Home » Dell Manuals » Printers » Dell B3465dnf Mono » Manual Viewer

Dell B3465dnf Mono Smart Card Authentication Client Administrators Guide - Page 25

Smart Card Authentication Client LDAP issues

Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

Troubleshooting 25 ADD THE USER'S GROUP TO THE AUTHORIZATION LIST FOR THE PRINTER Make sure the user's Active Directory group is listed in the Group Authorization List field in the application configuration settings. 1 Access the application configuration settings from the Embedded Web Server. 2 Under the Advanced Settings heading, add the user's Active Directory group to the Group Authorization List field. Separate multiple groups with a comma. 3 Click Apply. Smart Card Authentication Client LDAP issues LDAP lookups fail Try one or more of the following: MAKE SURE PORT 389 (NON‑SSL) AND PORT 636 (SSL) ARE NOT BLOCKED BY A FIREWALL The printer uses these ports to communicate with the LDAP server. The ports must be open for LDAP lookups to work. DISABLE REVERSE DNS LOOKUPS The printer uses reverse DNS lookups to verify IP addresses. If reverse DNS lookups are not used on your network, then do the following: On printers running the Embedded Solutions Framework (eSF) version 3.0 or later: 1 From the Embedded Web Server, click Settings > Security > Security Setup. 2 From Step 1 under the Advanced Security Setup heading, click Kerberos 5. 3 Under the Kerberos Settings heading, select Disable Reverse IP Lookups. 4 Click Submit. On printers running eSF version 2.0: 1 Access the application configuration settings from the Embedded Web Server. 2 Under the Advanced Settings heading, select Disable Reverse DNS Lookups. 3 Click Apply. Note: If you are unsure about which version of eSF your printer is running, then see "Checking which version of the Embedded Solutions Framework is installed on a printer" on page 28. IF THE LDAP SERVER REQUIRES SSL, THEN ENABLE SSL FOR LDAP LOOKUPS 1 Access the application configuration settings from the Embedded Web Server. 2 Under the Advanced Settings heading, select Use SSL for User Info. 3 Click Apply.

Section	Page
Contents	2
Overview	3
Configuring Smart Card Authentication Client	4
Configuring printer settings for use with the application	4
Changing the panel login timeout	4
Installing certificates manually	4
Installing certificates automatically	5
Configuring TCP/IP settings	5
Setting the date and time	5
Securing access to the printer	6
Setting up a security template	7
Securing access to the home screen	8
Securing access to individual applications and functions	9
Configuring login screen settings	10
Configuring manual login setup settings	10
Configuring Smart Card setup settings	11
Configuring advanced settings	13
Configuring User Validation Mode settings	14
Troubleshooting	15
Smart Card Authentication Client login issues	15
“A card reader was not detected on this device” error message	15
Make sure a supported Smart Card reader is attached	15
Allow users to log in manually	15
“Unsupported USB Device” error message when a Smart Card reader is attached to the printer	15
Make sure that the Smart Card reader is supported	15
Make sure that the required firmware version is installed	15
Make sure that all required applications are installed and running	15
“An error occurred while reading the card. Remove your card and try again” error message	15
Check the system log for relevant details	15
“Your card has been locked out from future login attempts” error message	16
Reset or replace the card	16
“An error occurred while checking your PIN. Remove your card and try again” error message	16
Check the system log for relevant details	16
User is unable to log in manually	16
Make sure the Manual Login Domain(s) field are specified	16
User is logged out almost immediately after logging in	16
Increase the panel login timeout interval	16
The printer home screen fails to return to a locked state when not in use	17
Make sure all required applications are installed and running	17
Make sure the home screen or home screen icons are secured	17
Smart Card Authentication Client authentication issues	17
“Authentication failed” error message	17
Check the system log for relevant details	17
“Kerberos configuration file has not been uploaded” error message	17
Make sure the Kerberos configuration file is installed	17
“Kerberos configuration file is not properly formatted” error message	18
Modify the installed Kerberos configuration file	18
“Unable to authenticate. Check Kerberos configuration file to verify Windows support enabled” error ...	18
Make sure the Windows domain is specified	18
“Unable to generate certificate from card” or “Unable to read certificate information from card” err ...	18
Check the certificate on the Smart Card	18
“The domain controller did not respond within the required time; the domain controller timeout may n ...	19
Increase the domain controller timeout	19
Make sure the domain controller IP address or host name is correct	19
Make sure the domain controller is available	19
Make sure Port 88 is not blocked by a firewall	19
“The domain controller issuing certificate has not been installed” error message	20
Make sure the correct certificates are installed on the printer	20
“The realm on the card was not found in the Kerberos configuration file” or “User’s realm was not fo ...	20
Add the missing realm or modify the incorrect realm	20
“Unable to authenticate. Verify the realm was specified in UPPERCASE” error message	20
Make sure the Kerberos realm is in uppercase	20
“Unable to contact the domain controller for the user’s realm” error message	21
Check the domain, realm, and domain controller in the Kerberos configuration file	21
“Domain controller and device clocks are different beyond an acceptable range. Check the device's da ...	21
Check the date and time on the printer	21
“Unable to validate certificate from domain controller” error message	21
Make sure the correct certificates are installed on the printer	21
Check the domain controller validation method	22
“An error occurred during domain controller chain validation” or “At least one of the certificates i ...	22
Check the certificates installed on the printer	22
“The OCSP responder URL or certificate has not been configured” error message	22
Check the OCSP responder URL and responder certificate	22
“An error occurred while trying to connect to the OCSP responder” error message	23
Check the OCSP responder URL	23
Increase the responder timeout	23
“The status of at least one of the certificates in the domain controller certificate chain is unknow ...	23
Check the certificates installed on the printer	23
Allow users to log in if the certificate status is unknown	23
“The OCSP responder certificate, stored on the printer, does not match the one returned by the respo ...	24
Check the OCSP responder certificate	24
Check the certificate returned from the OCSP responder	24
“An error occurred while trying to validate the domain controller certificate against the OCSP respo ...	24
Check the domain controller certificate	24
Check the OCSP responder	24
“The user is not authorized to use this device. Make sure the user belongs to an Active Directory gr ...	24
Add the user to an authorized Active Directory group	24
Add the user’s group to the authorization list for the printer	25
Smart Card Authentication Client LDAP issues	25
LDAP lookups fail	25
Make sure Port 389 (non-SSL) and Port 636 (SSL) are not blocked by a firewall	25
Disable reverse DNS lookups	25
If the LDAP server requires SSL, then enable SSL for LDAP lookups	25
Narrow the LDAP search base	26
Verify that the LDAP attributes being searched for are correct	26
Smart Card Authentication Client licensing issues	26
License error	26
Make sure the application is licensed	26
Make sure the license is up-to-date	26
Appendix	27
Configuring applications using the Embedded Web Server	27
Accessing application configuration settings using the Embedded Web Server	27
Licensing the application	27
Licensing applications	27
Exporting and importing configuration files	27
Exporting and importing a configuration using the Embedded Web Server	27
Checking the Embedded Solutions Framework version	28
Checking which version of the Embedded Solutions Framework is installed on a printer	28
Notices	29
Edition notice	29
Trademarks	29
GOVERNMENT END USERS	29
GNU Lesser General Public License	29
Dell End-User License Agreement	29
Additional copyrights	32