[Use User Authentication Function:]:
|
Select [Use] to use User Authentication. [Do not use] cannot be selected for the [Local Device Authentication] setting that is enabled by default.
|
[User Authentication System:]:
|
When using Active Directory or an LDAP server, select [Server Authentication + Local Device Authentication].
|
[Authentication Server Type:]:
|
If you selected [Server Authentication + Local Device Authentication], select the type of server to use for authentication.
[Active Directory]:
Uses authentication that is performed in a Windows domain environment.
[LDAP Server]:
Uses authentication that is performed on an LDAP server environment. Set the LDAP server in [LDAP Server Management...]. (See "Registering/Editing LDAP Server Information.")
|
NOTE
|
The settings are only effective after you restart the machine.
|
NOTE
|
If you are using Active Directory authentication, only 'memberOf' can be set for [User Attribute to Browse:].
|
[Search Criteria]:
|
Only [Exact Match] can be set.
|
[Character String]:
|
Enter the name (user group name) of the administrator group.
|
[Role]:
|
Select the role to assign from Base Roles and Custom Roles (Administrator).
|
NOTE
|
Do not set 'Canon Peripheral Admins' as the primary group.
Periods (.) cannot be used in administrator group names.
|
[Search Criteria]:
|
Select the matching criteria to use for comparing the attribute value retrieved from the LDAP server and the user group name entered on this screen when logging in.
|
[Character String]:
|
Enter the name (user group name) of the administrator group.
|
[Role]:
|
Select the role to assign from Base Roles and Custom Roles (Administrator).
|
[Search Criteria]:
|
Exact Match
|
[Character String]:
|
group
|
[Role]:
|
Administrator
|
NOTE
|
When registering user information to a server, follow the registration procedure for that server.
|
[Display Login Screen:]:
|
Set the timing for displaying the login screen.
[Display login screen when operation is started on the device]:
Displays the login screen when a user starts operating the machine.
[Display login screen when functions requiring authentication are selected]:
Displays the login screen when a user uses a function set in [Select Function That Will Require Authentication (Max 32 Functions):].
|
[Select Function That Will Require Authentication (Max 32 Functions):]:
|
If you selected [Display login screen when functions requiring authentication are selected], select the functions that require authentication.
|
[Select Authentication Requirement for Color Copy/Color Print:]:
|
Displays a message prompting the user to log in when performing colour copying/colour printing. Logging in is required to perform colour printing.
|
[Login for Unregistered Users:]:
|
Uses the Guest User role to enable users to log in without entering an ID and password. [Display Login Screen:] must be set to [Display login screen when operation is started on the device].
This setting can be specified when the ACCESS MANAGEMENT SYSTEM is enabled. (See "ACCESS MANAGEMENT SYSTEM Administrator Guide.")
|
[Number of Login Users to Display:]:
|
Sets the number of users that have previously logged in on the login screen to display in a drop-down list. Selecting a user in the drop-down list enables you to omit the procedure for entering the user name. The list is reset when the power of the machine is turned OFF.
[0]:
The drop-down list is not displayed.
[1]:
Only the previous user that logged in is displayed.
[Max (Maximum Number of a Device)]:
Displays a list of all users that have previously logged in.
|
[Printer Driver Management:]:
|
You can set whether to allow users to retain the password entered in the AMS Printer Driver Add-in. If you retain the password, it becomes unnecessary to enter a password in the AMS Printer Driver Add-in after the first time.
This setting can be specified when the ACCESS MANAGEMENT SYSTEM is enabled. (See "ACCESS MANAGEMENT SYSTEM Administrator Guide.")
|
NOTE
|
The settings are only effective after you restart the machine.
|
[Authentication Mode:]:
|
[Standard authentication mode]:
A user name and password must be entered when logging in, regardless of the privileges of the user.
[Guest authentication mode]:
Registered users must enter a user name and password when logging in.
Users that are not registered can also log in using [Log In (General User)], but the settings they can specify are restricted.
[Administrator authentication mode]:
Only allows administrators to log in.
|
[Functions to Restrict:]:
|
[Print from drivers without AMS Printer Driver Add-in]:
Restricts printing from computers in which the AMS Printer Driver Add-in is not installed and computers with an unknown user logged on.
This setting can be specified when the ACCESS MANAGEMENT SYSTEM is enabled. (See "ACCESS MANAGEMENT SYSTEM Administrator Guide.")
[Remote scan]: Restricts the function for scanning data to a computer by using the machine as a scanner. When this function is restricted, the machine does not become online even if [Scanner] is selected on the Main Menu.
|
[Security Settings:]:
|
Set whether to add a device signature to files when transferring files from the machine.
This setting can be specified when the ACCESS MANAGEMENT SYSTEM is enabled. (See "ACCESS MANAGEMENT SYSTEM Administrator Guide.")
|
NOTE
|
The settings are only effective after you restart the machine.
|
[Access Mode within Sites:]:
|
Retrieves Active Directory site information to access the domain controller in the site the machine belongs to. If multiple domain controllers are in the same site as the machine, they are accessed in the same order as the list of domain controllers retrieved from the DNS server.
If this is not selected, Active Directory site information is not retrieved. Domain controllers are accessed in the same order as the list of domain controllers retrieved from the DNS server.
|
[Retrieve Site Information:]:
|
[Only at first time]:
Uses the list of domain controllers retrieved when the machine was logged in to for the first time.
[Every time when device starts up]:
Updates the list of domain controllers every time the machine is started.
|
[Site Access Range:]:
|
[Only site to which device belongs]:
Accesses only domain controllers in the same site as the machine. An error occurs if there are no domain controllers in the same site as the machine.
[Access other sites in addition to site to which device belongs]:
Also accesses domain controllers outside the same site as the machine if there are no domain controllers in the same site as the machine. An error occurs if there are also no domain controllers outside the same site as the machine.
|
IMPORTANT
|
Even when you specify the settings for [Access Mode within Sites:], site information is not retrieved when logging in from a Web browser.
Even when [Only site to which device belongs] is set, the machine may access sites outside the site it belongs to when performing domain controller access during the startup process. However, access to domain controllers in the same site as the machine is prioritized. As an exception, if domain controllers in the same site cannot be accessed but domain controllers outside the site can be accessed, priority is given to accessing domain controllers outside the site.
|
[Authentication System Used for Local Device Authentication:]:
|
[Use CRAM-MD5/MD5]:
Allows to communicate with applications supporting CRAM-MD5 and MD5.
[Use CRAM-MD5]:
Allows only to communicate with applications supporting CRAM-MD5.
|
[Disable integrated authentication]:
|
Disable integrated authentication function, regardless of the authentication method.
|
[Disable integrated authentication using credentials for local device authentication]:
|
Disable integrated authentication when using authentication method of local device authentication.
|
[Disable integrated authentication using credentials for LDAP server authentication]:
|
Disable integrated authentication when using authentication method of LDAP server authentication.
|
IMPORTANT
|
If you disable Integrated Authentication, an authentication error may occur when sending files to personal folders. If you want to disable Integrated Authentication while specifying the personal folders under the home folder, make sure to register authentication information for each user.
You can specify the personal folder settings in [Personal Folder Specification Method] in [Function Settings] (Settings/Registration). For more information, see "Specifying Personal Folders."
|
NOTE
|
The settings are only effective after you restart the machine.
|