Specifications
2-31
LDAP
In Active Directory, after Kerberos authentication, LDAPv3 is used to acquire the user information.
RC4 is used to encrypt the password.
The search is executed with following parameter:
Search Filter:
UserPrincipalName = <user>@<domain> OR
SAMAccountName = <user>
<user> : user name
<domain> : domain name
Search Attribute:
displayName
cn
mail
telephoneNumber
facsimileTelephoneNumber
department
Bace DN : domain name
• The user’s e-mail address acquired by LDAP is adopted to the “From” field of IFAX and e-mail that
the logging-on-user requires. The format of “From” field shall be ”displayName<mail>” or ”cn<mail>”.
If the displayName is not acquired, cn shall be used instead.
• If the e-mail address is not acquired, the e-mail address that registered on the NGP shall be used.
• The e-mail address required by the user shall also take effect after the user has logged out.
• The LDAP server setting differs from which it is registered for LDAP search. The LDAP server shall
be acquired through DNS domain controller search.
• Kerberos system shall be used only in LDAP search for authentication.