External Server Settings: External Server Settings

External Server Settings

Click External Server Settings - External Server Settings on the menu of User Auth/Account Track tab to display this screen.

This method is used to manage users who use this machine by linking to Active Directory, the LDAP server, etc.

When Active Directory, the LDAP server, etc. are installed for user management purposes in your environment, you can use user information under the control of the server.

This section describes how to set Edit for each server type.

You can view a list of the currently registered external authentication servers. For the default server, the radio button in the Default field is selected.

Edit (Active Directory)

When Active Directory of Windows Server is used for user management, users who can use this machine can be restricted by the authentication by Active Directory.

Enabling User Authentication allows you to not only restrict users who can use this machine but also use the advanced operation methods focused on security and cost, by, for example, restricting available functions for each user or managing the machine use status.

In this step, register an external authentication server. Also modify settings for a registered external authentication server.

  1. Configure the setting to connect to the network, for example, specifying the IP address of this machine. For details, refer to TCP/IP connection.

  2. Specify the date and time of this machine. The date and time must match between this machine and Active Directory. For details about the date/time setting of the machine, refer to Date/Time Setting.

  3. Click Edit for any blank areas on the list that have no server names displayed or click Edit for desired external authentication servers.

  4. Specify or change the following items as needed.

    Configuration

    Description

    External Server Name

    Enter the name of the Active Directory you are using (up to 32 one-byte characters).

    Assign an easy-to-understand name to the Active Directory to register.

    External Server Type

    Select Active Directory.

    Default Domain Name*

    Enter the default domain name of the Active Directory you are using (up to 64 one-byte characters).

    Timeout

    Change the timeout period of a communication with Active Directory as necessary.

    60 sec. is specified by default.

    * For example, if a child domain (sub.example.com) contains a server with an authentication user registered, the sub domain is used as the default domain.

  5. Click OK. Clicking Cancel cancels the setting.

  6. Click OK on the setting complete screen.

Edit (NTLM)

When Active Directory of Windows Server (NT compatible domain environment) is used for user management, users who can use this machine can be restricted by the NTLM authentication.

Enabling User Authentication allows you to not only restrict users who can use this machine but also use the advanced operation methods focused on security and cost, by, for example, restricting available functions for each user or managing the machine use status.

In this step, register an external authentication server. Also modify settings for a registered external authentication server.

Tips
  • Match the date and time between this machine and the Active Directory server. For details about the date/time setting of this machine, refer to Date/Time Setting.

  1. Configure the setting to connect to the network, for example, specifying the IP address of this machine. For details, refer to TCP/IP connection.

  2. Click any blank area on the list, or click Edit for an external authentication server.

  3. Specify or change the following items as needed.

    Configuration

    Description

    External Server Name

    Enter the name of the authentication server you are using (up to 32 one-byte characters).

    Assign an easy-to-understand name to the authentication server to register.

    External Server Type

    Select NTLM v1 or NTLM v2.

    Default Domain Name*

    Enter the default domain name of the authentication serve you are using (up to 64 one-byte characters). The default domain name cannot be prefixed by an asterisk (*).

    * For example, if a child domain (sub.example.com) contains a server with an authentication user registered, the sub domain is used as the default domain.

  4. Click OK. Clicking Cancel cancels the setting.

  5. Click OK on the setting complete screen.

Edit (LDAP)

When the LDAP server is used for user management, users who can use this machine can be restricted by LDAP authentication.

Enabling User Authentication allows you to not only restrict users who can use this machine but also use the advanced operation methods focused on security and cost, by, for example, restricting available functions for each user or managing the machine use status.

In this step, register an external authentication server. Also modify settings for a registered external authentication server.

  1. Configure the setting to connect to the network, for example, specifying the IP address of this machine. For details, refer to TCP/IP connection.

  2. Click any blank area on the list, or click Edit for an external authentication server.

  3. Specify or change the following items as needed.

    Configuration

    Description

    External Server Name

    Enter the name of the LDAP server you are using (up to 32 one-byte characters).

    Assign an easy-to-understand name to the LDAP server to register.

    External Server Type

    Select LDAP.

    Server Address

    Enter the address of the LDAP server you are using.

    Use one of the following formats to enter the address.

    • Host name entry example: host.example.com

    • IP address (IPv4) entry example: 192.168.1.1

    • IP address (IPv6) entry example: fe80::220:6bff:fe10:2f16

    Port No.

    If necessary, change the of the LDAP server port number.

    Ordinarily, you do not need to change the port number.

    389 is specified by default.

    Search Base

    Specify the search starting point when searching for a user (up to 255 one-byte characters).

    A search is made, including the tree structure under the specified start point.

    Input example: cn=users,dc=example,dc=com

    Timeout

    Change the timeout period of a communication with the LDAP server as necessary.

    60 sec. is specified by default.

    General Settings

    Select an authentication method to log in to the LDAP server.

    Select the appropriate one to suit the authentication method adopted in the LDAP server you are using.

    Simple is specified by default.

    Search Attributes

    Enter the search attribute required to search for a user account (up to 64 one-byte characters, including hyphens "-").

    The attribute value must begin with a one-byte alphabet character.

    uid is specified by default.

  4. Click OK. Clicking Cancel cancels the setting.

  5. Click OK on the setting complete screen.

Delete

Deletes a registered external authentication server.

  1. Click Delete of the external authentication server to be deleted.

  2. Click OK on the confirmation screen. Click Cancel to cancel the deletion.

  3. Click OK on the setting complete screen.

Default Setting

  1. To specify an external authentication server as default, select the radio button of the server in the Default field.

  2. Click OK. Clicking Cancel cancels the setting.

  3. Click OK on the setting complete screen.