* Enter the name of the utility key. You can search descriptions of utility keys.
LDAP-IC Card Authentication Setting
To display: [Utility][Administrator Settings][User Authentication/Account Track][General Settings][LDAP-IC Card Authentication Setting]
Configure settings for authentication by the LDAP server using the card ID registered on authentication cards in an environment with IC card-based user authentication implemented by connecting an Authentication Unit (IC card type).
You can set this option by selecting [External Server Authentication] or [Main + External Server] in [Administrator Settings] - [User Authentication/Account Track] - [General Settings] - [User Authentication] - [Authentication Method].
Settings | Description |
---|---|
[ON]/[OFF] | Specify whether to enable authentication by the LDAP server using the card ID registered on authentication cards. [OFF] is specified by default. |
[Setting Up LDAP] | Register the LDAP server to be used for authenticating the user ID of the IC card. For details on settings, refer to the settings of [Setting Up LDAP] shown below. |
[LDAP Server Connection Settings] | Select the name of the external server to be used as authentication information saved on this machine. The authentication information is saved on this machine when the LDAP-IC card authentication is successfully completed. This authentication information includes the user name and the external server name. As authentication information to be saved on this machine, the name of external server registered on this machine can be registered. |
[Secondary Auth. server setting] | Configure settings to connect to the secondary authentication server when you cannot connect to the primary authentication server while the LDAP server authentication is installed. For details on settings, refer to the settings of [Secondary Auth. server setting] shown below. |
[Card Information Registration Settings] | When authentication is performed on the machine using an IC card not registered in the LDAP server, select whether to register the IC card in the LDAP server. If [ON] is selected, enter the attribute such as "uid" to be searched as the user name in [User Name Attribute]. In this case, [User Name Acquisition] of [Setting Up LDAP] is set to [Acquiring]. Also, the same attribute as that specified here is set to [User Name Attribute] of [Setting Up LDAP]. [OFF] is specified by default. |
Settings of [Setting Up LDAP]
Settings | Description |
---|---|
[Setting Up LDAP] | Register the LDAP server to be used for authenticating the user ID of the IC card. Tap [Check Connection] to try connecting to the LDAP server using the entered information and check if the iformation registered is correct. Tap [Reset All Settings] to reset all the information entered. |
[User Name Acquisition] | Select how to obtain the user name when logging in to this machine.
[Use Card ID] is specified by default. |
[Timeout] | If necessary, change the time-out time to limit a communication with the LDAP server. [60 sec.] is specified by default. |
[Search Attribute] | Enter attributes for the place in which you have entered IC card information (using up to 64 characters). The attribute must start with an alphabet character. [uid] is specified by default. |
[Server Address] | Enter the LDAP server address. Use one of the following formats.
|
[Search Base 1] to [Search Base 3] | Specify the starting point to search for a user to be authenticated.
|
[SSL Setting] | Specify whether or not to use SSL for communication with the LDAP server. [OFF] is specified by default. |
[Port Number] | If necessary, change the LDAP server port number. In normal circumstances, you can use the original port number. [389] is specified by default. |
[Port Number (SSL)] | If necessary, change the SSL communication port number. In normal circumstances, you can use the original port number. [636] is specified by default. |
[Certificate Verification Level Settings] | To validate the certificate during SSL communication, select items to be verified.
|
[Authentication Type] | Select the authentication method to log in to the LDAP server. Select one appropriate for the authentication method used for your LDAP server.
[Simple] is specified by default. |
[Referral Setting] | Select whether to use the referral function, if necessary. Make an appropriate choice to fit the LDAP server environment. [ON] is specified by default. |
[Login Name] | Log in to the LDAP server, and enter the login name to search for a user (using up to 64 characters). |
[Password] | Enter the password of the user name you entered into [Login Name] (using up to 64 characters). |
[Domain Name] | Enter the domain name to log in to the LDAP server (using up to 64 characters). If [GSS-SPNEGO] is selected for [Authentication Type], enter the domain name of Active Directory. |
Settings of [Secondary Auth. server setting]
Settings | Description |
---|---|
[ON]/[OFF] | Select whether to use the secondary authentication server. [OFF] is specified by default. |
[Reconnection Settings] | Specify the timing at which to reconnect to the primary authentication server. [Set Reconnect Interval] is specified by default.
|
[Secondary Authentication Server Registration] | Register the secondary authentication server. For details on settings, refer to the settings of [Setting Up LDAP] shown above. |