Advertisement
Authentication method
Requirements for
authentication
Notes when the LDAP server is configured using Active Directory
When Kerberos authentication is enabled together with SSL/TLS, the e-mail
address cannot be obtained.
Anonymous authentication might be available. To improve security, set anonymous
authentication to Disable.
Even if you edit an authenticated user's information, such as an e-mail address, in the
machine's Address Book, it may be overwritten by the information from the server when
authentication is performed.
Under LDAP authentication, you cannot specify access limits for groups registered in the
server.
Do not use double-byte Japanese, Traditional Chinese, Simplified Chinese, or Hangul
characters when entering the login user name or password. If you use double-byte
characters, you cannot authenticate using Web Image Monitor.
When using the machine for the first time, the user can use Available Functions specified
in [User Authentication Management].
Supports the following authentication methods:
Kerberos authentication
Digest authentication
Cleartext authentication
When you select Cleartext authentication, LDAP simplified
authentication is enabled. Simplified authentication can be performed
with a user attribute (such as cn or uid) instead of the DN.
To use SSL/TLS, the server must support the TLS 1.0/1.1/1.2/1.3
or SSL 3.0 encryption method.
TLS 1.0, TLS 1.1, and SSL 3.0 are disabled by default. To use
TLS 1.0/1.1 or SSL 3.0, enable it on Web Image Monitor.
To use Kerberos authentication, register the realm to distinguish
the network area.
Registering the Realm
Data transmission between the machine and the KDC (Key
Distribution Center) server must be encrypted if Kerberos
authentication is enabled.
Encrypting Network Communication
When you use LDAP, only version 3.0 can use Digest
authentication.
Advertisement
