Skip to main content
Skip table of contents

LDAP connection

This guide takes you through setting up a secure connection to the LDAP server, focusing on correctly defining parameters such as domain, SSL and authentication. Even without prior knowledge of LDAP, you will learn how to set up communication securely and efficiently.

Information required for configuration

  1. Domain Name: The domain that will be used in LDAP queries.

Example: example.com

  1. Enable SSL: Enabling this option allows communication with the domain controller to take place over a secure connection.

  2. How to configure: If the environment supports it, check the “Enable SSL” option. This is recommended to guarantee the security of the connection.

  3. Server address: The address of the LDAP server you want to connect to, this can be an IP or the server name.

Example: ldap.example.com

  1. Port: The port used for communication via LDAP.

  2. Default values:

    • 389 for non-SSL connections (LDAP)

    • 636 for secure connections (LDAP SSL)

  3. Validate Certificate: Enabling this option will check that the server has a valid SSL certificate, which is essential for authorizing a secure connection to the domain controller.

Always enable this check when using SSL to ensure the authenticity of the server.

  1. Version: The version of the LDAP protocol to be used.

    • Default value: 3

    • Why does this matter? LDAP version 3 is widely used and compatible with most modern servers.

  2. Authentication Type: Set the authentication method that will be used when connecting to the LDAP server:

    • Basic: The login and password are sent in plain text. Use this method only if the LDAP communication is protected by SSL, to avoid sending unencrypted credentials.

      • Recommendation: Only use Basic with SSL enabled.

    • Negotiate: For Windows environments with Active Directory, where credentials are sent encrypted. This method also encrypts all LDAP communication, even without SSL.

      • When to use it? Ideal for corporate environments that use Windows credentials.

  3. Timeout(s): Defines the waiting time for the response of searches carried out in the domain.

Example: 60 seconds (typical value).

  1. Search User: Specify the user that will be used to perform queries in the domain. This may vary depending on the type of domain you are using:

    1. Active Directory domains: testuser

    2. OpenLDAP domains: CN=testuser,DC=test,DC=local

  2. Use DN for Connection: This setting defines whether the LDAP client will use the Distinguished Name (DN) to communicate with the server.

  • Disabled: If this option is disabled, communication will use the “Domain name” and the “Search user”. The command will be formatted as: Nomedodominio/usuarioparapesquisa

  • Enabled: With this option enabled, the LDAP client will use the Distinguished Name in the “Search user” field. The command sent will be: CN=User,OU=People,DC=Domain,DC=com

When DN is enabled, the “Domain name” will not be used, only the “Search user” data.

  1. Password: Enter the password associated with the user specified to search the domain.

  2. Validate User: After filling in the user and password information, this option allows you to test the connection to the domain, checking that the credentials are correct and that communication is successful.

  3. Base DN: The Base DN indicates the starting point within the domain hierarchy where searches will be carried out.

Example: DC=example,DC=com

  1. Search DNs: Performs a search in the domain to locate the available DN bases. This function is useful for automatically listing DN Base options.

Advanced Search Options

  1. Pagination size: Sets the maximum number of entries returned on a single page of results during an LDAP search.

  2. Size limit: Limit the number of records returned by an LDAP search.

  3. Timeout: Sets the waiting time for the server to respond during the search.

  4. Filter timeout: This parameter controls the maximum time to load the Organizational Units (OUs).

    • Range: 100 to 30,000 seconds.

  5. Critical operation control: Determines whether an LDAP operation will be treated as critical by the LDAP server. If the server does not support the operation, execution will fail.

  6. Server managed search options: Controls whether the LDAP server will manage search options, such as pagination and size limits.

  7. Server-managed pagination options: Controls whether the LDAP server will manage the pagination options.

  8. Critical Pagination Control: Specifies that pagination control is mandatory. If the LDAP server does not support pagination, the query will fail.

  9. User specific search: Activates detailed search by user name during authentication.

    • Without specific Search: uid=teste.teste*

    • With specific search: uid=teste.teste

Search field in NDD Print Releaser Web

This option allows you to choose which field will be used to search for the user when delegating documents to NDD Print Releaser Web. The search can be carried out by:

  • User name (login)

  • Full name

  • E-mail address

You can only use this option if the ShowAllUsersOnLoad setting is disabled in NDD Print Releaser Web.

{{component-feedback-article}}

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close