Import LDAP user accounts
You can use the EQCmd.exe utility to import a class containing specific LDAP users into the CAS database. Equitrac installs the EQCmd.exe utility and the EQLDAPImport.ini on the accounting server in the Program Files\Kofax\Equitrac\Tools folder.
After you create the LDAP class, call the class from the command line using the following format:
EQCmd.exe -s<CASServer> import ur <LDAPServer> <SearchRoot> [InitialBalance] [MinBalance]You can run the command line with the EQLDAPImport.ini file using the following format:
EQCmd.exe -s<CASServer> import ur <LDAPServer> <SearchRoot> <ini file> Do not edit the original EQLDAPImport.ini file
directly. Create a copy and modify it as needed, and then provide
the EQLDAPImport copy file to EQCmd.
Command line parameters enclosed in parentheses < > are mandatory; parameters within square brackets [ ] are optional.
| Parameter | Definition |
|---|---|
| CASServer | The name or IP address of CAS that you want to add a user accounts to. |
| LDAPServer | The name or IP address of the LDAP server to import an account from. |
| SearchRoot | The LDAP search root used to begin the import. For example "ou=Accounting, dc=metrics,dc=com". |
The following table list the fields in EQLDAPImport.ini required to configure LDAP import.
| Parameter | Definition |
|---|---|
| [AccountSettings] This section specifies some initial settings for created accounts. | |
| InitialBalance | The initial balance of each account. If not specified, the balance is set to "0". |
| MinBalance | The minimum balance of each account. If not specified, the minimum balance is set to "0". |
| [ConnectionSettings] This section specifies how to connect and login to the LDAP server. | |
| LoginID | The LoginID for binding to the LDAP server. |
| Password | The Password for the LoginID for binding to the LDAP server. |
| BindMethod | The authentication binding method. Supported values are "simple", "ntlm" and "negotiate". |
| UseSSL | Select whether or not to use SSL. "0=no, 1=yes". |
| Version | What version of LDAP to use. |
| DataEncoding | Encoding of LDAP data to expect. Supported values are "unicode16" or "utf8" or "ascii". |
| [Attributes] This section specifies the attributes to import and map. | |
| AccountName | The attribute for lookup of the account name. If left blank, the default behavior is to look for the following attributes (in order): "sAMAccountName", "uid". |
| The attribute for lookup of the email address. If left blank, the default behavior is to look for the attribute "mail". | |
| FullName | The attribute for lookup of the full name. If left blank, the default behavior is to look for the following attributes (in order): "displayName", "cn". |
| Department | The attribute to look up the department. The standard department attribute is "OU". If left blank, departments are not imported. |
| HomeServer | The attribute to look up the home print server. If left blank, home print servers are not imported. |
| PrimaryPIN | The attribute to look up the primary PIN. If left blank, primary PINs are not imported. |
| SecondaryPIN | The attribute to look up the secondary PIN. If left blank, secondary PINs are not imported. |
| AlternatePIN | The attribute to look up the alternate primary PIN. If left blank, alternate PINs are not imported. |
| ColorQuota | The attribute to look up the color quota. If left blank, color quotas are not imported. |
| Locked=logindisabled | The attribute to look up to find if the account is locked. |
| Location | The attribute to look up the location. If left blank, location is not imported. |
| [General Settings] This section specifies the general settings to import and map. | |
| SearchFilter= (objectClass=person) | The attribute to look up the class type to import. |