LDAP Authentication
Specify this authentication method when using the LDAP server to authenticate users who have their
accounts on the LDAP server. Users cannot be authenticated if they do not have their accounts on the
LDAP server. The Address Book stored in the LDAP server can be registered to the printer, so that user
authentication can be enabled without first using the printer to register individual settings in the Address
Book. When using LDAP authentication, to prevent the password information being sent over the
network unencrypted, it is recommended that communication between the printer and the LDAP server
be encrypted using SSL. You can specify on the LDAP server whether or not to enable SSL. To do this,
you must create a server certificate for the LDAP server. For details about creating a server certificate,
see page 47 "Creating the Server Certificate". The setting for using SSL can be specified in the LDAP
server setting.
Using Web Image Monitor, you can enable a function to check whether the SSL server is trustworthy
when you connect to the server. For details about specifying LDAP authentication using Web Image
Monitor, see Web Image Monitor Help.
• During LDAP authentication, the data registered to the LDAP server is automatically registered to
the printer. If user information on the server is changed, information registered to the printer may be
overwritten when authentication is performed.
•
Under LDAP authentication, you cannot specify access limits for groups registered to the directory
server.
• Do not use double-byte Japanese, Traditional Chinese, Simplified Chinese, or Hangul characters
when entering the login user name or password. If you use double-byte characters, you cannot
authenticate using Web Image Monitor.
• If using Active Directory in LDAP authentication when Kerberos authentication and SSL are set at
the same time, e-mail addresses cannot be obtained.
• Under LDAP authentication, if "Anonymous Authentication" in the LDAP server's settings is not set to
Prohibit, users who do not have an LDAP server account might still be able to gain access.
• If the LDAP server is configured using Windows Active Directory, "Anonymous Authentication"
might be available. If Windows authentication is available, we recommend you use it.
Operational requirements for LDAP authentication
To specify LDAP authentication, the following requirements must be met:
• The network configuration must allow the printer to detect the LDAP server.
• When SSL is being used, TLSv1 or SSLv3 can function on the LDAP server.
• The LDAP server must be registered to the printer.
• When registering the LDAP server, specify the following:
• Server Name
2. Configuring User Authentication
48
To Next Page
Loading...
Need help?
General
Weight and Dimensions
