Configure Active Directory servers

To configure an AD server, do the following:

  1. In System Configuration, select Global Configuration Settings > Network Environment > Directory Services Synchronization.
  2. Select Active Directory in the left menu, and click the Server to open its AD Server Properties page.
  3. In the Filtering section, specify a Search Filter for synchronization. "(objectClass=person)" is the default search filter, and can be modified as needed.
    If desired, you can enter additional search criteria along with the Object class. For example, if the search filter entered is "(&(objectClass=person)(l=Waterloo)", this would search for objects that have the Object class = person AND also have a location set to Waterloo.
  4. In the Field mappings section, you can link Equitrac user fields to AD attributes. The specified field mappings are used by synchronization. Check the options you want to associate with the user accounts in the selected containers:
    • Account name – contains the user login ID. This is mapped to the User ID property in Equitrac.
    • Display name – contains a description of the user, such as the full user name. This is mapped into the Full name property for the user within Equitrac.
    • Email address - contains the user’s email address.
    • PrimaryPIN and SecondaryPIN – maps the numeric PIN values found on AD to the PrimaryPIN and SecondaryPIN fields in Equitrac.
    • Alternate PIN - maps the alternative primary PIN.
    • Department - maps the department name to the Department field in the Equitrac database. If the department name does not already exist within Equitrac, it is automatically created and the selected users are added to the new department. Multi-level departmental structures can be synchronized into a single department field by using the "value1+value2+value3" syntax. For example, co+st+l+description indicates the country, state/province and city, and a description of the department.
    • Location - maps the user’s physical location.
    • Color quota - maps the color quota page limit. Use this if you are applying color quotas.
    • Home print server - maps the name of a print server to the Home Print Server field in the Equitrac database. If you are enabling Print-to-Me, ensure that you select the Home Server attribute for these users.
    • Home scan folder - maps to the user’s home scan folder as a full network location (UNC path). It is used as a destination folder for scan processing.
    • Delegates - maps to the user’s delegates. The attribute for Delegates must be a DN (distinguished name) type, such as "secretary".
  5. In the Synchronization section, select or clear the Updates to be applied checkboxes—Adds, Deletes, or Changes—to specify which AD accounts Equitrac receives and applies to the accounts database during subsequent synchronizations.
    You must have at least one option selected to perform synchronization or save your changes. You can import added or changed users, or remove inactive accounts from the Equitrac accounts database. Leave these settings at the default to ensure the accounts are updated and kept in sync with the ADS server.
    The Deletes option only works if the "isDeleted" AD attribute is set to true. In case the entire user record is removed from AD, Equitrac cannot detect this deletion due to an AD limitation, and the corresponding user is not deleted automatically from Equitrac database.
  6. Select the Do not enforce account limits for users in auto-created departments checkbox to import new departments into Equitrac via AD synchronization without enforcing account limits.
    By default, when new departments are imported into the system, they are created with account limits enforced, and the system administrator needs to manually set each department to not enforce account limits. This option overrides the enforce account limits setting in the department properties.
  7. Select the Automatic synchronization checkbox for Equitrac to continually synchronize its accounts database with the AD server.
  8. Select the Synchronize on save checkbox to schedule a single synchronization process (as opposed to automatic synchronization, which is performed periodically).
  9. Click Save to save your settings. The task continues to run even though the properties page is closed. Server settings apply to all containers of the server.
  10. After a few minutes, go to Accounts > Users to see the list of Users to ensure successful import of the accounts. Open the user account properties and ensure that the settings are correct.