Ricoh IM C530FB User Guide - Page 240
Check that Realm Name, KDC Server Name, Domain Name are specified correctly
View all Ricoh IM C530FB manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 240 highlights
8. Troubleshooting • Check whether "Global Scope" is specified as the scope of the group in a property for the user group created in DC, and the group type specified in "Security". Also check whether an account is registered to the user group that has been created. If more than one DC exists, check whether a trust relationship between DCs is established. *2 To resolve the domain name, see the following: • Check whether [Domain Name Configuration] and [DNS Configuration] is specified correctly in [Settings] [System Settings] [Network/Interface]. • Enter the IP address in [Domain Name Configuration] to check the connection. If authentication can be performed using the IP address, check [DNS Configuration] again. • If authentication by IP address is not possible, check whether LM/NTLM is set to be denied in the domain controller security policy or domain security policy. Also check that the port is not closed in the firewall between the device and the domain controller or in the firewall settings of the domain controller. When the Windows firewall is enabled, create a new rule that allows communication on port 137 and port 139 in "Advanced" of the Windows firewall. Open the TCP/IP properties from the network connection properties, select the "Enable NetBIOS Over TCP/IP" check box on [Advanced] [WINS] tab, and open port 137. *3 For Kerberos authentication, check the following: • Check that "Realm Name", "KDC Server Name", "Domain Name" are specified correctly in [Settings] [System Settings] [Settings for Administrator] [Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [Register/Change/Delete Realm]. Enter "Realm Name" in upper case. • Configure the setting so that the difference in time between the clocks on KDC and device is less than five minutes. The clock on the machine can be adjusted in [Settings] [System Settings] [Date/Time/Timer] [Date/Time] [Set Time]. • Kerberos authentication fails if auto-obtaining of KDC in Windows authentication fails. When autoobtaining cannot be activated, switch to manual. *4 For LDAP settings, check the following: • Check whether the LDAP server is correctly specified in [Settings] [System Settings] [Settings for Administrator] [Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [User Authentication Management] [Custom Authentication] and Login Name Attribute is registered correctly. • Select the server in [Settings] [System Settings] [Settings for Administrator] [Authentication/Charge] [Administrator Authentication/User Authentication/App Auth.] [Register/Change/Delete LDAP Server], press [Register/Change] and set "Authentication" to [Kerberos Authentication], and then execute [Connection Test]. • If the connection test fails, check whether [Domain Name Configuration] and [DNS Configuration] are specified correctly on [Settings] [System Settings] [Network/Interface]. 238