Determining access rights
Several methods are available to determine whether or not the account used in the LDAP configuration has read access to data in the Active Directory. Two of them are described in the following sections.
To determine access rights using the Microsoft LDAP Administration tool (LDP.EXE)
1.Run LDP.EXE (Click Start, click Run, and then type LDP.EXE).
2.Create a new LDAP profile.
3.Click Connection and then click Bind. In the Bind dialog box, type the username and password that are used in HP DSS to gain access to the LDAP data in Active Directory.
4.If the message user <username> bind successful appears in the LDP message window, this user has access to the directory. This level of confirmation does not, however, guarantee that this user has read access to any part of the directory below the root.
5.Select Browse from the LDP menu, and then select Search.
6.Type the search root that is to be used in HP DSS in the Base Dn text box into the Search text box.
7.Type the following LDAP search filter into the Filter text box: (&(objectclass=person) (cn=a*)) This filter will return information for any user whose name starts with ‘a.’
8.Select Subtree as the scope.
9.Click Run. Information will be returned for every user (up to the size limit configured in Options) whose name starts with ‘a.’ If the message Result <0> Null appears in the LDP message window , either no users exist in the container that the search root specifies, or the user whose credentials were used in the Bind command does not have read access to the data in this container.
To determine access rights using Active Directory Users and Computers
NOTE This method is usually performed at the domain controller console.
1.Open Active Directory Users and Computers.
2.Expand the tree view and select the container indicated by the search root entered in the HP MFP DSS Configuration Utility.
3.
4.Click the Security tab.
5.Click Advanced.
6.Select the Authenticated Users or Domain Users object.
7.Click View/Edit.
8.Ensure that the Read attribute is selected.
9.In the Apply onto
Software features
ENWW | Using authentication 61 |