Server authentication (Active Directory authentication)
Outline
It is one of the user authentication methods using SSO-H. User authentication is performed with the device linked with a domain controller on the network in an Active Directory environment. It is a user authentication where the user is authenticated by the domain on the network when the user logs into the device. In addition to users belonging to the domain that includes the iR device, users belonging to domains that have a reliable relationship with the domain (multi-domain) can also be authenticated. The domain name of the login destination can be selected by the users themselves upon login.
Using one of the options (Net Spot Accountant, imageWARE Accounting Manager, or imageWARE EMC Accounting Management Plug-in) makes it possible to analyze/manage the iR device usage.
The protocol used is as follows.
Kerberos:LLS/RLS/ILS
NTLMV2:WLS(Web Service Login Service)
User information acquisition is done by LDAP, so the Active Directory LDAP port needs to be made accessible. If LDAP connection fails, the authentication will end in error.
No. of supported domains: 200 (unchanged from SSO) Site access supported.
CAUTION:
In the case of using Server Authentication (Active Directory authentication), it is necessary to synchronize the time settings of the Active Directory server and the machine (and the PC for login). If the difference in time setting is 5 minutes or longer, an error will occur at the time of login. (The setting of the allowable difference in time can be changed.)
CAUTION:
Since department ID and password are not assigned to domain users, distributing setting information where the department ID is enabled to a device where the server authentication is enabled may make the device unable to be logged in. If the device has become unable to be logged in, follow "Remedy to Be Performed When the Device Has Become Unable to Be Logged in" in this manual.