HP MFP Sending Software 4.0 to 4.20 features Software, Determining the search root

features Software

C:\ telnet 15.63.55.144 389

If the Telnet program does not respond with the message “Could not open connection to the host,” the LDAP protocol is probably running on this specific port.

The search root is the distinguished name (DN) of the entry in the LDAP directory where the search is to begin. A DN is made up of 'attribute=value' pairs separated by commas.

In Windows 2000 Active Directory Services, the search root normally takes the form: CN=Users, DC=domain_name,DC=domain_suffix. To limit the address search even more, for example, to a single organizational unit (OU), add components to the search root. For example, to search for users in the “accounting” OU, add “OU=accounting” to the search root (OU=accounting,CN=Users, DC=domain_name,DC=domain_suffix). By using these methods to configure the search root that is used in authentication, access to digital-sending features can be limited to a subset of users in an organization. Several methods can be used to determine the search root. These methods are described in the following sections.

NOTE On some LDAP servers, the search root can remain blank. In this case, the root node is assumed to be the starting place.

To determine the search root using the Microsoft LDAP Administration tool (LDP.EXE)

The Microsoft LDAP Administration tool is installed by installing Support Tools, which is included on the Microsoft Windows 2000 or Windows XP installation CDs (setup.exe in the \support\tools directory).

1.Run LDP.EXE (Click Start, click Run, and then type LDP.EXE).

2.Click Connection and then click Connect from the Menu.

3.Type the fully qualified domain name of the domain controller in the Connect dialog box. If the domain controller is a Global Catalog Server, the port might need to be changed to 3268.

4.After the connection is established, the Active Directory information should appear. Look for the text after the 1> defaultNamingContext label, which looks similar to this: DC=dstest,DC=com. This string describes the root of the Active Directory and can be used as the search root when configuring HP DSS.

NOTE The user whose credentials are used in HP DSS to gain access to the LDAP data must have read access to the root of the Active Directory database and to all objects below the root. Otherwise, use a more restrictive search root for a container to which the user has read access (for example, CN=users,DC=dstest,DC=com).

To determine the search root using the Microsoft Management Console with ADSIEDIT.MSC

The ADSIEdit (Active Directory Service Interface Edit) Microsoft Management Console tool can be used to view the LDAP attribute names and attribute values for users that are contained in the directory.

1.Run ADSIEDIT.MSC (Click Start, click Run, and then type ADSIEDIT.MSC).

2.Browse the tree structure to find the container that contains user objects. In many environments, users are contained in the Users container. The search root in this case is typically CN=USERS, DC=<Domain>,DC=<Domain Suffix> (for example, CN=USERS,DC=HP,DC=COM).