Registering/Editing User Data for Active Directory Authentication
Registering User Data
When Active Directory is used with Server Authentication + Local Device Authentication, login authentication is performed by users that belong to the Active Directory server of the domain specified as the login destination. Contact the Active Directory administrator to register/edit user data.
Registering a Active Directory Authentication Administrator
Add a registered Active Directory user to the 'Canon Peripheral Admins' group, or an arbitrary administrator group of Active Directory to make that user a Server Authentication administrator. Follow the procedure below to add the 'Canon Peripheral Admins' group.
In the following procedures, items displayed on the screens for Windows Server 2012 R2 are used. Depending on your environment, the items you see on the screen may differ.
|
NOTE
|
|
Periods (.) cannot be used in administrator group names.
|
1.
Start the Active Directory management tool, "Active Directory Users and Computers."
Adding a Group:
Right-click the container and organizational unit you want to add.
Select [New] → [Group] from the pop-up menu that appears.
In the [New Object - Group] dialog box, enter the group name ('Canon Peripheral Admins') → click [OK].
Adding a User to the Canon Peripheral Admins Group:
Right-click the account of the user you want to add to the 'Canon Peripheral Admins' group.
Select [Add to a group] from the pop-up menu that appears.
Enter 'Canon Peripheral Admins' in the group selection dialog box → click [Check Names].
Confirm that 'Canon Peripheral Admins' is underlined.
Click [OK].
|
IMPORTANT
|
|
When using Active Directory Authentication, you must use [User logon name] registered in the Active Directory server of the domain specified as the login destination. However, the internal processes of User Authentication use [User logon name (pre-Windows 2000)].
|
|
NOTE
|
|
Do not set 'Canon Peripheral Admins' as the primary group.
|