To use Kerberos Authentication, a realm must be registered beforehand. For details about registering a realm, see Configuring the Realm.
Press the [User Tools] key, and then display the [Administrator Tools] screen.
[System Settings] [Administrator Tools] |
Select the LDAP server you want to register or change.
[Program/Change/Delete LDAP Server] [Program/Change] Select [*Not Programmed] or the LDAP server you want to change |
Enter the LDAP server name.
[Name] Enter the LDAP server name [OK] |
Enter either the host name or IPv4 address of the LDAP server using up to 128 characters.
[Server Name] Enter either the host name or IPv4 address [OK] |
Select a root folder to start a search.
[Search Base] Select a root folder to start a search [OK] |
You can search for e-mail addresses registered to a selected folder.
For example, if the search target is the sales department of ABC company, enter "dc=sales department, o=ABC". (In this example, the description is for an active directory. "dc" is for the organization unit, and "o" is for the company.)
Registering a search base may be required depending on your server environment. If it is required, unspecified searches will result in an error.
Check your server environment and enter any required specifications.
Specify a port number for communicating with the LDAP server.
[Port Number] Enter the port number [OK] |
Specify whether or not to use SSL when communicating with the LDAP server.
[Use Secure Connection (SSL)] [On] or [Off] [OK] |
To use SSL, the LDAP server must support SSL.
If you set SSL to [On], the port number automatically changes to "636".
If you do not enable SSL, security problems may occur. To enable SSL, you must use the printer's settings. For details, see "LDAP Authentication", Security Guide.
Select the authentication method for the LDAP server.
|
The authentication settings must match your server's authentication settings. Check your server settings before configuring this printer.
The administrator account can be used for authentication when you send a search request to the LDAP server. Do not enter the administrator account name and password when using authentication for each individual or search.
[Kerberos Authentication]
An encrypted password is sent to the KDC server where authentication is performed.
[Digest Authentication]
An encrypted password is sent to the LDAP server.
Digest Authentication is available with LDAP version 3.0 only.
[Cleartext Authentication]
An unencrypted password is sent to the LDAP server.
Procedures for setting the user name differ depending on the server environment. Check your server environment before configuring the setting.
Example: Domain Name\User Name, User Name@Domain Name, CN=Name, OU=Department Name, DC=Server Name
You can also connect to the LDAP server using a user name and password stored in the Address Book. For details, see LDAP authentication.
Access the LDAP server to check that a proper connection is established, and then quit the menu.
[Connection Test] [Exit] [OK] |
Check that authentication works according to the authentication settings.
If the connection test fails, check your settings and try again.
This function does not check the search conditions or the search base.
Enter the attributes you want to use when searching for e-mail addresses.
[Search Conditions] [Name] or [Email Address] Enter the attributes you want to use when searching for e-mail addresses [OK] [OK] [OK] |
You can enter an attribute as a typical search keyword (up to 64 characters). Using the entered attributes, the function searches the LDAP server's Address Book.
The attribute value may change depending on the server environment. Check that the attribute value matches with your server environment before specifying it.
You can leave items blank, but you cannot leave attributes blank when searching for e-mail addresses from the LDAP server Address Book.