Advertisement
Requirements for
authentication
The server can authenticate users managed in other domains, but cannot obtain
information such as an e-mail address.
When Kerberos authentication is enabled together with SSL/TLS, the e-mail address
cannot be obtained.
Even if you edit an authenticated user's information, such as an e-mail address, in the
machine's Address Book, it may be overwritten by the information from the server when
authentication is performed.
If you created a new user in the domain controller and selected "User must change
password at next logon" at password configuration, first log on the computer and change
the password.
If the Guest account on the Windows server is enabled, users not registered in the
domain controller can be authenticated. When this account is enabled, users are
registered in the Address Book and can use the functions available under [* Default
Group].
LDAP authentication
Items
Usable version
Set up a domain controller in the domain you specify.
To obtain user information when Active Directory is running, use
LDAP. It is recommended that communication be encrypted
between the machine and the LDAP server by using SSL/TLS. The
server must support the TLS 1.0/1.1/1.2/1.3 or SSL 3.0 encryption
method. Register the server certificate of the domain controller in
advance.
Creating a Server Certificate
TLS 1.0, TLS 1.1, and SSL 3.0 are disabled by default. To use
TLS 1.0/1.1 or SSL 3.0, enable it on Web Image Monitor.
Data transmission between the machine and the KDC (Key
Distribution Center) server must be encrypted if Kerberos
authentication is enabled.
Encrypting Network Communication
Explanations
LDAP Version 2.0/3.0
Advertisement
