Ricoh IM C2000 Series User Manual page 293

registered to the user group that has been created. If more than one DC exists, check whether a
trust relationship between DCs is established.
*2 To resolve the domain name, see the following:
• Check whether [Domain Name] and [DNS Configuration] or [WINS Configuration] is specified
correctly in [Settings]
• Enter the IP address in [Domain Name] to check the connection. If authentication can be performed
using the IP address, check [DNS Configuration] or [WINS Configuration] again.
• If authentication by IP address is not possible, check whether LM/NTLM is set to be denied in the
domain controller security policy or domain security policy. Also check that the port is not closed in
the firewall between the device and the domain controller or in the firewall settings of the domain
controller. When the Windows firewall is enabled, create a new rule that allows communication on
port 137 and port 139 in "Advanced" of the Windows firewall. Open the TCP/IP properties from
the network connection properties, select the "Enable NetBIOS Over TCP/IP" check box on the
[Advanced] [WINS] tab, and open port 137.
*3 For Kerberos authentication, check the following:
• Check that "Realm Name", "KDC Server Name", "Domain Name" are specified correctly in
[Settings] [Machine Features Settings]
[Program / Change / Delete Realm]. Enter "Realm Name" in upper case.
• Configure the setting so that the difference in time between the clocks on KDC and device is less
than five minutes. The clock on the machine can be adjusted in [Settings]
Settings] [System Settings]
• Kerberos authentication fails if auto-obtaining of KDC in Windows authentication fails. When auto-
obtaining cannot be activated, switch to manual.
*4 For LDAP settings, check the following:
• Check whether the LDAP server is correctly specified in [Settings]
[System Settings]
Auth.] and Login Name Attribute is registered correctly.
• Check that the representative account is registered in "Authentication"
under [Settings] [Machine Features Settings]
[Program / Change / Delete LDAP Server], and then execute [Connection Test].
See "Programming the LDAP Server", User Guide (Full Version).
• If the connection test fails, check whether [Domain Name] and [DNS Configuration] or [WINS
Configuration] is specified correctly on the [Settings]
Settings] [Interface Settings] tab.
[Machine Features Settings]
[System Settings]
[Timer Settings] tab
[Administrator Tools] tab
When Other Messages Are Displayed
[System Settings]
[Administrator Tools] tab
[Set Time].
[Machine Features Settings]
[User Authentication Management]
"Kerberos Authentication"
[System Settings] [Administrator Tools] tab
[Machine Features Settings]
[Interface Settings] tab.
[Machine Features
[LDAP
[System
291