. If you have multiple containers, you are probably best off with the root. i.e. DC=Domain,DC=com.
Logon Credentials: This would probably be the full DN of the account. CN=LDAPAccount,CN=Users,DC
The search Name order: By default, AD stores username First, Last. So you probably want Given. If you've modified this for last name, then place surname in there.