String search
Word search

Configure PRISMAsync Print Server domains

This topic contains the following instructions.

  • Go to domain options

  • Create a domain

  • Edit a domain

  • Test the connection, user authentication, and email address retrieval of a domain

What are PRISMAsync Print Server domains

When your organization works with LDAP directory servers, PRISMAsync Print Server can connect to these LDAP directory servers to retrieve user information for authentication purposes. Users can use the login names and passwords they also use elsewhere in the organization.

Go to the domain options

Open the Settings Editor and go to: [Configuration]  → [Domains].

[Domains] tab

Create a domain

  1. Click [Add].

  2. Define the domain options.

  3. Click [OK].

Edit a domain

  1. Select the domain.

  2. Click [Edit].

  3. Define the domain options.

  4. Click [OK].

Test the connection, user authentication, and email address retrieval of a domain

Test domain settings

  1. Select the domain.

  2. Click [Edit].

  3. Enter credentials in the [Login username] and [Login password] fields to test the connection.

    Use a user account name. The name is automatically extended with the suffix as configured in the domain options. The account name is joined with the suffix using the at symbol (@).

  4. Enter a search string in the [Search text for scan-to-email recipients] field.

  5. Click [Start the test] that belongs to the [Execute domain test] option.

Domain test results

The following information is displayed when the test has been completed.

  • [Test result of user authentication settings:] [Retrieved display name], [Number of groups user belongs to], [Distinguished name of first found group], [Number of found domain groups], [Name of first found domain group], [Description of first found domain group], [Distinguished name of first found domain group].

  • [Test result of scan-to-email settings:] [Retrieved email addresses].

Overview of the domain options

Domain options

Domain options

Description

[Name]

Name of domain

[Description]

Description of domain

[Fully qualified domain name]

Exact domain name to enable the connection to the LDAP directory server.

NOTE

Depending on the LDAP directory server configuration this name can start with a dot symbol (.) or an at symbol (@).

[Use for user authentication]

Indicates if the domain is used for the user authentication of the printer.

[Search filter for user authentication]

Search filter to look up a user account. For example: userPrincipalName=%s. The placeholder %s represents the username the user enters. You can use multiple placeholders in the search filter.

[Attribute with groups of user]

LDAP attribute with the distinguished names of the groups the users belong to.

[Search filter for domain groups]

Search filter that describes the query that is used for the lookup of domain groups. For example: (|(objectClass=group)(objectClass=groupOfNames)).

[Attribute with name of domain group]

LDAP attribute that contains the name of the domain group

[Attribute with description of domain group]

LDAP attribute that contains the description of the domain group

[Attribute with distinguished name of domain group]

LDAP attribute that contains the distinguished name of the domain group.

[Search filter for UID (user identifier) of NFC smart cards]

This search filter describes the object attribute to obtain user information from the UID of NFC smart cards. For example: cardUid=%s'. The placeholder %s represents the UID (user identifier) of an NFC smart card. You can enter multiple placeholders in the search filter.

[Use for scan to email]

Indicates if the domain is used to look up recipients for the scan-to-email feature.

[Search filter for email addresses]

This search filter describes which attributes of the object are used to look up the email addresses. Example 1: A query that searches for recipients that have the same telephone number as the search text: telephoneNumber=%s. The placeholder %s represents the search text the user enters. The placeholder can be used multiple times in the search filter. Example 2: A query that searches for recipients that have the same telephone number as the search text or where the search text is part of the name or the email address of the recipient: (&(mail=*)(|(anr=%s)(telephoneNumber=%s)(displayName=*%s*)(mail=*%s*))). The element: anr=%s searches the attributes that are set for Ambiguous Name Resolution (ANR) on the LDAP directory server.

[Suffix for username]

Indicates how to extend the username.

  • The default value is [Use fully qualified domain name].

  • Select [Custom] to define how to extend the username. Use the [Suffix] text box to enter the string.

[LDAP server]

Defines the LDAP directory server.

  • The default value is [Automatic detection].

  • Select [Select from detected servers] to display a list of found LDAP directory servers.

  • Select [Custom] to enter the LDAP directory server name and port in text boxes.

[LDAP connection]

Indicates the authentication mechanism to connect to the LDAP directory server.

  • The default value is [Anonymous].

  • Select [Use credentials of current user] to authenticate with the credentials of the current user.

  • Select [Custom] to define the login credentials: [LDAP username] and [LDAP password]. Depending on the value of the [Suffix for username] option, the username is extended with the fully qualified domain name or username suffix.

[LDAP search base]

Defines the LDAP search base.

  • The default value is [Automatic detection].

  • Select [Custom] to define the search base. Make sure you type the correct syntax. For example: dc=debian,dc=org.

[Attribute with username]

LDAP attribute with the username

[Attribute with email address]

LDAP attribute with the email address

[Maximum objects to retrieve]

Defines the maximum number of objects that can be retrieved from the LDAP directory server. The default value is 11,000.

[LDAP server timeout (sec)]

LDAP directory server timeout period. The default value is 60 seconds. Increase the value when the data size or the network need more time to establish a connection and to submit the data.

More information

Parent topic:
Configure user authentication
Privacy Terms of use Cookie information