Smart Card Authentication Client LDAP issues

LDAP lookups fail

Try one or more of the following:

Make sure Port 389 (non-SSL) and Port 636 (SSL) are not blocked by a firewall

The printer uses these ports to communicate with the LDAP server. The ports must be open for LDAP lookups to work.

Disable reverse DNS lookups

The printer uses reverse DNS lookups to verify IP addresses. If reverse DNS lookups are not used on your network, then do the following:

On printers running the Embedded Solutions Framework (eSF) version 3.0 or later:

  1. From the Embedded Web Server, click Settings  > Security  > Security Setup.

  2. From Step 1 under the Advanced Security Setup heading, click Kerberos 5.

  3. Under the Kerberos Settings heading, select Disable Reverse IP Lookups.

  4. Click Submit.

On printers running eSF version 2.0:

  1. Access the application configuration settings from the Embedded Web Server.

  2. Under the Advanced Settings heading, select Disable Reverse DNS Lookups.

  3. Click Apply.

Note: If you are unsure about which version of eSF your printer is running, then see Checking which version of the Embedded Solutions Framework is installed on a printer.

If the LDAP server requires SSL, then enable SSL for LDAP lookups

  1. Access the application configuration settings from the Embedded Web Server.

  2. Under the Advanced Settings heading, select Use SSL for User Info.

  3. Click Apply.

Narrow the LDAP search base

Narrow the LDAP search base to the lowest possible scope that includes all necessary users.

Verify that the LDAP attributes being searched for are correct

Make sure all LDAP attributes for the user are correct.