Configure Active Directory Servers
To configure the AD server, do the following:
- In System Configuration, select Global Configuration Settings > Network Environment > Directory Services Synchronization.
- Select Active Directory in the left menu, and click the Server to open its AD Server Properties page.
-
In the Filtering section, specify a Search Filter for
synchronization. Use this to specify conditions. Only user accounts that meet
these conditions are included in the synchronization.
Click the Filtering is specified at the container level checkbox if you are working with containers instead of servers.
-
In the Field mappings section, you can link Equitrac user fields to ADS
attributes. Fill in the fields you want to associate with the user accounts.
Synchronization uses the specified mappings.
Click the Mappings are specified at the container level checkbox to set field mappings for containers instead of servers.
- Account name – contains the user login ID. This is mapped to the User ID property in Equitrac.
- Display name – contains a description of the user, such as the full user name. This is mapped into the Full name property for the user within Equitrac.
- Email address – contains the user’s email address.
- Primary PIN and Secondary PIN – map the numeric PIN values found on the ADS to the PrimaryPIN and SecondaryPIN fields in Equitrac.
- Alternate PIN – maps the alternative primary PIN.
- Department – maps the ADS department name to the Department field in the Equitrac database. If the department name does not already exist within Equitrac, it is automatically created and the selected users are added to the new department. Multi-level departmental structures can be synchronized into a single department field by using the "value1+value2+value3" syntax. For example, co+st+l+description indicates the country, state/province and city, and a description of the department. Use the LDAP lookup dialog box for the list of available values.
- Location – maps the user’s physical location.
- Color quota – maps the color quota page limit. Use this if you are applying color quotas.
- Home print server – maps the name of a particular print server to the Home Print Server field in the Equitrac database. If you are enabling Follow-You Printing, ensure that you select the Home Print Server attribute for these users.
- Home scan folder – maps to the user's home scan folder as a full network location (UNC path). It is used as a destination folder for scan processing.
- Delegates – maps to the user’s delegates. The attribute for Delegates must be a DN (distinguished name) type, such as "secretary".
-
In the Synchronization section, select or clear the Updates to be
applied checkboxes—Adds, Deletes, or Changes—to
specify which AD accounts Equitrac receives and applies to the accounts database
during subsequent synchronizations.
You must have at least one option selected to perform synchronization or save your changes. You can import added or changed users, or remove inactive accounts from the Equitrac accounts database. Leave these settings at the default to ensure the accounts are updated and kept in sync with the ADS server.The Deletes option only works if the "isDeleted" AD attribute is set to true. In case the entire user record is removed from AD, Equitrac cannot detect this deletion due to an AD limitation, and the corresponding user is not deleted automatically from Equitrac database.
-
Select the Do not enforce account limits for users in auto-created
departments checkbox to import new departments into Equitrac via AD
synchronization without enforcing account limits.
By default, when new departments are imported into the system, they are created with account limits enforced, and the system administrator needs to manually set each department to not enforce account limits. This option overrides the enforce account limits setting in the department properties.
- Select the Automatic synchronization checkbox to enable adjustments to the Synchronization interval. Use this to change how often Equitrac synchronizes its accounts database with the specified AD. The synchronization interval value must be at least 15 minutes. The maximum value 10080 minutes (one week).
- Select the Synchronize on save checkbox to schedule a single synchronization process (as opposed to automatic synchronization, which is performed periodically).
- Click Save to save your settings. The task continues to run even though the properties page is closed. Server settings apply to all containers of the server.
- After a few minutes, go to Accounts > Users to see the list of Users to ensure successful import of the accounts. Open the user account properties and ensure that the settings are correct.