Registering/Editing User Data for Active Directory Authentication

Registering User Data

When the Active Directory Authentication System of SSO-H is being used, login authentication is performed by users that belong to the Active Directory server of the domain specified as the login destination. Contact the Active Directory administrator to register/edit user data for Domain Authentication.

Registering a Active Directory Authentication Administrator

Add a registered Active Directory user to the 'Canon Peripheral Admins' group, or an arbitrary administrator group of Active Directory to make that user a Server Authentication administrator. Follow the procedure below to add the 'Canon Peripheral Admins' group.
1.
Start the Active Directory management tool, "Active Directory Users and Computers."
Adding a Group:
Right-click the container and organizational unit you want to add.
Select [New] → [Group] from the pop-up menu that appears.
In the [New Object - Group] dialog box, enter the group name ('Canon Peripheral Admins') → click [OK].
Adding a User to the Canon Peripheral Admins Group:
Right-click the account of the user you want to add to the 'Canon Peripheral Admins' group.
Select [Add to a group] from the pop-up menu that appears.
Enter 'Canon Peripheral Admins' in the group selection dialog box → click [Check Names].
Confirm that 'Canon Peripheral Admins' is underlined.
Click [OK].

IMPORTANT
When using Active Directory Authentication, you must use [User logon name] registered in the Active Directory server of the domain specified as the login destination. However, the internal processes of SSO-H use [User logon name (pre-Windows 2000)].
NOTE
Do not set 'Canon Peripheral Admins' as the primary group.
07E3-0UF