Skip header
 

Registering or changing the LDAP server

To use Kerberos Authentication, a realm must be registered beforehand. For details about registering a realm, see Configuring the Realm.

1Press the [User Tools] key, and then display the [Administrator Tools] screen.

[System Settings] [Administrator Tools]

2Select the LDAP server you want to register or change.

[Program/Change/Delete LDAP Server] [Program/Change] Select [*Not Programmed] or the LDAP server you want to change

3Enter the LDAP server name.

[Name] Enter the LDAP server name [OK]

4Enter either the host name or IPv4 address of the LDAP server using up to 128 characters.

[Server Name] Enter either the host name or IPv4 address [OK]

5Select a root folder to start a search.

[Search Base] Select a root folder to start a search [OK]

You can search for e-mail addresses registered to a selected folder.

For example, if the search target is the sales department of ABC company, enter "dc=sales department, o=ABC". (In this example, the description is for an active directory. "dc" is for the organization unit, and "o" is for the company.)

Registering a search base may be required depending on your server environment. If it is required, unspecified searches will result in an error.

Check your server environment and enter any required specifications.

6Specify a port number for communicating with the LDAP server.

[Port Number] Enter the port number [OK]

7Specify whether or not to use SSL when communicating with the LDAP server.

[Use Secure Connection (SSL)] [On] or [Off] [OK]

To use SSL, the LDAP server must support SSL.

If you set SSL to [On], the port number automatically changes to "636".

If you do not enable SSL, security problems may occur. To enable SSL, you must use the printer's settings. For details, see "LDAP Authentication", Security Guide.

8Select the authentication method for the LDAP server.

  • If you do not want to use an authentication method:

    [Authentication] [Off]

  • If you want to use an authentication method:

    [Authentication] [On] [Authentication] [Kerberos Authentication], [Digest Authentication], or [Cleartext Authentication] [OK] Specify the authentication information, such as user name and password, as necessary

The authentication settings must match your server's authentication settings. Check your server settings before configuring this printer.

The administrator account can be used for authentication when you send a search request to the LDAP server. Do not enter the administrator account name and password when using authentication for each individual or search.

  • [Kerberos Authentication]

    An encrypted password is sent to the KDC server where authentication is performed.

  • [Digest Authentication]

    An encrypted password is sent to the LDAP server.

    Digest Authentication is available with LDAP version 3.0 only.

  • [Cleartext Authentication]

    An unencrypted password is sent to the LDAP server.

Procedures for setting the user name differ depending on the server environment. Check your server environment before configuring the setting.

Example: Domain Name\User Name, User Name@Domain Name, CN=Name, OU=Department Name, DC=Server Name

You can also connect to the LDAP server using a user name and password stored in the Address Book. For details, see LDAP authentication.

9Access the LDAP server to check that a proper connection is established, and then quit the menu.

[Connection Test] [Exit] [OK]

Check that authentication works according to the authentication settings.

If the connection test fails, check your settings and try again.

This function does not check the search conditions or the search base.

10Enter the attributes you want to use when searching for e-mail addresses.

[Search Conditions] [Name] or [Email Address] Enter the attributes you want to use when searching for e-mail addresses [OK] [OK] [OK]

You can enter an attribute as a typical search keyword (up to 64 characters). Using the entered attributes, the function searches the LDAP server's Address Book.

The attribute value may change depending on the server environment. Check that the attribute value matches with your server environment before specifying it.

You can leave items blank, but you cannot leave attributes blank when searching for e-mail addresses from the LDAP server Address Book.