I had the opportunity recently to work with one of the newer large
multifunction Samsung copiers this month. The Syncthru web interface is
fairly feature rich but the documentation really could use more
examples in some places. My bane for 2 hours was figuring out how to
populate the address book inside it by doing an LDAP pull from Active
Directory.
The initial setup of the LDAP connector went through pretty quickly. I just went to Security -> Network Security and then down to LDAP Server on the left menu. I then clicked Add to enter in my LDAP server. I added in the IP address of one of my domain controllers and then used Port number 3268 to start with because you want to keep it simple initially and introduction SSL LDAP would just add one more thing to troubleshoot. Fill in your AD Domain name in DC=yourdomain,DC=com format. Choose simple and enter in your username in DOMAINNAME\username format. Note that this is the first oddity in that we're mixing netbios/domain name\username format and LDAP convention on the same form.
The initial setup of the LDAP connector went through pretty quickly. I just went to Security -> Network Security and then down to LDAP Server on the left menu. I then clicked Add to enter in my LDAP server. I added in the IP address of one of my domain controllers and then used Port number 3268 to start with because you want to keep it simple initially and introduction SSL LDAP would just add one more thing to troubleshoot. Fill in your AD Domain name in DC=yourdomain,DC=com format. Choose simple and enter in your username in DOMAINNAME\username format. Note that this is the first oddity in that we're mixing netbios/domain name\username format and LDAP convention on the same form.
On the second half of that window, don't check the LDAPS yet!!!
Click on the TEST button at the very bottom and make sure you get all OK/Success.
Once that works, then click the Apply button at the top to save these settings.
So now we're halfway done and ready for the twists. Go to the Address book and then click on the LDAP button at the top right.
Now for the GOTCHAS!
a) I couldn't get it to search recursively
b) It only worked when the user account I used to authentication
against AD was in the same ORG that I was searching. (My AD is set to
not allow anonymous searching so I have to use authentication)
c) The login ID is in CN=firstname lastname format. This is different than the domainname\username from the other LDAP screen.
d) The search root is the full path to the exact ORG that you want to pull from. (note the OU=test, OU=US prepended)
To keep it simple, I used (mail=*) for my search filter. Click on the
Search button when done and IF you are successful, a list of people will
show up. Just click the Apply button to pull them all into the Address
book (you can always delete the ones you don't want later from inside
the copier). If you botched it, you'll get Incorrect Filter errors.
Repeat for your other ORG units, remembering to use an account inside
each one for the Login ID. If you make it past the inconsistencies of
the interface and the limitations of the AD implementation of LDAP
you're home free. Once you're done you'll have a fully functional Scan
to Email function that works great.
Thanks
Comments