LDAP-IC Card Authentication Setting

HomeCopyLDAP-IC Card Authentication Setting

To display:

[Utility]
- [Administrator Settings]
  - [User Authentication/Account Track]
    - [General Settings]
      - [LDAP-IC Card Authentication Setting]

Configure settings for authentication by the LDAP server using the card ID registered on authentication cards in an environment with IC card-based user authentication implemented by connecting the Authentication Unit (IC card type).

You can set this option by selecting [External Server Authentication] or [Main + External Server] in [Administrator Settings] - [User Authentication/Account Track] - [General Settings] - [User Authentication] - [General Settings].

Settings		Description
[ON]/[OFF]		Specify whether to enable authentication by the LDAP server using the card ID registered on authentication cards. [OFF] is specified by default.
[Setting Up LDAP]		Register the LDAP server to be used for authenticating the user ID of the IC card. Tap [Check Connection] to try connecting to the LDAP server using the entered information and check if the information registered is correct. Tap [Reset All Settings] to reset all the information entered.
	[User Name Acquisition]	Select the method for obtaining the user name for logging in to this machine. [Use Card IC]: Use the card ID on the IC card as the user name. [Acquiring]: Use the user name obtained from the server. Enter the attribute to be searched as the user name (such as "uid") in [User Name Attribute]. [Use Card IC] is specified by default.
	[Timeout]	Change the timeout time of communication with the LDAP server if necessary. [60 second] is specified by default.
	[Search Attribute(s)]	Enter the search attribute to be used for search of a user using the LDAP server (using up to 64 characters). The attribute must start with an alphabet character. [uid] is specified by default.
	[Server Address]	Enter the LDAP server address. Use one of the following entry formats. Example of host name entry: "host.example.com" Example of IP address (IPv4) entry: "192.168.1.1" Example of IP address (IPv6) entry: "fe80::220:6bff:fe10:2f16"
	[Search Base]	Specify the starting point to search for a user to be authenticated (using up to 255 characters). This option also searches in subdirectories under the entered starting point. Example of entry: "cn=users,dc=example,dc=com"
	[SSL Setting]	Specify whether or not to use SSL for communication with the LDAP server. [OFF] is specified by default.
	[Port Number]	If necessary, change the LDAP server port number. Normally, you can use the original port number. [389] is specified by default.
	[Port Number (SSL)]	If necessary, change the SSL communication port number. Normally, you can use the original port number. [636] is specified by default.
	[Certificate Verification Level Settings]	To validate the certificate during SSL communication, select items to be verified. [Expiration Date]: Confirm whether the certificate is within the validity period. [Confirm] is specified by default. [Key Usage]: Confirm whether the certificate is used according to the intended purpose approved by the certificate issuer. [Do Not Confirm] is specified by default. [Chain]: Confirm whether there is a problem in the certificate chain (certificate path). The chain is validated by referencing the external certificates managed on this machine. [Do Not Confirm] is specified by default. [Expiration Date Confirmation]: Confirm whether the certificate has expired. [Do Not Confirm] is specified by default. [CN]: Confirm whether CN (Common Name) of the certificate matches the server address. [Do Not Confirm] is specified by default.
	[Authentication Type]	Select the authentication method to log in to the LDAP server. Select one appropriate for the authentication method used for your LDAP server. [Simple] [Digest-MD5] [GSS-SPNEGO] [NTLM v1] [NTLM v2] [Simple] is specified by default.
	[Referral Setting]	Specify whether to use the referral function as required. Make an appropriate choice that fits the LDAP server environment. [ON] is specified by default.
	[Login Name]	Log in to the LDAP server, and enter the login name to search for a user (using up to 64 characters).
	[Password]	Enter the password of the user name you entered into [Login Name] (using up to 64 characters).
	[Domain Name]	Enter the domain name to log in to the LDAP server (using up to 64 characters). If [GSS-SPNEGO] is selected for [Authentication Type], enter the domain name of Active Directory.
[LDAP-IC Card Authentication Setting]		Select the name of the external server to be used as authentication information saved in this machine The authentication information is saved in this machine when the LDAP-IC card authentication is successfully completed. This authentication information includes the user name and the external server name. As for the external server name in authentication information to be saved in this machine, you can register the name of external server registered on this machine.