HP CM3530 HP Color LaserJet CM3530 MFP Embedded Web Server - User Guide - Page 60
Kerberos Authentication continued
UPC - 884420196501
View all HP CM3530 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 60 highlights
Table 3-10 Kerberos Authentication (continued) Callout Area on the screen 4 Kerberos Server Port 5 Advanced button 6 LDAP Server Bind Method 7 Credentials 8 Bind Prefix 9 Bind and Search Root 10 LDAP Server Information or capability that the area provides (Domain Name Service) and correctly configured. The device will use DNS to look up the first available KDC (Kerberos Domain Controller) on the network. If DNS is not available, the IP address of the Kerberos Server may be used. The Kerberos Server Port is the default IP port used by the Kerberos authentication method. Note that the default is port 88, but this can be different in different network environments. Please contact your IT administrator to determine the appropriate port if the default port does not work. Use the Advanced button to the right of the Kerberos Default Realm field to access the Alternate Domain configuration. Alternate domains are mapped to the default realm. The LDAP Server Bind Method determines how the device will access the LDAP server. The Credentials configuration section is used to determine which credentials will be used to bind (authenticate) to the LDAP server. ● When Use Device User Credentials is selected, the device users credentials (entered at the control panel of the device) will be used to access the LDAP server. This method has the advantage of not having to store a username and password, which may expire, in the device. ● When Use Public Credentials is selected and user credentials are not available, the Username and Password entered will be used to access the LDAP server. This method should be used if for some reason device users do not have read access to the LDAP data. The Bind Prefix setting is the LDAP attribute used to construct the user's Distinguished Name (DN) for authentication. This prefix is combined with the username typed at the control panel to form the Relative Distinguished Name (RDN). Commonly used prefixes are "CN" (for common name) or "UID" (for user identity). NOTE: The Bind Prefix and Bind and Search Root settings are only used if the LDAP Server Bind Method is set to Simple or Simple over SSL, and Use Device User Credentials is selected. The Bind and Search Root value is used to validate the user's credentials with the LDAP server. This value is combined with the RDN to construct the full Distinguished Name (DN) of the user. NOTE: The Bind Prefix and Bind and Search Root settings are only used if the LDAP Server Bind Method is set to Simple or Simple over SSL, and Use Device User Credentials is selected. The LDAP Server is typically the same as the Kerberos Server in the Windows Active Directory Environment. 48 Chapter 3 Configuring the product from the Settings screens ENWW