Configuring Kerberos 5 For Use With Ldap+Gssapi - Lexmark MS610dn Administrator's Manual
Embedded web server-security: administrator's guide
Hide thumbs
Also See for MS610dn:
- Manual (170 pages) ,
- Quick reference (18 pages) ,
- Supplies manual (2 pages)
Table of Contents
Advertisement
Using security features in the Embedded Web Server
To edit an existing LDAP+GSSAPI setup
1
From the Embedded Web Server, click Settings > Security > Security Setup.
2
Under Advanced Security Setup, click LDAP+GSSAPI.
3
Select a setup from the list.
4
Make any needed changes in the LDAP Configuration dialog.
5
Click Modify to save the changes, or Cancel to return to previous values.
To delete an existing LDAP+GSSAPI setup
1
From the Embedded Web Server, click Settings > Security > Security Setup.
2
Under Advanced Security Setup, click LDAP+GSSAPI.
3
Select a setup from the list.
4
Click Delete Entry to remove the profile, or Cancel to return to previous values.
Notes:
•
Click Delete List to delete all LDAP+GSSAPI setups in the list.
•
An LDAP+GSSAPI building block cannot be deleted if it is being used as part of a security template.
Configuring Kerberos 5 for use with LDAP+GSSAPI
Note: This is available only in select printer models.
Though it can be used by itself for user authentication, Kerberos 5 is most often used in conjunction with the LDAP
+GSSAPI building block. While only one Kerberos configuration file (krb5.conf) can be stored on a supported device,
that krb5.conf file can apply to multiple realms and Kerberos Domain Controllers (KDCs). An administrator must
anticipate the different types of authentication requests the Kerberos server might receive, and configure the krb5.conf
file to handle all such requests.
Notes:
•
Because only one krb5.conf file is used, uploading or resubmitting a simple Kerberos file will overwrite the
configuration file.
•
The krb5.conf file can specify a default realm. However, if a realm is not specified in the configuration file, then
the first realm specified will be used as the default realm for authentication.
•
As with any form of authentication that relies on an external server, users will not be able to access protected
device functions if an outage prevents the printer from communicating with the authenticating server.
•
To help prevent unauthorized access, users are encouraged to securely end each session by selecting Log out on
the printer control panel.
Creating a simple Kerberos configuration file
1
From the Embedded Web Server, click Settings > Security > Security Setup.
2
Under Advanced Security Setup, click Kerberos 5.
3
Type the KDC (Key Distribution Center) address or host name in the KDC Address field.
4
Enter the number of the port (between 1 and 88) used by the Kerberos server in the KDC Port field.
17
Hide quick links:
Advertisement
Table of Contents
