Submit a ticket
Welcome
Login  Sign up
  2. Solution home
  3. Gespage Server
  4. Gespage FAQ
Open navigation

Enabling Reverse Synchronization of Gespage Print Code to LDAP / Active Directory / Azure AD

Thava Navaraththinam
Modified on: Tue, 16 Dec, 2025 at 5:19 PM

Objective


This article explains how to enable reverse synchronization of the print code from Gespage to an external directory (Active Directory, LDAP, or Azure AD).
Once enabled, any modification of a user’s print code in Gespage will automatically be written back to the corresponding user attribute in the directory during LDAP synchronization.

Scope

This procedure applies to the following environments:

  • Gespage with LDAP synchronization enabled

  • Active Directory

  • Generic LDAP directories

  • Azure AD (via LDAP synchronization)

How It Works

By default, Gespage synchronizes user information from the directory into its internal database.
Reverse synchronization allows Gespage to push a specific attribute in the opposite direction: the print code.

When reverse synchronization is enabled:

  • The print code is modified in Gespage

  • An LDAP synchronization is triggered

  • Gespage updates the corresponding user attribute in the external directory

This functionality relies on a custom script named LdapImport.groovy.

Prerequisites

Before starting, ensure that:

  • LDAP synchronization is already operational

  • You have administrative access to the Gespage server

  • You have permission to modify directory permissions

  • The LDAP bind account configured in Gespage is identified

Step 1 – Deploy the Groovy Script

In a default installation, the LdapImport.groovy script is provided as an example and is not active by default.

  1. Navigate to the Gespage example scripts directory:
    GespageCore\server\resources\scripts\examples

  2. Locate the file named LdapImport.groovy

  3. Move this file to the active scripts directory:
    GespageCore\server\resources\scripts

Important:
The script must be located in the scripts directory to be executed by Gespage. Keeping it in the examples folder will prevent it from running.

Step 2 – Enable Reverse Synchronization in the Script

This step enables Gespage to write the print code back to the directory.

  1. Open the LdapImport.groovy file from the scripts directory

  2. Locate the main method, typically named doAction(Integer ldap_id)

  3. Find the variable DO_MODIF_AD_WITH_PRINT_CODE

  4. Change its value to enable it (set it to true)

  5. Save the file

After this change, Gespage is technically able to update the print code in the directory.

Step 3 – Configure Directory Permissions

This step is critical.

The LDAP bind account configured in Gespage must have write permissions on the synchronized user objects, specifically on the attribute used to store the print code.

Verify the following in your directory:

  • The bind account can modify synchronized user objects

  • The target print code attribute is writable

  • Permissions apply to the entire Organizational Unit involved

Warning:
If the bind account does not have sufficient write permissions, reverse synchronization will fail. Permission-related errors will be logged in Gespage logs.

Step 4 – Apply Changes and Restart

After modifying the script:

  • It is recommended to restart Gespage services to ensure the script is properly loaded

  • Check Gespage logs during startup to confirm that the script is executed

Step 5 – Verify the Configuration

To confirm that reverse synchronization is working correctly:

  1. Modify a user’s print code directly in Gespage

  2. Trigger an LDAP synchronization

  3. Open your directory administration tool

    • Active Directory: Active Directory Users and Computers

    • Azure AD: Azure Portal / Entra ID

  4. Verify that the user attribute has been updated with the new print code

If the value is correctly updated, reverse synchronization is successfully enabled.

Troubleshooting

The print code is not updated in the directory:

  • Ensure the script is located in the scripts directory

  • Confirm that the DO_MODIF_AD_WITH_PRINT_CODE variable is enabled

  • Verify bind account permissions

  • Review Gespage logs for LDAP-related errors

Permission errors in logs:

  • Review permission delegation in the directory

  • Confirm the correct OU and attribute are targeted

Best Practices

  • Test the configuration with a test user before global deployment

  • Back up the script before making any changes

  • Clearly document the LDAP attribute used for the print code

  • Grant the bind account only the minimum required permissions

Conclusion

Enabling reverse synchronization of the print code ensures data consistency between Gespage and the external directory.
Once properly configured, this feature automates user attribute updates, reduces manual intervention, and minimizes the risk of configuration errors.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.