Windows Authentication - Ricoh C2828 Function Manual

Windows Authentication

Specify this authentication when using the Windows domain controller to authenticate users who have their
accounts on the directory server. Users cannot be authenticated if they do not have their accounts in the
directory server. Under Windows authentication, you can specify the access limit for each group registered
in the directory server. The Address Book stored in the directory server can be registered to the machine,
enabling user authentication without first using the machine to register individual settings in the Address
Book. If you can obtain user information, the sender's address (From:) is fixed to prevent unauthorized
access when sending e-mails under the scanner function and forwarding received e-mails.
Windows authentication can be performed using one of two authentication methods: NTLM or Kerberos
authentication. The operational requirements for both methods are listed below.
Operational Requirements for NTLM authentication
To specify NTLM authentication, the following requirements must be met:
• This machine only supports NTLMv1 authentication.
• A domain controller has been set up in a designated domain.
• This function is supported by the operating systems listed below. To obtain user information when
running Active Directory, use LDAP. If SSL is being used, a version of Windows that supports TLS
v1, SSL v2, or SSL v3 is required.
• Windows NT 4.0 Server
• Windows 2000 Server
• Windows Server 2003
Operational Requirements for Kerberos authentication
To specify Kerberos authentication, the following requirements must be met:
• A domain controller must be set up in a designated domain.
• The operating system must be able to support KDC (Key Distribution Center). To obtain user
information when running Active Directory, use LDAP. If SSL is being used, a version of Windows
that supports TLSv1, SSLv2, or SSLv3 is required. Compatible operating systems are listed below.
• Windows 2000 Server
• Windows Server 2003
• During Windows Authentication, data registered in the directory server, such as the user's e-mail
address, is automatically registered in the machine. If user information on the server is changed,
information registered in the machine may be overwritten when authentication is performed.
• Users managed in other domains are subject to user authentication, but they cannot obtain items such
as e-mail addresses.
Windows Authentication
53
3