Specifying the Authorized Send Settings

Authorized Send is a security feature that uses an LDAP server in the network to prevent unauthorized e-mails, files, or faxes. With this feature, users are required to authenticate themselves with their own logon information, which is registered to the LDAP server, before sending documents. Authorized Send also enables you to restrict the sending of documents only to registered destinations or completely prohibit users from sending documents.
NOTE
System Requirements
LDAP servers that are supported by the machine are Windows Server 2003/Server 2008/Server 2012 Active Directory.
The machine communicates with LDAP servers using LDAPv3.
UTF-8 is the supported character encoding used when the text data is transmitted between the machine and an LDAP server.
Authorized Send is not available in an IPv6 environment.
1
Start the Remote UI and log on in System Manager Mode. Starting the Remote UI
2
Click [Settings/Registration].
3
Click [Network Settings]  [LDAP Server Settings].
4
Click [Register New Server...] in [LDAP Server (For Authentication)].
NOTE:
To edit registered server information
Click a text link under [Server Name] for the edit screen.
To delete registered server information
Click [Delete] on the right of the server name you want to delete  click [OK].
5
Specify the required settings.
[Server Name]
Enter up to 24 alphanumeric characters for the LDAP server name.
[Server Address]
Enter the IP address of the LDAP server or enter up to 47 alphanumeric characters for the host name of the server (Example: ldap.example.com).
IMPORTANT:
[Server Address] and DNS
To prevent errors from occurring when searching for destinations, make sure to check the following:
If the host name is entered for [Server Address], make sure that a DNS server is available in the network.
If the IP address is entered for [Server Address], check whether the DNS server supports only forward lookup. If the server supports only forward lookup, select [Use] for [Login Information:]. If you select [Use (Security Authentication)], make sure that the DNS server supports reverse lookup.
[Position to Start Search:]
Specify the node in the directory information tree (DIT) that you want to start search from. Leaving the text box blank sets the machine to start search from an arbitrary node selected automatically.
Depending on the type of characters used, up to 120 characters can be entered.
When specifying the node, enter "DC=", followed by a host name (a dot-delimited character string in the Active Directory domain name), and separate each of the entries with a comma. If the domain name is "john.example.com", for example, enter "DC=john,DC=example,DC=com."
[Port Number:]
Enter the port number used for communicating with the LDAP server. The default port number is 389 unless the [Use TLS] check box is selected.
[Authentication/Attribute Acquisition Timeout:]
Specify how long the machine searches. Enter between 30 and 300 seconds.
[User Name Attribute:]
Specify the user name attribute for a user to logon to the LDAP server. The setting is validate when you select [Use] in [Login Information:]. Up to 64 characters can be entered. Leaving the text box blank sets the machine to specify the user name attribute automatically.
[E-Mail Address Attribute:]
Specify the e-mail address attribute in the LDAP server. The attribute is used to specify the e-mail address when you select [Only Allow Sending to Myself] in [E-Mail Sending:]. Up to 64 characters can be entered. Leaving the text box blank sets the machine to specify the e-mail address attribute automatically.
[Login Information:]
Select [Use] or [Use (Security Authentication)] depending on the type of authentication implemented by the LDAP server.
[Use]
Select to authenticate the machine using the login information.
[Use (Security Authentication)]
Select to use data obtained by Kerberos, a network authentication protocol, for the authentication password. If this setting is selected, the clock of the machine needs to be synchronized with that of the LDAP server (Configuring SNTP).
[Use System Manager ID]
Select the check box to log on with the user name (DN) of the LDAP server's administrator. If the check box is selected, the user name and password must be specified.
[User Name]
When the [Use System Manager ID] check box is selected, enter the user name of the LDAP server's administrator in the form "(user name)" (Example: ldap1).
[Set/Change Password]
To specify or change the password, select the check box and enter up to 24 characters in the [Password:] text box.
[Use TLS]
Select the check box to use TLS for encrypting communication with the LDAP server. If the check box is selected, the [Port Number:] setting changes to "636".
[Domain Name:]
When [Use (Security Authentication)] is selected for [Login Information:], enter up to 120 alphanumeric characters for the directory tree name in Active Directory (Example: example.com).
6
Click [OK].
7
Click [Security Settings]  [Authentication Settings for Send Function]
8
Click [Edit...].
9
Select the [Display Authentication Screen When Sending Operation Starts] check box to enable Authorized Send.
If you want the machine to display a confirmation screen when  is pressed to log off, also select the [Display Confirmation Screen When Logging Out] check box.
10
Specify the settings as necessary.
Specifying settings for sending e-mail
Select whether or not to restrict users from sending e-mails, and specify how users authenticate themselves to the SMTP server.
Specifying settings for sending files
Select whether or not to restrict users from sending files via SMB/FTP, and specify how users authenticate themselves to the shared folder or the file server.
Selecting fax sending
You can enable or disable faxing. Select the setting to suit your needs.
11
Click [OK].
12
Restart the machine.
Turn OFF the machine, wait for at least 10 seconds, and turn it back ON.
3AYU-080