Registering LDAP Servers
| | If an LDAP server is implemented in the network, you can search the server for fax numbers or e-mail addresses, and then specify them as destinations or register them in the Address Book. Note also that if send function authentication ( LDAP Server Authentication) is enabled, you must register the server used for authentication. You can register a maximum of five LDAP servers each for searching and for authentication to the machine. Register LDAP servers via the Remote UI. |
1
Start the Remote UI and log in to System Manager Mode.
Starting Remote UI2
Click [Settings/Registration] on the Portal page.
Remote UI Screen3
Click [LDAP Server Settings].
4
Click [Register New Server] for [LDAP Server (For Search)] or [LDAP Server (For Authentication)].
LDAP server registration is separated, with registration either for searching or for authentication. To use an LDAP server for searching for fax and e-mail destinations, register if for searching, and to use it for authenticating sending of e-mail or faxes, register it for authenticating.
To edit registered server information
Click a text link under [Server Name] for the edit screen.
To delete registered server information
Click [Delete] on the right of the server name you want to delete
click [OK].
5
Register the LDAP server.
Register the server used for searches
Register the server for searching for fax, e-mail destinations.
[Server Name]
Enter the name to be assigned to the LDAP server.
[Server Address]
Enter the IP address of the LDAP server or enter alphanumeric characters for the host name of the server (example: ldap.example.com).
[Server Address] and DNS To prevent errors from occurring when searching for destinations, make sure to check the following: If the host name is entered for [Server Address], make sure that a DNS server is available in the network. If the IP address is entered for [Server Address], check whether the DNS server supports only forward lookup. If the server supports only forward lookup, select [Do Not Use] or [Use] for [Login Information]. If you select [Use (Security Authentication)], make sure that the DNS server supports reverse lookup. |
[Position to Start Search]
Specify the node in the directory information tree (DIT) that you want to start search from. Leaving the text box blank sets the machine to start search from an arbitrary node selected automatically.
When specifying the node, enter "DC=," followed by a host name (a dot-delimited character string in the Active Directory domain name), and separate each of the entries with a comma. If the domain name is "john.example.com," for example, enter "DC=john,DC=example,DC=com."
[Use TLS]
Select the check box to encrypt communication with the LDAP server using TLS.
This is enabled only when [Use] or [Use (Security Authentication)] is selected in [Login Information]. |
[Port Number]
Enter the port number used for communicating with the LDAP server.
[Search Timeout]
Specify how long the machine searches.
[Login Information]
Select [Do Not Use], [Use], or [Use (Security Authentication)] depending on the type of authentication implemented by the LDAP server. When [Use] or [Use (Security Authentication)] is selected, the user name and password must be specified.
[Do Not Use] | Select not to authenticate the machine using the login information. |
[Use] | Select to authenticate the machine using the login information. |
[Use (Security Authentication)] | Select to use data obtained by Kerberos, a network authentication protocol, for the authentication password. If this setting is selected, the clock of the machine needs to be synchronized with that of the LDAP server. |
[Display Authentication Screen When Searching]
Select the check box to require the user to enter the user name and password when a search is requested. If the [Use Same Authentication Information as When Send Operation Started] check box is selected, the user name and password used for authentication when sending faxes or scans are also used here. If the check box is cleared, authentication is carried out using the information entered in [User Name] and [Password].
[Use Same Authentication Information as When Send Operation Started]
Set whether the authentication information when the fax or scan function was used is also used when searching. This check box is normally displayed selected; however, it is only valid when the [Display Authentication Screen When Searching] check box is selected.
[User Name]
Enter the user name of the machine that was registered to the LDAP server.
When [Use] is selected for [Login Information], enter the user name in the form "(domain name)\(user name)" (example: domain1\user1).
When [Use (Security Authentication)] is selected, enter the user name only (example: user1).
[Set/Change Password]
To specify or change the password, select the check box and enter alphanumeric characters in the [Password] text box.
[Domain Name]
When [Use (Security Authentication)] is selected for [Login Information], enter alphanumeric characters for the directory tree name in Active Directory (example: example.com).
[Confirm TLS Certificate for LDAP Server Access]
Select the check box to verify the certificate when encrypting communication with the LDAP server using TLS. Also, select the [Add CN to Verification Items] check box as necessary.
Registering the authentication server
If the use of the fax and scan functions is restricted, register the server used for authentication.
[Server Name]
Enter the name to be assigned to the LDAP server.
[Server Address]
Enter the IP address of the LDAP server or enter alphanumeric characters for the host name of the server (example: ldap.example.com).
[Server Address] and DNS To prevent errors from occurring when searching for destinations, make sure to check the following: If the host name is entered for [Server Address], make sure that a DNS server is available in the network. If the IP address is entered for [Server Address], check whether the DNS server supports only forward lookup. If the server supports only forward lookup, select [Use] for [Login Information]. If you select [Use (Security Authentication)], make sure that the DNS server supports reverse lookup. |
[Position to Start Search]
Specify the node in the directory information tree (DIT) that you want to start search from. Leaving the text box blank sets the machine to start search from an arbitrary node selected automatically.
When specifying the node, enter "DC=," followed by a host name (a dot-delimited character string in the Active Directory domain name), and separate each of the entries with a comma. If the domain name is "john.example.com," for example, enter "DC=john,DC=example,DC=com."
[Use TLS]
Select the check box to encrypt communication with the LDAP server using TLS.
This is enabled only when [Use] is selected in [Login Information]. |
[Port Number]
Enter the port number used for communicating with the LDAP server.
[Authentication/Attribute Acquisition Timeout]
Specify how long authentication and attribute acquisition can continue.
[User Name Attribute]
Enter the attribute name, to be compared with a user name entered during authentication, of alphanumeric characters (Example: "sAMAccountName").
Not required if [Use (Security Authentication)] is selected in [Login Information]. |
[E-Mail Address Attribute]
Enter the attribute name, to be used for obtaining an e-mail address from the authentication server, of alphanumeric characters (Example: "mail").
[Login Information]
Select [Use] or [Use (Security Authentication)] depending on the type of authentication implemented by the LDAP server.
[Use] | Select to authenticate the machine using the System Manager ID. |
[Use (Security Authentication)] | Select to use data obtained by Kerberos, a network authentication protocol, for the authentication password. If this setting is selected, the clock of the machine needs to be synchronized with that of the LDAP server. |
[Use System Manager ID]
If [Use] is selected in [Login Information], this specifies whether authentication using the system manager ID is used. To use the system manager ID, select the check box and specify the user name and password for used for authentication. If you deselect the check box, login is anonymous (no user name).
[User Name]
Enter the user name of the machine that was registered to the LDAP server in the form "(domain name)\(user name)" (example: domain1\user1).
[Set/Change Password]
To specify or change the password, select the check box and enter alphanumeric characters in the [Password] text box.
[Domain Name]
When [Use (Security Authentication)] is selected for [Login Information], enter alphanumeric characters for the directory tree name in Active Directory (example: example.com).
[Confirm TLS Certificate for LDAP Server Access]
Select the check box to verify the certificate when encrypting communication with the LDAP server using TLS. Also, select the [Add CN to Verification Items] check box as necessary.
6
Click [OK].
LINKS