When you use Active Directory of Windows Server for user management, you can restrict users of this machine by authentication using Active Directory.
Employing the user authentication enables security- and cost-conscious advanced operations such as restricting users from accessing this machine, restricting users from using the functions by user, and managing the use status of this machine.
When employing the Active Directory authentication, follow the below procedure to configure the settings.
Purpose | Reference |
---|---|
Send original data scanned by this machine easily to the login user's own address using E-mail (Scan to Me). | |
Send original data scanned by this machine easily to the login user's Home directory (Scan to Home). | |
Use the single sign-on | |
Construct a single sign-on environment for the SMB transmission | |
Restrict available functions by user | |
Restrict the access to destinations by user | |
Change function keys displayed in the Touch Panel by user | |
Specify the operations of the ID & Print function | |
Specify how to manage color printing and operations of this machine when you log out | |
Restrict print jobs without authentication information | |
Print data from the printer driver without using the password |
Register your authentication server on this machine. In addition, change the authentication method of this machine so that authentication is performed using the registered authentication server.
Settings | Description |
---|---|
[External Server Name] | Enter the name of your Active Directory (using up to 32 characters). Assign an easy-to-understand name to the Active Directory to be registered. |
[External Server Type] | Select [Active Directory]. |
[Default Domain Name] | Enter the default domain name of your Active Directory (using up to 64 characters). |
[Timeout] | Change the time-out time to limit a communication with the Active Directory if necessary. [60] sec. is specified by default. |
Settings | Description |
---|---|
[User Authentication] | When performing authentication using an external authentication server, select [ON (External Server)] or [ON (MFP + External Server)]. If you want to configure setting so that you can log in to this machine using its authentication function in consideration of an occurrence of some sort of problem on the external authentication server, select [ON (MFP + External Server)]. |
[Overwrite User Info] | When the external server authentication is used, authenticated user information is also managed on this machine. If the number of users who have executed the external server authentication reaches the maximum number of users this machine can manage, authentication of any new users will not be permitted. Select whether to allow the user to overwrite registered user information for that case. If you select [Allow], the oldest authenticated user information is erased and the new user is registered. [Restrict] is specified by default. |
[Default Authentication Method] | If you have selected [ON (MFP + External Server)] at [User Authentication], select the authentication method you use normally. [ON (External Server)] is specified by default. |
[Ticket Hold Time Setting (Active Directory)] | Change the time to hold the Kerberos authentication ticket if necessary. [600] minutes is specified by default. |
[When Number of Jobs Reach Maximum] | Sets the maximum number of sheets that each user can print. Here, select an operation if the number of sheets exceeds the maximum number of sheets that can be printed.
[Skip Job] is specified by default. |
Settings | Description |
---|---|
[Temporarily Save Authentication Information] | To temporarily save authentication information in the main unit against a case where an external authentication server shuts down, select [Enable]. [Disable] is specified by default. |
[Reconnection Settings] | If necessary, change the time to reconnect to the authentication server.
[Set Reconnect Interval] is specified by default. |
Scan to Home is a function that easily sends the original data scanned in this machine to a shared folder on a server or that on your computer.
In the administrator mode, select [User Auth/Account Track] - [Scan to Home Settings], and then set [Scan to Home Settings] to [Enable] (Default: [Disable]).
This machine supports the single sign-on of Active Directory.
If this machine joins the domain of Active Directory, the user authenticated by Active Directory can use the functions of this machine transparently. For example, once you log in to your computer, you can print data from this machine without setting authentication information in the printer driver.
Settings | Description |
---|---|
[Permission Setting] | Select [ON] to use the single sign-on function. [OFF] is specified by default. |
[Host Name] | Enter the host name of this machine (using up to 253 characters, including only - and . for symbol marks). In the administrator mode, select [Network] - [TCP/IP Setting] - [TCP/IP Setting] - [DNS Host Name], to enter a host name. |
[Domain Name] | Enter the domain name of Active Directory (using up to 64 characters). |
[Account Name] | Enter the account name that has a privilege to participate users in the Active Directory domain (using up to 64 characters). |
[Password] | Enter the password of the account you entered in [Account Name] (using up to 64 characters, excluding spaces and "). |
[Timeout] | Change the time-out time of domain joining processing if necessary. [30] sec. is specified by default. |
The domain joining processing is executed.