If Exchange/Active Directory Address Book was selected in Step 4a, the LDAP Address Book must be configured in the next few steps. With this option, contact data is dynamically read from an outside source each time it is accessed. No importing or synchronization is necessary. Supported databases include Active Directory, Microsoft Exchange, Lotus Notes, Sun ONE, and Novell eDirectory.
This page requires information about your LDAP source. Please consult with your system or LDAP administrator for more information.
Enter the full domain name of the machine hosting the contact database server.
Note for Microsoft Users
If Exchange and Active Directory are on different servers, the Active Directory Server name should be entered. The Exchange/Active Directory administrator should be able to provide this name. It will usually be of the form: machinedomain.internetdomain.com
This is the port that FootPrints uses to communicate with the LDAP contact database to retrieve user contact information. In most cases, the default value of 389 should be used. However, when a machine has more than one directory, a different port number may be used. If port 389 is already in use, administrators often set port 390 as the LDAP port.
LDAP (including MS Exchange/Active Directory) stores its data in a tree structure. To enable FootPrints to retrieve user information, a search base specifying where to search in the tree and in what order must be specified here. The search base is formed by adding names of the root and each subsequent branch of the tree until reaching the point where a search should commence. The search base should be the branch of the tree closest to the data being searched. In most instances, all data being sought is in one branch of the LDAP tree. For instance, if the root of the LDAP Directory tree is o=server.com and the next branch to be taken was ou=People, which contains all the directory information, the search base is: ou=People,o=server.com
The form of the search base is different for Microsoft Exchange 5.5, Exchange 2000, and other LDAP servers. Specific instructions are given below for help in finding the correct search base for two of the most popular LDAP-compliant contact databases: Microsoft Exchange 5.5 and Microsoft Active Directory (2000). For other databases, such as Sun ONE Directory Server, Lotus Notes, and Novell Directory Services, please refer to the product documentation for that server, or contact Numara Software Support for help.
Note
If linking to Microsoft Exchange/Active Directory, contacts must reside directly in Exchange/Active Directory as a contact record or user. Contact records that reside in Public Folders are not supported.
Exchange 2000/Active Directory usually has a search base beginning with cn=Users. For Windows 2000 and later releases using Active Directory, read the value for the following key:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/NTDS/Parameters/Root Domain
cn=Users,DC=NTdomain,DC=internetName,DC=com
Note
Spacing, punctuation, and capitalization must be exact for a search base to work correctly. For instance, if one of the values in your search base has spaces and/or punctuation (e.g., o=My Company, Inc.), you must place the value in quotation marks (e.g., o="My Company, Inc.") and make sure that the spacing, punctuation, and capitalization are correct.
Exchange 5.5 usually has a search base beginning with cn=Recipients. The search base can be determined by reading the registry. To find the full search base:
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/MSExchangeCCMC/Parameters/SiteDN
cn=Recipients,ou=organization,o=company
The parameters for the search base are listed in reverse order from what is displayed in Exchange and commas separate the records rather than forward slashes. See your Exchange administrator if there is any difficulty.
Note
Spacing, punctuation, and capitalization must be exact for a search base to work correctly. For instance, if one of the values in your search base has spaces and/or punctuation (e.g., o=My Company, Inc.), you must place the value in quotation marks (e.g., o="My Company, Inc.") and make sure that the spacing, punctuation, and capitalization are correct.
Enter the last name (surname) of a contact in the Exchange directory. This is the name that FootPrints uses to test the connection to your LDAP server.
Some LDAP servers allow an anonymous login. In these cases, no distinguished name and password are needed; however, if your server requires an authenticated bind of a user to access the directory, you should enter distinguished name and password of the administrator user here. Specifying the distinguished name and password can also improve performance in searching and retrieving data from the LDAP server.
The distinguished name of the binding user can be retrieved from your LDAP Administrator or can be found using the techniques discussed above for the LDAP Search Base for Directory Entries. The distinguished name to use for binding is generally cn=userid (where userid is the ID for the account used for binding) followed by a comma and then the search base. For example, if the User ID is Administrator:
cn=Users,DC=NTdomain,DC=internetName,DC=com
then the distinguished name is:
cn=Administrator,cn=Users, DC=NTdomain,DC=internetName,DC=com
cn=Recipients,ou=organization,o=company
then the distinguished name is:
cn=Administrator,cn=Recipients,ou=organization,o=company
Be sure to leave all information of the user in the distinguished name. Do not omit such information as a CN or UID as you would with a search base. Leave blank if binding anonymously.
Note
Exchange 5.5 usually allows anonymous binding, while Exchange 2000 normally does not support anonymous binding. If you have Exchange 2000, you probably need to fill in the distinguished name and password.
Place the password of the binding user here. This is the password of the administrator specified in the distinguished name above. Leave this blank if you are binding anonymously.
After all of the information is entered, click Next. The Wizard attempts to connect to your Exchange/LDAP/Active Directory server and search for the contact specified above using the search base and other information entered. If the connection is successful, the Address Book Field Mapping page is displayed. If the Wizard is not able to connect to your LDAP server, an error is displayed or the browser times out. Please contact your LDAP administrator or Numara Software Support for assistance.