Ricoh IM 4000 User Guide - Page 297
Check that Realm Name, KDC Server Name, Domain Name are specified correctly
View all Ricoh IM 4000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 297 highlights
When Other Messages Appear • Check whether the name in "Group" is correctly specified including the case-sensitivity in [Settings] [System Settings] [Settings for Administrator] [Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [User Authentication Management] [Windows Authentication]. • Select the user in the address book, press [Edit], and then check that [Unavailable] is specified for each function under the [User Management / Others] tab [User Management] [Available Functions / Applications]. • Check whether "Global Scope" is specified as the scope of the group in a property for the user group created in DC, and the group type specified in "Security". Also check whether an account is registered to the user group that has been created. If more than one DC exists, check whether a trust relationship between DCs is established. *2 To resolve the domain name, see the following: • Check whether [Domain Name Configuration] and [DNS Configuration] or [WINS Configuration] is specified correctly in [Settings] [System Settings] [Network/Interface]. • Enter the IP address in [Domain Name Configuration] to check the connection. If authentication can be performed using the IP address, check [DNS Configuration] or [WINS Configuration] again. • If authentication by IP address is not possible, check whether LM/NTLM is set to be denied in the domain controller security policy or domain security policy. Also check that the port is not closed in the firewall between the device and the domain controller or in the firewall settings of the domain controller. When the Windows firewall is enabled, create a new rule that allows communication on port 137 and port 139 in "Advanced" of the Windows firewall. Open the TCP/IP properties from the network connection properties, select the "Enable NetBIOS Over TCP/IP" check box on [Advanced] [WINS] tab, and open port 137. *3 For Kerberos authentication, check the following: • Check that "Realm Name", "KDC Server Name", "Domain Name" are specified correctly in [Settings] [System Settings] [Settings for Administrator] [Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [Register/Change/Delete Realm]. Enter "Realm Name" in upper case. • Configure the setting so that the difference in time between the clocks on KDC and device is less than five minutes. The clock on the machine can be adjusted in [Settings] [System Settings] [Date/Time/Timer] [Date/Time] [Set Time]. • Kerberos authentication fails if auto-obtaining of KDC in Windows authentication fails. When autoobtaining cannot be activated, switch to manual. *4 For LDAP settings, check the following: • Check whether the LDAP server is correctly specified in [Settings] [System Settings] [Settings for Administrator] [Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [User Authentication Management] [LDAP Authentication] or [Custom Authentication]. 295