Server Authentication (LDAP Authentication)
It is one of the user authentication methods using SSO-H. User authentication is performed
with the device linked with the LDAP Server on the network in an LDAP environment.
LDAP server authentication can be used for devices that support MEAP User Preference Service (MEAP Specification Ver.56) and MEAP Application Setting Information Management (MEAP Specification Ver.57).
As for models that do not support MEAP User Preference Service and MEAP Application Setting Information Management , [LDAP Server] cannot be selected as the type of the authentication server on the SSO-H Configuration page. Moreover, it is not possible to access the LDAP Server Management screen and the Add Server screen.
Simple bind (a method where the password is not encrypted) is used as the bind (authentication) between SSO-H and LDAP server. It is therefore strongly recommended to always use SSL connection from a security standpoint.
As for the version of LDAP, only Ver.3 is supported.
ON/OFF of SSL connection can be changed on the LDAP Server Management page.
The time-out value of connection is 60 seconds.
In the case of using LDAP server authentication, the characters entered as the user name are not case-sensitive, but the characters entered as the password are case-sensitive.
In the case of SSO-H, authentication is not allowed when the user name includes "* (asterisk)". If authentication is performed with "* (asterisk)" used in the user name, an authentication error occurs.
CAUTION:
Since department ID and password are not assigned to domain users, distributing
setting information where the department ID is enabled to a device where the server
authentication is enabled may make the device unable to be logged in. If the device has
become unable to be logged in, follow "Remedy to Be Performed When the Device Has
Become Unable to Be Logged in" in this manual.