* Enter the name of the utility key. You can search descriptions of utility keys.

External Server Settings

To display: [Utility][Administrator Settings][User Authentication/Account Track][External Server Settings]

When employing external server authentication, register the authentication server.

If you group two servers, you can switch to another server to perform authentication when a server shuts down.

Select a number for registering the server and tap [New].

Settings

Description

[Server Name]

Enter the name of your authentication server group (using up to 32 characters).

Assign a name that helps you easily identify the authentication server group.

[1st Server Registration]

Register the primary server in the server group.

For details, refer to "Settings of [1st Server Registration]" shown below.

[2nd Server Setting]

Configure a setting to connect to the secondary server when the machine cannot be connected to the primary server.

For details, refer to "Settings of [2nd Server Setting]" shown below.

[Round Robin function]

Select whether to alternately connect to the primary and secondary servers.

If you select [Enable], you can alternately connect the primary and secondary servers to distribute the server load.

[Disable] is specified by default.

Settings of [1st Server Registration]

Settings

Description

[Active Directory]

Register server information when Active Directory is used as the authentication server.

  • [Default Domain Name]: Enter the default domain name of your Active Directory (using up to 64 characters).

  • [Timeout]: Change the timeout interval for communication with Active Directory, if required.
    [60 sec.] is specified by default.

[NTLM v1]

Register server information when NTLM v1 is used as the authentication server.

  • [Default Domain Name]: Enter the default domain name of your authentication server (using up to 64 characters). The default domain name must be uppercase letters.

[NTLM v2]

Register server information when NTLM v2 is used as the authentication server.

  • [Default Domain Name]: Enter the default domain name of your authentication server (using up to 64 characters). The default domain name must be uppercase letters.

[LDAP]

Register server information when LDAP is used as the authentication server.

  • [Server Address]: Enter your LDAP server address.

  • [Search Base 1] to [Search Base 3]: Specify the starting point and range to search a user to be authenticated.
    [Search Base]: Specify the starting point to search for a target (using up to 255 characters).
    Example of entry: "cn=users,dc=example,dc=com"
    [Search Range]: Select a tree search range. [Full Tree] is specified by default. Selecting [Full Tree] makes a search, including the tree structure under the entered starting point. Selecting [Next hierarchy only] searches for only one level directly beneath the entered starting point. In this case, the level at the starting point is not included as a search target.

  • [SSL Setting]: Specify whether to use SSL for communications. [OFF] is specified by default.

  • [Port No.]: If necessary, change the port number. [389] is specified by default.

  • [Timeout]: Change the timeout interval for communication with the LDAP server, if required. [60] sec. is specified by default.

  • [Authentication Type]: Select the authentication method to log in to the LDAP server. Select one appropriate for the authentication method used for your LDAP server. [Simple] is specified by default.

  • [Search Attribute(s)]: Enter the search attribute used in user account search (using up to 64 characters). [uid] is specified by default.

  • [Search Directory Service]: If you select [Active Directory], you can limit a search target for authentication to users. However, when a search target for authentication is limited to users, search target identification processing occurs on the server side, so the authentication time may be delayed. This function is available when the authentication server is set to Active Directory (Windows Server 2008 or later). [Other] is specified by default.

  • [Search Attributes Authentication]: Specify whether to have DN (Distinguished Name) generated automatically that is required for authentication by the LDAP server when [Simple] is selected for [Authentication Type]. Also, enter authentication information used for logging in to the LDAP server in order to search for the user ID. [No Limit] is specified by default.

Settings of [2nd Server Setting]

Settings

Description

[ON]/[OFF]

Select whether to use the secondary server.

[OFF] is specified by default.

[Reconnection Set.]

Configure a setting to connect to the secondary server when the machine cannot be connected to the primary server. When the round-robin function is enabled, this setting can also be used to connect to the primary server when the machine cannot be connected to the secondary server.

  • [Reconnect for every login]: Connects to the primary server each time authentication is carried out on this machine. If the primary server is shutting down, this machine is connected to the secondary server.

  • [Set Reconnect Interval]: Connects to the secondary server when the primary server is shutting down at the time the machine is being authenticated. After this, this machine is connected to the secondary server when machine authentication is occurring until the time specified in [Reconnection Time] lapses. After the time specified in [Reconnection Time] has lapsed, this machine is reconnected to the primary server when machine authentication is occurring.

[Set Reconnect Interval] is specified by default.

[2nd Server Reg.]

Register the secondary server.

For details, refer to "Settings of [1st Server Registration]".

Tips
  • To change the registered authentication server information, select the registration number and tap [Edit].

  • To delete the registered authentication server, select the registration number and tap [Delete].

  • When registering multiple authentication servers, select the authentication server that is normally used and then tap [Set as Default] to register it as the default.