How User Authentication Works

User Authentication has two user authentication systems; one which connects the machine to an external server, and one which uses the machine by itself. Authentication that links with a server can use an Active Directory environment network or an LDAP server. You can register/edit user data and specify administrator/general user settings in the following location:

Local Device Authentication enables you to access the machine from its control panel or via a Web browser to set user information and user privileges. The authentication information is saved in the memory of the machine.

Server authentication is performed in the external authentication server.

User Authentication includes the following two user authentication systems:

Local Device Authentication

A user authentication system which only uses the machine. Users to be authenticated are registered/managed using a database inside the machine. [This device] is the login destination. Local Device Authentication of the machine can be used with the machine by default.

'Server Authentication + Local Device Authentication'

A user authentication system which includes the functions of both Server Authentication and Local Device Authentication. This is useful for using Server Authentication to authenticate users registered/managed in the external server, and using Local Device Authentication to authenticate temporary users which cannot be added to the external server.

'Active Directory Authentication + Local Device Authentication'

Users belonging to Domain A (which includes the machine), and users belonging to Domain B (which is bi-directionally trusted by Domain A), can be authenticated, and users registered in the machine itself can be authenticated. The user selects the location to log in to (domain name or [This device]) when logging in.

'LDAP Server Authentication + Local Device Authentication'

Users registered/managed on the LDAP server or users registered in the machine can be authenticated. The user selects the locations to log in to (the server name of the LDAP server or [This device]) when logging in.

IMPORTANT
If you want to use Local Device Authentication and Department ID Management at the same time to keep track of the number of printed or scanned sheets for each Department ID, set [Department ID Management] to 'On'. To use Local Device Authentication and Department ID Management at the same time, the information registered for Local Device Authentication and the user information for Department ID Management (Department ID and PINs) must match. If they do not match, the user cannot log in. You cannot use the control card reader with 'Server Authentication + Local Device Authentication'.

IMPORTANT

If you want to use Local Device Authentication and Department ID Management at the same time to keep track of the number of printed or scanned sheets for each Department ID, set [Department ID Management] to 'On'. To use Local Device Authentication and Department ID Management at the same time, the information registered for Local Device Authentication and the user information for Department ID Management (Department ID and PINs) must match. If they do not match, the user cannot log in.

You cannot use the control card reader with 'Server Authentication + Local Device Authentication'.

NOTE
The two user authentication systems can be switched using the Remote UI. (See "Setting the User Authentication Function Environment.") The default setting is 'Local Device Authentication'. Change the user name and password for the Administrator of Local Device Authentication to increase security.