Constructing a single sign-on environment for the SMB transmission

By using the user authentication information (login name and password) of this machine as SMB destination authentication information (host name and password), you can avoid the problem of having to specify SMB destination authentication information, allowing construction of a single sign-on environment for SMB transmission.

In the administrator mode, select [Network] - [SMB Setting] - [Client Setting], then configure the following settings.

Settings

Description

[SMB TX Setting]

Select [ON] to use the single sign-on function.

[ON] is specified by default.

[SMB Authentication Setting]

Select [Kerberos/NTLM v1/v2] to use the single sign-on function.

NTLMv2 authentication is performed if Kerberos authentication fails, and NTLMv1 authentication is performed if NTLMv2 authentication fails.

[NTLM v1] is specified by default.

[Default Domain Name]

Enter the default domain name to be added to the host name of the destination at SMB transmission (using up to 64 characters). The default domain name cannot be prefixed by an asterisk (*).

If the domain name of the destination is not specified by the user when sending data using SMB, the domain name specified here is added.

This item is not required when Active Directory is used as an authentication server.

[SMB User Credential Setting]

When using the user authentication information (login name and password) of this machine as SMB destination authentication information (host name and password), select [ON].

If Active Directory is used as an authentication server, the domain name of Active Directory is added to the login name. When other authentication method is used, the domain name entered at [Default Domain Name] is added.

[OFF] is specified by default.

[Edit SMB User Credentials]

This setting is available when [ON] is selected for [SMB User Credential Setting].

If you select [Restrict], an SMB destination is registered, excluding the user ID and password specified at login. However, using Web Connection, an SMB destination is registered, including the user ID and password.
If you select [Allow], you can specify whether to register an SMB destination, including or excluding the user ID and password. If you select [Reg. excl. ID and Password] and register an SMB destination, the user ID and password are automatically added at SMB transmission.

[Restrict] is specified by default.

[User Authentication(NTLM)]

Select [ON] to use the single sign-on function.

[ON] is specified by default.

[SMB security Signature Setting]

Select whether to enable the SMB signature of this machine to suit your environment.

  • [Disable]: Disables the SMB signature of this machine.

  • [When Requested]: Enables the SMB signature of this machine (client) only when the SMB signature is requested from the server side. If the SMB signature is not requested from the server side, operations are performed while the SMB signature of this machine (client) remains disabled, and a connection is possible even when the SMB signature in the server side is disabled.

  • [Required]: Enables the SMB signature of this machine. To establish a connection, the SMB signature is also required in the server side. If the SMB signature in the server side is disabled, it will not be possible to make a connection.

[When Requested] is specified by default.