HP Color LaserJet CM4730 HP Color LaserJet CM4730 MFP Embedded Web Server - Us - Page 57
Kerberos Authentication Tasks
View all HP Color LaserJet CM4730 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 57 highlights
Table 3-9 Kerberos Authentication (continued) Callout Area on the screen 6 Credentials 7 LDAP Server 8 Port 9 Search Root Information or capability that the area provides The Credentials configuration section is used to determine which credentials will be used to bind (authenticate) to the LDAP server. ● When Use Device User's Credentials is selected, the device users credentials (entered at the control panel of the device) will be used to access the LDAP server. This method has the advantage of not having to store a username and password, which may expire, in the device. ● When Use Public Credentials is selected and user credentials are not available, the Username and Password entered will be used to access the LDAP server. This method should be used if for some reason device users do not have read access to the LDAP data. The LDAP Server is typically the same as the Kerberos Server in the Windows Active Directory Environment. The Port is the IP port used by the LDAP protocol to communicate with the LDAP server. This is typically port 389 or port 3268. The Search Root is the Distinguished Name (DN) of the entry in the LDAP directory structure where address searching is to begin. A DN is made up of ' attribute=value ' pairs, separated by commas. NOTE On some LDAP Servers, the Search Root can be left blank (in which case its root node will be assumed). The search root is not case sensitive. 10 Match the name entered with LDAP When searching for the device user's information in the attribute of LDAP database, the contents of the attribute specified in this field are compared to the username that was typed during authentication. In the Windows Active Directory environment, this attribute is typically sAMAccountName. 11 Retrieve the device user's email address After the device user has been located in the LDAP using attribute of database, the user's e-mail address is retrieved from the database by using the LDAP attribute specified in the Retrieve the device user's e-mail address using attribute of field. In the Windows Active Directory environment, this attribute is typically mail. 12 and name using the attribute of The user's display name is obtained from the LDAP attribute that is specified in the "and name using the attribute of" field. In the Windows Active Directory environment, this attribute is typically displayName. Kerberos Authentication Tasks Kerberos is a network authentication protocol. It is designed to provide secure authentication for client/ server applications by using secret keys delivered with session tickets. Settings ENWW Kerberos Authentication 47