This article will discuss how and when to use directory services for use by the Scan to Network (SNF*) destination shortcut.
*Scan to Network Folder
- -Why Directory services(LDAP/AD) implementation with SNF
- -Sample values and explanations
- -MFP configuration examples:
LDAP Look-Up was added to allow administrators the ability to provide only part of the path to the share in the address field. This allows the remaining URL/UNC address field to be populated with values acquired by the LDAP server.
To summarize, LDAP Look-Up is useful if:
- - Multiple users are using this application, and
- - You want scanned documents to go into each user's home directory folder, and
- - The path to that folder resides on the LDAP server, and
- - LDAP server remains the same for all users, however, the share name for each user may be different.
NOTES: 1.) The MFP must be able to connect to the LDAP server, and at least one of the three or four fields is required to complete configuration of the destination shortcut. 2.) Past versions of SNF required some value in the "Address" field. 3.) LDAP configuration can be performed via Settings > Network/Ports > Address Book Setup.
|Scan to Network Value||Example User entry value
\\IP address, e.g., 10.10.10.10
Other values acceptable dependent upon network environment and destination shortcut configuration method:
* - "Home Directory" configuration only.
|IP address is for the share and not necessarily the LDAP server. The LDAP server could be in an entirely different location.|
|LDAP Path Attribute||
"Path" attribute with value of "test"(sharename)
The attribute "Path" for each user on LDAP server, and its affiliated value (e.g., test), provides the application with an actual path to that user's share on the recipient server.
NOTE: The LDAP administrator may set a different share folder value for the attribute "path"; e.g., test, test1, test2
|Path Suffix||A "scan" folder setting appended to share directory folder.||(LDAP configuration of different folder for each user would be required.)|
|LDAP User Id Attribute||uid,cn,samaccoutname,givenName||
NOTE: Lexmark does not provide this information.
Important because application will go to the LDAP server and request the value for the "path" attribute for the user. This provides a filter and is necessary.
NOTES: Older versions (ver.1.5) held the LDAP User Id Attribute in a different location. FTP fields are identical with the exception of the port (21) field.
Here's what happens at runtime:
- You select the SNF shortcut.
- SNF queries the LDAP server to look for the attribute "path" and its assigned value. This value becomes the share folder value for the application and is appended to the address field.
- Again, the LDAP server replies back to the application and appends the remaining values to the URL or UNC address field.
- For this example, 10.10.10.10/test/scan is the final destination for scanned image file.
- Address field + value retrieved from "path" + path suffix, or //servername(IP)/sharename/folder for this example.
The configuration examples below include the following:
This example eliminates any address parameters and utilizes only the LDAP Path Attribute and LDAP User Id Attribute to complete the aplication's address field.
This example uses the LDAP server's "Home Directory" attribute; however, other values may be used depending on individual LDAP configuration preferences. For example, cn, givenname, name or others may be used.
Step 1: Before you begin
You must first verify the following requirements.
|Address Book Setup must be configured and operational. In other words, the MFP must be able to communicate with the LDAP Server.||Embedded Web Server (EWS) > Settings (Configuration*) > Network/Ports – Address Book Setup||SNF will use the Address Book Setup information for retrieving the required attributes for the address field.|
|The “Domain Search Order” must be populated with all required domains that will be used in the customer environment.||EWS > Settings > TCP/IP||Click here for illustration.|
Softerra™ may help identify these values.
Click here Softerra screenshot.
|Internet Explorer using Microsoft’s Java VM||
1. Click Start.
Click here for illustration.
* Applies to MFDs that run SNF version 1.5.x
Step 2: Destination or Shortcut Setup
History note: Past MFPs referred to shortcuts as profiles. In some instances, the term profiles is still exists with current MFPs. Click here illustration.
Populate the following fields
The Path Suffix field is optional and most often will remain blank. This value will depend on whether or not you have satisfied this sub-folder name in the LDAP directory. Oherwise stated, this value will depend on the full UNC path to the share in the "homeDirectory" LDAP attribute.
NOTES: Network Folder should be selected for Location Type. 2.) SNF has been developed to ignore the “\\” for this type of configuration. 3.) The structure is built in the following manner: value derived from LDAP Path Attribute on LDAP server +(plus) the Path Suffix if available.
Select Authentication options. Two most often selected in this environment:
If you are not using Access Controls and want to authenticate only when using the SNF profile, then you will select “Prompt for Username and Password”. In most environments, this will be the option selected.
Or, if you are using Access Controls and have assigned a Security Template to the “Use Profiles” Access Control, then you will select “Use MFP authentication credentials”.
Important! When you assign a Security Template to the Access Control “Use Profiles”, you will be forced to Authenticate for all profiles on the MFP, such as Remote Copy, Card Copy, etc.
Configure your default scan settings and then enter a default file* name.
|5.||Select the shortcut name from the MFP's control panel.|
|6.||Enter the Username and click OK, and then enter Password and click OK.|
|7.||Upon successful login, you will see a screen to either make modifications or select Scan It.|
This static file share differs greatly from the above; however, similarities include the following:
- -A valid share with applicable read\write permissions to the folder
- -Proper security credentials to the static shared folder, e.g., username and password
- Open the EWS.
- Navigate to Settings > Embedded Solutions > Scan to Network.
- Click Configure.
- Click Add.
- Enter your shortcut Name.
- Enter the IP address and sharename, e.g., \\10.10.10.10\sharename
- Under Authentication Options, enter Static Username and password for this folder.
- Scroll back up and click on Validate Path. This will check for a valid share, proper security credentials, and correct permissions to the share.
NOTE: Only applies to Guest or Static username(UID) and password authentication types using SNF version 3.2.0
Successful Validation Illustration
- Adjust Scan Settings and uncheck settings that you do not want users.
- Provide filename.
- Click OK.
Click here for a general overview of SNF shortcut creation.
Still Need Help?
Please contact Lexmark Technical Support if you need additional assistance. NOTE: When calling for support, you will be asked for your printer machine/model type and serial number (SN).
Please call from near the computer and printer in case the technician on the phone asks you to perform a task involving one of these devices.