SSO-H (Single Sign-On H)

This is a login service which can be used in the domain on the Active Directory environment network, in the LDAP server, or in the machine. You can register/edit user data and specify administrator/general user settings in the following location:
Server authentication is performed in the external authentication server.
Local device authentication is stored in the memory of the machine from a Web browser.
SSO-H contains the following functions:
Contains a user authentication system that uses the external server, and has two compatible user authentication systems, which can be used even when there is network trouble and only the machine can be authenticated. These two user authentication systems can be used together or alone.
SSO-H includes the following three user authentication systems:

Server Authentication

Server Authentication includes the following two authentication methods:
Active Directory Authentication
Active Directory Authentication is a user authentication method that logs in to the machine and authenticates the domain on the network by connecting with the domain controller of the Active Directory. In addition to the user that belongs to the domain with the machine, you can authenticate up to 200 users that belong to the domain that is directly related to the domain with the machine. The user selects the domain name when logging in.
LDAP Server Authentication
LDAP Authentication is an authentication method that uses the LDAP server to authenticate the user. The user selects the server name of the LDAP server which you have registered on the LDAP Server Management screen for SSO-H when logging in.

Local Device Authentication

A user authentication system which only uses the machine. Users to be authenticated are registered/managed using a database inside the machine. [This device] is the login destination.

'Server Authentication + Local Device Authentication'

A user authentication system which includes the functions of both Server Authentication and Local Device Authentication. This is useful for using Server Authentication to authenticate users registered/managed in the external server, and using Local Device Authentication to authenticate temporary users which cannot be added to the external server.
'Active Directory Authentication + Local Device Authentication'
Users belonging to Domain A (which includes the machine), and users belonging to Domain B (which is bi-directionally trusted by Domain A), can be authenticated, and users registered in the machine itself can be authenticated. The user selects the location to log in to (domain name or [This device]) when logging in.
'LDAP Server Authentication + Local Device Authentication'
Users registered/managed on the LDAP server or users registered in the machine can be authenticated. The user selects the locations to log in to (the server name of the LDAP server or [This device]) when logging in.

IMPORTANT
If you are logging in as the administrator for Local Device Authentication and the user name and password is still the default setting, the screen to change the password appears when you click [Log In]. Change the password to increase security.
If you want to use Local Device Authentication and Department ID Management at the same time to keep track of the number of printed or scanned sheets for each Department ID, set [Department ID Management] to 'On'. To use Local Device Authentication and Department ID Management at the same time, the information registered for Local Device Authentication and the user information for Department ID Management (Department ID and PINs) must match. If they do not match, the user cannot log in.
You cannot use Server Authentication and Department ID Management at the same time.
You cannot use the control card reader with 'Server Authentication' or with 'Server Authentication + Local Device Authentication'.
NOTE
The three user authentication systems can be switched using a Web browser. (See "Setting the User Authentication System.")
The default setting is 'Server Authentication + Local Device Authentication.' To increase security, set the user authentication system to 'Server Authentication' or change the user name and password of the Local Device Authentication administrator immediately after you start using SSO-H.
13UJ-21R