Import LDAP user accounts

You can use the EQCmd.exe utility to import a class containing specific LDAP users into the CAS database. Equitrac installs the EQCmd.exe utility and the EQLDAPImport.ini on the accounting server in the Program Files\Nuance\Equitrac\Tools folder.

After you create the LDAP class, call the class from the command line using the following format:

EQCmd.exe -s<CASServer> import ur <LDAPServer> <SearchRoot> [InitialBalance] [MinBalance]

You can run the command line with the EQLDAPImport.ini file using the following format:

EQCmd.exe -s<CASServer> import ur <LDAPServer> <SearchRoot> <ini file>
Do not edit the original EQLDAPImport.ini file directly. Create a copy and modify it as needed, and then provide the EQLDAPImport copy file to EQCmd.

Command line parameters enclosed in parentheses < > are mandatory; parameters within square brackets [ ] are optional.

Parameter Definition
CASServer The name or IP address of CAS that you want to add a user accounts to.
LDAPServer The name or IP address of the LDAP server to import an account from.
SearchRoot The LDAP search root used to begin the import. For example "ou=Accounting, dc=metrics,dc=com".

The following table list the fields in EQLDAPImport.ini required to configure LDAP import.

Parameter Definition
[AccountSettings] This section specifies some initial settings for created accounts.
InitialBalance The initial balance of each account. If not specified, the balance is set to "0".
MinBalance The minimum balance of each account. If not specified, the minimum balance is set to "0".
[ConnectionSettings] This section specifies how to connect and login to the LDAP server.
LoginID The LoginID for binding to the LDAP server.
Password The Password for the LoginID for binding to the LDAP server.
BindMethod The authentication binding method. Supported values are "simple", "ntlm" and "negotiate".
UseSSL Select whether or not to use SSL. "0=no, 1=yes".
Version What version of LDAP to use.
DataEncoding Encoding of LDAP data to expect. Supported values are "unicode16" or "utf8" or "ascii".
[Attributes] This section specifies the attributes to import and map.
AccountName The attribute for lookup of the account name. If left blank, the default behavior is to look for the following attributes (in order): "sAMAccountName", "uid".
Email The attribute for lookup of the email address. If left blank, the default behavior is to look for the attribute "mail".
FullName The attribute for lookup of the full name. If left blank, the default behavior is to look for the following attributes (in order): "displayName", "cn".
Department The attribute to look up the department. The standard department attribute is "OU". If left blank, departments are not imported.
HomeServer The attribute to look up the home print server. If left blank, home print servers are not imported.
PrimaryPIN The attribute to look up the primary PIN. If left blank, primary PINs are not imported.
SecondaryPIN The attribute to look up the secondary PIN. If left blank, secondary PINs are not imported.
AlternatePIN The attribute to look up the alternate primary PIN. If left blank, alternate PINs are not imported.
ColorQuota The attribute to look up the color quota. If left blank, color quotas are not imported.
Locked=logindisabled The attribute to look up to find if the account is locked.
Location The attribute to look up the location. If left blank, location is not imported.
[General Settings] This section specifies the general settings to import and map.
SearchFilter= (objectClass=person) The attribute to look up the class type to import.