HP CM3530 HP Color LaserJet CM3530 MFP Embedded Web Server - User Guide - Page 61

Kerberos Authentication Tasks, Initializing Kerberos authentication

Get HP CM3530 - Color LaserJet MFP Laser PDF manuals and user guides
UPC - 884420196501
View all HP CM3530 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 61 highlights

Table 3-10 Kerberos Authentication (continued) Callout Area on the screen Information or capability that the area provides 11 Port The Port is the IP port used by the LDAP protocol to communicate with the LDAP server. This is typically port 389 or port 3268. 12 Search Root The Search Root is the Distinguished Name (DN) of the entry in the LDAP directory structure where address searching is to begin. A DN is made up of ' attribute=value ' pairs, separated by commas. NOTE: On some LDAP Servers, the Search Root can be left blank (in which case its root node will be assumed). The search root is not case sensitive. 13 Retrieve the device user's email address After the device user has been located in the LDAP using attribute of database, the user's e-mail address is retrieved from the database by using the LDAP attribute specified in the Retrieve the device user's e-mail address using attribute of field. In the Windows Active Directory environment, this attribute is typically mail. 14 and name using the attribute of The user's display name is obtained from the LDAP attribute that is specified in the and name using the attribute of field. In the Windows Active Directory environment, this attribute is typically displayName. Kerberos Authentication Tasks Kerberos is a network authentication protocol. It is designed to provide secure authentication for client/ server applications by using secret keys delivered with session tickets. Before following the initializing and configuring steps, complete the following: 1. Install the Microsoft LDP tool. 2. Discover the LDAP server. 3. Set up LDP. After you have performed these steps, perform the steps in the following section, Initializing Kerberos authentication on page 49. Initializing Kerberos authentication Follow these steps to initialize Kerberos Authentication for your product. NOTE: Embedded Kerberos Authentication uses session tickets in the authentication process. The session tickets are time stamped by both the Key Distribution Center (KDC) and the product. It is essential that the stamped times are within five minutes of each other. This can be accomplished by setting identical time on both the KDC and product. 1. Open the HP EWS in a web browser. 2. Select the Settings tab, and then Kerberos Authentication. ENWW Kerberos Authentication 49

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
Callout
Area on the screen
Information or capability that the area provides
11
Port
The Port is the IP port used by the LDAP protocol to
communicate with the LDAP server. This is typically port
389 or port 3268.
12
Search Root
The Search Root is the Distinguished Name (DN) of the
entry in the LDAP directory structure where address
searching is to begin. A DN is made up of ' attribute=value
' pairs, separated by commas.
NOTE:
On some LDAP Servers, the Search Root can
be left blank (in which case its root node will be assumed).
The search root is not case sensitive.
13
Retrieve the device user's email address
using attribute of
After the device user has been located in the LDAP
database, the user's e-mail address is retrieved from the
database by using the LDAP attribute specified in the
Retrieve the device user's e-mail address using attribute
of field. In the Windows Active Directory environment, this
attribute is typically mail.
14
and name using the attribute of
The user's display name is obtained from the LDAP
attribute that is specified in the and name using the
attribute of field. In the Windows Active Directory
environment, this attribute is typically displayName.
Kerberos Authentication Tasks
Kerberos is a network authentication protocol. It is designed to provide secure authentication for client/
server applications by using secret keys delivered with session tickets.
Before following the initializing and configuring steps, complete the following:
1.
Install the Microsoft LDP tool.
2.
Discover the LDAP server.
3.
Set up LDP.
After you have performed these steps, perform the steps in the following section,
Initializing Kerberos
authentication
on page
49
.
Initializing Kerberos authentication
Follow these steps to initialize Kerberos Authentication for your product.
NOTE:
Embedded Kerberos Authentication uses session tickets in the authentication process. The
session tickets are time stamped by both the Key Distribution Center (KDC) and the product. It is
essential that the stamped times are within five minutes of each other. This can be accomplished by
setting identical time on both the KDC and product.
1.
Open the HP EWS in a web browser.
2.
Select the
Settings
tab, and then
Kerberos Authentication
.
Table 3-10
Kerberos Authentication (continued)
ENWW
Kerberos Authentication
49