Registering LDAP Servers
If you are using an LDAP server to search for destinations and perform authentication when sending data, register the LDAP server information to the machine. You can register up to five LDAP servers each for searching and for authentication.
Configure these settings using Remote UI from a computer. You cannot use the operation panel to configure the settings.
Administrator privileges are required.
Administrator privileges are required.
Required Preparations |
When specifying an LDAP server with a host name, make sure that a DNS server is available in the network. When specifying an LDAP server with an IP address, check whether the DNS server supports forward or reverse lookup. |
1
Log in to Remote UI in System Manager Mode. Starting Remote UI
2
On the Portal page of Remote UI, click [Settings/Registration]. Portal Page of Remote UI
3
Click [LDAP Server Settings].
The [LDAP Server Settings] screen is displayed.
4
Click [Register New Server] in [LDAP Server (For Search)] or [LDAP Server (For Authentication)].
The [Register New LDAP Server (For Search)] screen or [Register New LDAP Server (For Authentication)] screen is displayed.
5
Set the server name and server address.
In [Server Name], enter a name to identify the LDAP server.
In [Server Address], enter the IP address or host name of the LDAP Server using single-byte alphanumeric characters.
Input example: Host name
ldap.example.com
Input example: Host name
ldap.example.com
Click [Check Connection] to check whether the machine can connect to the LDAP server.
6
Configure the start search position, TLS use, and port number, as needed.
[Position to Start Search]
Specify the start search position in the directory information tree (DIT).
Add "DC=" to each dot-delimited character string in the Active Directory domain name, and separate the entries with a comma.
Input example: When the domain name is "john.example.com"
DC=john,DC=example,DC=com
DC=john,DC=example,DC=com
If left blank, the machine automatically starts search from an arbitrary position.
[Use TLS]
Select this checkbox to encrypt communication with the LDAP server using TLS.
For an LDAP server for search, this is enabled only when [Use] or [Use (Security Authentication)] is selected in [Login Information] in 8 below.
For an LDAP server for authentication, this is enabled only when [Use] is selected in [Login Information] in 8 below.
[Port Number]
Enter the port number used to communicate with the LDAP server.
7
Set the time until timeout and attributes, as needed.
LDAP Server for Search
[Search Timeout]
Enter the time from search start to timeout in seconds.
LDAP Server for Authentication
[Authentication/Attribute Acquisition Timeout]
Enter the time from start of authentication and attribute acquisition to timeout in seconds.
[User Name Attribute]
Enter the attribute name to be compared with a user name entered during authentication using single-byte alphanumeric characters.
Input example:
sAMAccountName
sAMAccountName
* This is not required if [Use (Security Authentication)] is selected in [Login Information] in Step 8.
[E-Mail Address Attribute]
Enter the attribute name to be used for obtaining an e-mail address from the authentication server, using single-byte alphanumeric characters.
Input example:
mail
8
Configure the login information of the LDAP server.
LDAP Server for Search 
[Login Information]
Specify whether to use the login Information for LDAP server authentication.
Specify whether to use the login Information for LDAP server authentication.
When [Use] or [Use (Security Authentication)] is selected, set a user name and password.
To use data obtained with the Kerberos protocol for the authentication password, select [Use (Security Authentication)]. The clock of the machine must be synchronized with that of the LDAP server.
If you specified an IP address for [Server Address] in 5, select as follows according to the support status of your DNS server:
If the DNS server supports only forward lookup, select [Do Not Use] or [Use].
If you select [Use (Security Authentication)], make sure that the DNS server supports reverse lookup.
[Display Authentication Screen When Searching]
Specify whether to display the authentication screen for entering the user name and password when searching.
To display the authentication screen, select this checkbox.
To use the user name and password set here for authentication, clear this checkbox.
[Use Same Authentication Information as When Send Operation Started]
Set whether to use the authentication information for searching if authenticated when using the fax or scan function.
This checkbox is selected when the [Display Authentication Screen When Searching] checkbox is selected.
This checkbox is selected when the [Display Authentication Screen When Searching] checkbox is selected.
[User Name]
Enter the user name of the machine that is registered to the LDAP server.
When [Use] is selected for [Login Information], enter the user name in the form "(Windows domain name)\(Windows user name)."
Input example:
example\user1
Input example:
example\user1
When [Use (Security Authentication)] is selected for [Login Information], enter the Windows user name.
Input example:
user1
Input example:
user1
[Set/Change Password]
To set a password, select the checkbox, and enter the password using single-byte alphanumeric characters.
[Domain Name]
When [Use (Security Authentication)] is selected for [Login Information], enter the directory tree name in Active Directory using single-byte alphanumeric characters.
Input example:
example.com
example.com
LDAP Server for Authentication
[Login Information]
Select whether to use System Manager ID or data obtained with the Kerberos protocol for authentication implemented by the LDAP server.
Select whether to use System Manager ID or data obtained with the Kerberos protocol for authentication implemented by the LDAP server.
To use System Manager ID, select [Use].
To use data obtained with the Kerberos protocol for the authentication password, select [Use (Security Authentication)]. The clock of the machine must be synchronized with that of the LDAP server.
If you specified an IP address for [Server Address] in step 5, select as follows according to the support status of your DNS server:
If the DNS server supports only forward lookup, select [Use].
If you selected [Use (Security Authentication)], make sure that the DNS server supports reverse lookup.
[Use System Manager ID]
When [Use] is selected for [Login Information], select whether to use the System Manager ID for authentication.
To use the System Manager ID, select the checkbox and set the user name and password. If you clear the checkbox, logins are anonymous (no user name).
To use the System Manager ID, select the checkbox and set the user name and password. If you clear the checkbox, logins are anonymous (no user name).
[User Name]
Enter the user name of the machine that is registered to the LDAP server in the form "(Windows domain name)\(Windows user name)."
Input example:
example\user1
example\user1
[Set/Change Password]
To set a password, select the checkbox, and enter the password using single-byte alphanumeric characters.
[Domain Name]
When [Use (Security Authentication)] is selected for [Login Information], enter the directory tree name in Active Directory using single-byte alphanumeric characters.
Input example:
example.com
example.com
9
Select whether to verify the certificate when encrypting communication with the LDAP server using TLS.
To verify the certificate, select the [Confirm TLS Certificate for LDAP Server Access] checkbox in [Confirm TLS Certificate for LDAP Server Access].
To add a Common Name (CN) to the verification items, select the [Add CN to Verification Items] checkbox.
10
Click [OK].
The LDAP server is registered.
11
Log out from Remote UI.
 |
Editing Registered Server InformationTo edit the registered information, click the server name you want to edit in [Registered LDAP Server] on the [LDAP Server Settings] screen. |