Registering/Editing LDAP Server Information
This section describes how to register/edit the LDAP server information to be used for LDAP server authentication.
Registering LDAP Server Information
1.
Click [Settings/Registration] → [User Management] → [Authentication Management] → [Preferences].
2.
Click [Edit...] → set LDAP server authentication.
Select [Server Authentication + Local Device Authentication] in [User Authentication System:].
Select [LDAP Server] in [Authentication Server Type:].
3.
Click [LDAP Server Management...].
|
IMPORTANT
|
|
You can click [LDAP Server Management...] only if you select [Server Authentication + Local Device Authentication] for [User Authentication System:] and [LDAP Server] for [Authentication Server Type:].
When clicking [LDAP Server Management...], the display switched to the [LDAP Server Management] screen with settings in [Preferences] stored.
|
4.
Click [Add Server].
5.
Enter the LDAP server information → click [Connection Test].
The content and setting conditions that should be entered are as follows:
|
Item
|
Setting Content
|
Setting Conditions
|
Default Setting
|
|
[Server Name:]
|
Enter the name of the LDAP server.
|
Must be from 1 to 24 characters. You cannot include spaces.
You cannot use "localhost."
|
<Null>
|
|
[Server Address:]
|
Enter the IP address of the LDAP server.
|
Must be from 1 to 48 characters.
You cannot use "127.0.0.1."
|
<Null>
|
|
[Port:]
|
Set the port number that the LDAP server uses.
|
Must be from 1 to 65535 digits. You cannot use zeros.
|
636 (if the [Use SSL] check box is selected.)
389 (if the [Use SSL] check box is selected.)
|
|
[Comments:]
|
Enter comments about the LDAP server.
|
Must be from 1 to 64 characters.
|
<Null>
|
|
[Use SSL]
|
Set whether to use SSL.
|
To use SSL, it is necessary that the LDAP server is set to use SSL.
|
Selected
|
|
[Use authentication information]
|
Set whether to use authentication information to communicate with the LDAP server.
|
When selected: communicate with the LDAP server using the authentication information which is set for [User Name:] and [Password:].
When not selected: communicate with the LDAP server anonymously. It is necessary that the LDAP server is set to allow anonymous accesses.
|
Selected
|
|
[User Name:]
|
Enter Administrator DN registered on the LDAP server
Examples:
uid=Administrator, dc=ldap, dc=com
|
Must be from 1 to 128 characters. You cannot use asterisks.
|
<Null>
|
|
[Password:]
|
Set a password that corresponds with the user name.
|
Must be from 1 to 24 characters.
|
<Null>
|
|
[Attribute Name for Name:]
|
Set the name of the attribute that holds the names of the user in the LDAP server.
Example: uid
|
Must be from 1 to 64 characters. You cannot include spaces or the following symbols (\ / : * ? l < > [ ] ; , = + @ " &).
|
<Null>
|
|
[Starting Point for Search:]
|
Set starting point for search in LDAP server authentication (where to start searching on the directory tree).
|
Must be from 1 to 128 characters.
|
<Null>
|
|
[Attribute Name:]: [E-Mail Address:]
|
Set the name of the attribute used to acquire the e-mail address of the logged-in user (LoginContext: mail).
Example: mail
|
Must be from 1 to 64 characters. You cannot include spaces or the following symbols (\ / : * ? l < > [ ] ; , = + @ " &).
|
<Null>
|
|
[Attribute Name:]: [Display Name:]
|
Set the name of the attribute used to acquire the display names of the logged-in user (LoginContext "cn").
Example: cn
|
Must be from 1 to 64 characters. You cannot include spaces or the following symbols (\ / : * ? l < > [ ] ; , = + @ " &).
|
<Null>
|
|
[Domain Name Setting Method]: [Specify the domain name]
|
Select if you set the domain name of the logged-in user directly (LoginContext "dc").
|
-
|
Selected
|
|
[Domain Name:]
|
Set the domain name of the logged-in user (LoginContext "dc").
|
Must be from 1 to 64 characters. You cannot include spaces or the following symbols (\ / : * ? l < > [ ] ; , = + @ " &).
|
<Null>
|
|
[Domain Name Setting Method]: [Specify the attribute name for domain name acquisition]
|
Select if you acquire the domain name of the logged-in user from the specified attribute.
|
-
|
Not Selected
|
|
[Attribute Name:]
|
Set the name of the attribute used to acquire the domain name of the logged-in user (LoginContext "dc").
|
Must be from 1 to 64 characters. You cannot include spaces or the following symbols (\ / : * ? l < > [ ] ; , = + @ " &). If the domain name cannot be acquired from the specified attribute and the logged-in user's DN contains "dc," the left most attribute value is set as LoginContext "dc." If not still acquired, the value set for [Server Name:] is set as LoginContext "dc."
|
<Null>
|
|
NOTE
|
|
Make sure to set any value except [Comments:], [Starting Point for Search:], and [Domain Name Setting Method] ([Domain Name:] and [Attribute Name:]).
|
6.
Check the connection test, and click [Add].
Editing LDAP Server Information
1.
Click [Settings/Registration] → [User Management] → [Authentication Management] → [Preferences].
2.
Click [Edit...] → [LDAP Server Management...].
3.
Click [Edit...] for the desired LDAP server you want to edit.
4.
Edit the server information → click [Connection Test].
5.
Verify the connection test, and click [Update].
Deleting LDAP Server Information
1.
Click [Settings/Registration] → [User Management] → [Authentication Management] → [Preferences].
2.
Click [Edit...] → [LDAP Server Management...].
3.
Select the check box for the desired LDAP server you want to delete → click [Delete].
