Site List Acquisition; Settings For Access Mode In Sites - Canon imageRUNNER ADVANCE C5045 Series Service Manual

2
•
The Active Directory subnet is assumed to be the same subnet as the device sub-net.
In the Active Directory addresses, the Active Directories of the same site are listed.
•
Active Directories of the same subnet as the device are listed first.
•
If there is no Active Directory with the same subnet as the device, Active Directories
•
belonging to different subnets than the device are listed.
The Active Directories within the same site are accessed in order. Note, however,
•
that where there are multiple Active Directories within the same site, access to those
Active Directories will be in the order in which the address list was obtained.
If there is no Active Directory within the same site, if access outside of the site is
•
programmed, Active Directories outside of the site will be accessed in the order in
which the address list was obtained.

Site list acquisition

After booting up, upon the first login by LLS or ILS/ RLS, the site list is obtained from the
Active Directory. In order to obtain the site list from the Active Directory, Active Directory
needs to be accessed in LDAP, so SASL-Kerberos-Bind is used by the login user account. If
authentication by Active Directory should fail, an authentication error will be generated and
the site list will be acquired again from Active Directory upon the next login.
In SSO-H, the Active Directory to be accessed when acquiring the site list cannot be
specified. In other words, if there is no site list, which site's Active Directory is accessed
depends upon the order of the Active Directory addresses returned by DNS. Therefore, when
acquiring the site list, LDAP may access the Active Di rectory of a different site. Therefore, in
such cases, it is sometimes necessary to access across sites or subnets, which means that
LDAP protocol needs to have continuity across sites (subnets) (normally, LDAP is port No.
389). Further, if connection with Active Directory fails when acquiring site information, another
Active Directory will be accessed.
Site information, once it has been acquired, is cached within the device. The life settings of
the cache can be set so that site information in the cache is updated upon the first login after
the device boots up, or so that the cache is not updated once acquired.
2

Settings for access mode in sites

Switching between site internal access mode/ non site internal access mode, as well as
detailed mode settings, are done via DMS or iWEMC. Site internal access mode settings
window (DMS)
The figure below shows a sample of processing Access Mode in Sites.
Sample of Processing Access Mode in Sites
Domain X
4.Access Active 4.Access Active
Directory of same Directory of same
DNS Server A
site
site
records:
DC-Tokyo/DNS
AD 192.168.1.2
172.24.12.2
AD 172.24.12.2
AD 172.24.35.2
2.Get Active 2.Get Active
AD 211.111.1.30
Directory list
SSO-Tokyo 172.24.12.80 Directory list
SSO-Osaka 192.168.1.90
SSO-Hakata 211.111.1.3
3. Access Active 3. Access Active
Directory of same Directory of same
subnet subnet
Site:Tokyo
DC-Osaka/DNS 172.12.12.0/24
172.24.35.0/24
172.168.1.2
SSO-Tokyo
192.168.1.90
Site:Osaka
192.168.1.0/24
1) SSO-Tokyo acquires site lists from Active Directories.
Note, however, that the Active Directories accessed in order to acquire site lists are in the
order in which they were returned by DNS, so there is no guarantee that the same Active
Directory will be accessed as in the initial settings (upon device settings or changes to NW
settings, etc.).
[Site subnet list]
Site: Tokyo: = 172.24.12.0/24, 172.24.35.0/24
2-134
F-2-209 F-2-209
Site:Tokyo::
172.24.12.0/24
172.24.35.0/24
1. When making initial 1. When making initial
Site:Osaka::
settings, obtain site list settings, obtain site list
192.168.1.0/24
and ascertain which
and ascertain which
site the device site the device
Site:Hakata::
belongs to. belongs to.
SSO-Tokyo
211.111.1.0/24
172.24.12.80
DC-Hakata/DNS
211.111.1.30
SSO-Tokyo
Site:Hakata 211.111.1.3
211.111.1.0/24
F-2-210 F-2-210
2-134