Home >
Web Management Tool > Configuring the Scan Transmission Environment > Configuring Settings to Search for a Destination via the LDAP Server
Configuring Settings to Search for a Destination via the LDAP Server
Setting flow
If the LDAP server or the Active Directory of Windows Server is used for user management, you can search for (LDAP Search) destination information registered in the server and specify the desired destination.
When using the LDAP search function, follow the below procedure to configure the settings.
To use the LDAP function of the Active Directory server, you must register the DNS server that synchronizes the Active Directory on this machine before starting the procedure. For details on how to register the DNS server, refer to
Registering the DNS server.
To use the LDAP function of the Active Directory server, you must match the date and time of this machine and Active Directory. For details on how to set the date and time of this machine, refer to
Setting the Date and Time for the Machine.
3
Configuring settings to suit your environment
Configure basic settings for the LDAP search
Configure settings to search for destination information registered in the LDAP server.
1
Select [Network] - [LDAP Setting] - [LDAP Setting] in administrator mode of Web Connection (or in [Utility] - [Administrator] of this machine), and configure the LDAP settings.
2
Select [Network] - [LDAP Setting] - [Setting Up LDAP] - [Edit] in administrator mode of Web Connection (or in [Utility] - [Administrator] of this machine), and register the LDAP server.
Settings of [LDAP Setting]
| |
---|
| To perform LDAP search, select [ON] (default: [OFF]). |
[Default Search Result Display Setting] | Select whether an E-mail address, fax number, or Internet fax number is given priority to be displayed as the destination search result when searching for destinations from the LDAP server (default: [E-mail]). |
Settings of [Setting Up LDAP]
| |
---|
| Enter the name of the LDAP server (using up to 32 single-byte characters). |
| Enter the LDAP server address. Use one of the following formats. Example to enter the host name: "host.example.com" Example to enter the IP address (IPv4): "192.168.1.1" Example to enter the IP address (IPv6): "fe80::220:6bff:fe10:2f16"
|
| If necessary, change the LDAP server port number (default: [389]). |
| Specify the starting point to search for a destination (using up to 255 single-byte characters). The range from the entered origin point, including the following tree structure, is searched. Example of entry: "cn=users,dc=example,dc=com" |
| If necessary, change the time-out time to limit a communication with the LDAP server (default: [60] sec.). |
| Change the maximum number of destinations to be displayed as search results, if necessary (default: [100]). |
| Select the authentication method to log in to the LDAP server depending on your environment (default: [anonymous]). [Login Name]: Enter the login name used for LDAP authentication (using up to 64 double-byte or single-byte characters). [Password]: Enter the password for LDAP authentication (using up to 64 single-byte characters). [Domain Name]: If [GSS-SPNEGO] is selected for [Authentication Method], enter the domain name of Active Directory (using up to 64 single-byte characters).
|
[Select Server Authentication Method] | Select whether to synchronize the LDAP authentication with the user authentication of this machine (default: [Set Value]). [Set Value]: Uses values entered in [Login Name] and [Password]. [User Authentication]: Uses the registered user's user authentication of this machine as authentication information for LDAP authentication. [Dynamic Authentication]: The system prompts you to enter the user name and password at LDAP searching.
|
| If necessary, select whether to use the referral function (default: [ON]). |
[Search Condition Attributes] | Select attributes to be specified when performing the LDAP search (default: [Name]). The setting can be switched between [Name] (cn) and [Nickname] (displayName). |
| Select whether to display candidate destinations when entering a part of the name to perform LDAP search (default: [OFF]). |
[Initial Setting for Search Details] | Specify the default LDAP search conditions for each item (default: [OR]). [Search Attributes Authentication]: When enabling Search Attributes Authentication, set this option to ON (default: OFF). Configure this setting when [Authentication Method] is set to [Simple] and [Select Server Authentication Method] to [Dynamic Authentication]. If enabled, the user does not need to enter all of the DN (Distinguished Name) when performing authentication via the LDAP server. [Search Attribute]: Enter the search attribute to be automatically added before the user name (using up to 64 single-byte characters). The attribute value must start with a single-byte alphabetical character (default: [uid]). In normal circumstances, specify "uid" before the user name, however, depending on your environment, you need to specify other attribute such as "cn".
|
- From [Check Connection] of the LDAP server list, you can confirm whether you can connect to the LDAP server according to the registered contents.
Using SSL communication
If SSL is installed in your environment, enable SSL.
Select [Network] - [LDAP Setting] - [Setting Up LDAP] - [Edit] in administrator mode of Web Connection (or in [Utility] - [Administrator] of this machine), and configure the following settings.
| |
---|
| When using SSL communications, set this option to ON (default: OFF). [Port No.(SSL)]: If necessary, change the port number for SSL communication (default: [636]).
|
[Certificate Verification Level Settings] | To validate the certificate during SSL communication, select items to be verified. [Expiration Date]: Confirm whether the certificate is within the validity period (default: ON). [CN]: Confirm whether CN (Common Name) of the certificate matches the server address (default: OFF). [Key Usage]: Confirm whether the certificate is used according to the intended purpose approved by the certificate issuer (default: OFF). [Chain]: Confirm whether there is a problem in the certificate chain (certificate path) (default: OFF). The chain is validated by referencing the external certificates managed on this machine. [Expiration Date Confirmation]: Confirm whether the certificate has expired (default: OFF). The expiration date confirmation is performed in the order of OCSP (Online Certificate Status Protocol) service, and CRL (Certificate Revocation List).
|