* Enter the name of the utility key. You can search descriptions of utility keys.

Simple Auth. setting

To display: [Utility][Administrator Settings][User Authentication/Account Track][Simple Auth. setting]

Select whether to allow authentication that is based only on the user name (without a password) when the printer driver is used for printing in an environment where user authentication is employed. When employing external server authentication, register the authentication server for quick authentication.

Settings

Description

[Authentication Setting]

Select whether to allow authentication that is based only on the user name (without a password) when the printer driver is used for printing in an environment where user authentication is employed.

To permit the quick authentication, the login user name for this machine for MFP authentication, external server authentication, and enhanced server authentication must match the Windows login ID.

[Restrict] is specified by default.

[Register Authentication Server]

When external server authentication is implemented, register the LDAP server to check user names.

For details on settings, refer to the settings of [Register Authentication Server] shown below.

[Secondary Auth. server setting]

Configure settings to connect to the secondary authentication server when you cannot connect to the primary authentication server while the external server authentication is installed.

For details on settings, refer to the settings of [Secondary Auth. server setting] shown below.

Settings of [Register Authentication Server]

Settings

Description

[External Server Authentication]

Select the external server name to be used as a part of user information when authentication using the LDAP server is successfully completed from the external servers registered on this machine.

The external server selected here is used for the following purpose.

  • Using as a part of authentication information saved on this machine

  • Using for restricting the functions of this machine or managing the maximum allowance

[Timeout]

If necessary, change the time-out time to limit a communication with the LDAP server.

[60 sec.] is specified by default.

[Search Attribute]

Enter the search attribute to be used for search of a user using the LDAP server (using up to 64 characters).

The attribute must start with an alphabet character.

[uid] is specified by default.

[Server Address]

Enter the LDAP server address.

Use one of the following formats.

  • Example of host name entry: "host.example.com"

  • Example of IP address (IPv4) entry: "192.168.1.1"

  • Example of IP address (IPv6) entry: "fe80::220:6bff:fe10:2f16"

[Search Base 1] to [Search Base 3]

Specify the starting point to search for a user to be authenticated.

  • [Search Base]: Specify the starting point to search for a target (using up to 255 characters).
    Example of entry: "cn=users,dc=example,dc=com"

  • [Search Range]: Select a tree search range. [Full Tree] is specified by default.
    Selecting [Full Tree] makes a search, including the tree structure under the entered starting point. Selecting [Next hierarchy only] searches for only one level directly beneath the entered starting point. In this case, the level at the starting point is not included as a search target.

[SSL Setting]

Specify whether or not to use SSL for communication with the LDAP server.

[OFF] is specified by default.

[Port Number]

If necessary, change the LDAP server port number.

In normal circumstances, you can use the original port number.

[389] is specified by default.

[Port Number (SSL)]

If necessary, change the SSL communication port number.

In normal circumstances, you can use the original port number.

[636] is specified by default.

[Certificate Verification Level Settings]

To validate the certificate during SSL communication, select items to be verified.

  • [Expiration Date]: Confirm whether the certificate is within the validity period. [Confirm] is specified by default.

  • [Key Usage]: Confirm whether the certificate is used according to the intended purpose approved by the certificate issuer. [Do Not Confirm] is specified by default.

  • [Chain]: Confirm whether there is a problem in the certificate chain (certificate path). The chain is validated by referencing the external certificates managed on this machine. [Do Not Confirm] is specified by default.

  • [Expiration Date Confirmation]: Confirm whether the certificate has expired. [Do Not Confirm] is specified by default.

  • [CN]: Confirm whether CN (Common Name) of the certificate matches the server address. [Do Not Confirm] is specified by default.

[Authentication Type]

Select the authentication method to log in to the LDAP server.

Select one appropriate for the authentication method used for your LDAP server.

  • [Simple]

  • [Digest-MD5]

  • [GSS-SPNEGO]

  • [NTLM v1]

  • [NTLM v2]

[Simple] is specified by default.

[Referral Setting]

Select whether to use the referral function, if necessary.

Make an appropriate choice to fit the LDAP server environment.

[ON] is specified by default.

[Login Name]

Log in to the LDAP server, and enter the login name to search for a user (using up to 64 characters).

[Password]

Enter the password of the user name you entered into [Login Name] (using up to 64 characters).

[Domain Name]

Enter the domain name to log in to the LDAP server (using up to 64 characters).

If [GSS-SPNEGO] is selected for [Authentication Type], enter the domain name of Active Directory.

[Check Connection]

Select this option to try connecting to the LDAP server using the entered information and check if the information registered is correct.

[Reset All Settings]

Tap this button to reset all the contents you entered.

Settings of [Secondary Auth. server setting]

Settings

Description

[ON]/[OFF]

Select whether to use the secondary authentication server.

[OFF] is specified by default.

[Reconnection Settings]

Specify the timing at which to reconnect to the primary authentication server.

[Set Reconnect Interval] is specified by default.

  • [Reconnect for every login]: Connects to the primary authentication server each time authentication is carried out on this machine. If the primary authentication server is shutting down, this machine is connected to the secondary authentication server.

  • [Set Reconnect Interval]: Connects to the secondary authentication server when the primary authentication server is shutting down when machine authentication is occurring. After this, this machine is connected to the secondary authentication server when machine authentication is occurring until the time specified in [Reconnection Time] lapses. After the time specified in [Reconnection Time] has lapsed, this machine is reconnected to the primary authentication server when machine authentication is occurring.

[Secondary Authentication Server Registration]

Register the secondary authentication server.

For details on settings, refer to the settings of [Register Authentication Server] shown above.