Lexmark X652DE Common Criteria Installation Supplement and Administrator Guide - Page 30

General Information, Device Credentials optional, Search specific object classes optional, LDAP - default username and password

Get Lexmark X652DE - Mfp Taa Gov Compliant PDF manuals and user guides
UPC - 734646093835
View all Lexmark X652DE manuals
Add to My Manuals
Save this manual to your list of manuals

Page 30 highlights

General Information • Setup Name-Used to identify each particular LDAP+GSSAPI Server Setup when creating security templates. • Server Address-The IP address or the hostname of the LDAP server where authentication will be performed. Note: For LDAP+GSSAPI, the LDAP server can be the domain controller, or a separate server. • Server Port-Used to communicate with the LDAP server. The default LDAP port is 389. • Use SSL/TLS-Select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS. • Userid Attribute-Specify either sAMAccountName (the default), uid, userid, user-defined, or cn (common name). • Search Base-The node in the LDAP server where user accounts reside. Multiple search bases can be entered, separated by semi-colons. Note: A Search Base consists of multiple attributes-such as cn (common name), ou (organizational unit), o (organization), c (country), or dc (domain)-separated by semi-colons. • Search Timeout-Specify a value of from 5-30 seconds. • Required User Input-Select either User ID and Password or User ID to specify which credentials a user must provide when attempting to access a function protected by the LDAP building block. Device Credentials (optional) • MFP Kerberos Username- Type the distinguished name of the print server(s). • MFP Password-Type the Kerberos password for the print server(s). Search specific object classes (optional) • Person-Click to select or clear; this specifies that the "person" object class will also be searched. • Custom Object Class-Click to select or clear; the administrator can define up to three custom search object classes (optional). LDAP Group Names • Configure Groups-Administrators can associate as many as 32 named groups stored on the LDAP server, by entering identifiers for those groups under the Group Search Base list. Both the Short name for group, and Group Identifier must be provided. • When creating Security Templates, will pick groups from this setup for controlling access to device functions. 5 Click Submit. Using the touch screen 1 From the home screen, touch Menus > Security > Edit Security Setups > Edit Building Blocks > LDAP +GSSAPI. 2 Select Add Entry. 3 Type a Setup Name, and then touch Next. This name will be used to identify each particular LDAP+GSSAPI Server Setup when creating security templates. 4 For Server Address, type the IP address or hostname of the LDAP server where authentication will be performed, and then touch Next. The MFP will return to General Information. 30

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
General Information
Setup Name
—Used to identify each particular LDAP+GSSAPI Server Setup when creating security templates.
Server Address
—The IP address or the hostname of the LDAP server where authentication will be performed.
Note:
For LDAP+GSSAPI, the LDAP server can be the domain controller, or a separate server.
Server Port
—Used to communicate with the LDAP server. The default LDAP port is 389.
Use SSL/TLS
—Select
None
,
SSL/TLS
(Secure Sockets Layer/Transport Layer Security), or
TLS
.
Userid Attribute
—Specify either
sAMAccountName
(the default),
uid
,
userid
,
user-defined
, or
cn
(common name).
Search Base
—The node in the LDAP server where user accounts reside. Multiple search bases can be entered,
separated by semi-colons.
Note:
A Search Base consists of multiple attributes—such as cn (common name), ou (organizational unit),
o (organization), c (country), or dc (domain)—separated by semi-colons.
Search Timeout
—Specify a value of from 5-30 seconds.
Required User Input
—Select either
User ID and Password
or
User ID
to specify which credentials a user
must provide when attempting to access a function protected by the LDAP building block.
Device Credentials (optional)
MFP Kerberos Username
— Type the distinguished name of the print server(s).
MFP Password
—Type the Kerberos password for the print server(s).
Search specific object classes (optional)
Person
—Click to select or clear; this specifies that the “person” object class will also be searched.
Custom Object Class
—Click to select or clear; the administrator can define up to three custom search object
classes (optional).
LDAP Group Names
Configure Groups
—Administrators can associate as many as 32 named groups stored on the LDAP server,
by entering identifiers for those groups under the
Group Search Base
list. Both the Short name for group,
and Group Identifier must be provided.
When creating Security Templates, will pick groups from this setup for controlling access to device functions.
5
Click
Submit
.
Using the touch screen
1
From the home screen, touch
Menus
>
Security
>
Edit Security Setups
>
Edit Building Blocks
>
LDAP
+GSSAPI
.
2
Select
Add Entry
.
3
Type a Setup Name, and then touch
Next.
This name will be used to identify each particular LDAP+GSSAPI Server
Setup when creating security templates.
4
For Server Address, type the IP address or hostname of the LDAP server where authentication will be performed,
and then touch
Next
. The MFP will return to General Information.
30