Understanding the LDAP information

During installation, the LPM installer lets you enter LDAP information and writes information to appropriate locations. Passwords are encrypted in each location. LPM determines LDAP information from the backup files and pre‑populates the fields with the data. Make sure that the information is correct. If a backup file is not available, then the fields are empty.

Note: If LDAP information is detected in the backup files, then the installer uses that information, and then populates them in the LDAP information window. You cannot edit this information.

Enter the LDAP information that must be used to validate a user’s access to LPM. Enter the full URL to the LDAP server. For example, ldap://server.company.com or ldap://IPaddress , where IPaddress is the IP address of the LDAP server.

Note: You may use LDAP or LDAPS.

The LDAP port number is collected as a separate field and must not be entered in the URL field. For more information on the supported port numbers for LDAP and LDAPS, see Supported port numbers and protocols. You may use an anonymous connection or provide credentials for connecting to the LDAP server.

Note: Many Active Directory and LDAP servers are configured to block anonymous LDAP bind requests. Make sure that your LDAPS settings are configured correctly.

If LDAPS is used, then untrusted SSL certificates can cause the test to fail. Before attempting a connection, install SSL certificates on your server. You can also set the LPM installer to ignore LDAP SSL validation by selecting Ignore SSL certification validation during installation.

Specifying the LDAP configuration is optional for Print Release, but it is required for the following:

  • Accessing Print Management Console

  • Submitting jobs using a mobile device

  • Submitting jobs using AirPrint

During installation, the LDAP settings are written to property files. Make sure that the solution settings are configured after the installation.

When updating LDAP settings in a multiple‑domain environment, update the ldap.properties file in the <install‑Dir> \Lexmark\Solutions\apps\printrelease\WEB-INF\classes folder, where <install‑Dir> is the installation folder of LPM. Restart the Lexmark Solutions Application Server service after the update.

Notes:
  • In a multiple‑domain environment, make sure that the LDAP settings in the LPM administrator portal and the ldap.properties file match.
  • In a single‑domain environment, only the solution LDAP settings and the LPM administrator portal settings must match.

Installing LDAP SSL certificates on LPM server

If LDAP certificate is self-signed, then add the certificate to the Java keystore.

Note: This is not required for CA‑signed certificates.

  1. From the command prompt, navigate to <LDD-Install-Dir>\Lexmark\Solutions\jre\bin.

  2. Type >keytool -import -alias <any-cert-alias> -keystore "<LDD-Install-Dir>\Lexmark\Solutions\jre\lib\security\cacerts" -file "<path-to-cert-file>.

    where:

    • <LDD-Install-Dir> is the LDD installation path.

    • <any-cert-alias> is any unique alphanumeric string to be the alias of the certificate in the keystore.

    • <path-to-cert-file> is the path to the certificate file.

  3. Restart the Lexmark Solutions Application Server (LSAS) service.