user manual

ManualsBrandsHP (Hewlett-Packard) ManualsPrinterCM4730

Callout Area on the screen Information or capability that the area provides

6 Credentials The Credentials configuration section is used to

determine which credentials will be used to bind

(authenticate) to the LDAP server.

●

When Use Device User's Credentials is selected, the

device users credentials (entered at the control

panel of the device) will be used to access the LDAP

server. This method has the advantage of not having

to store a username and password, which may

expire, in the device.

●

When Use Public Credentials is selected and user

credentials are not available, the Username and

Password entered will be used to access the LDAP

server. This method should be used if for some

reason device users do not have read access to the

LDAP data.

7 LDAP Server The LDAP Server is typically the same as the Kerberos

Server in the Windows Active Directory Environment.

8 Port The Port is the IP port used by the LDAP protocol to

communicate with the LDAP server. This is typically port

389 or port 3268.

9 Search Root The Search Root is the Distinguished Name (DN) of the

entry in the LDAP directory structure where address

searching is to begin. A DN is made up of ' attribute=value

' pairs, separated by commas.

NOTE On some LDAP Servers, the Search

Root can be left blank (in which case its root node

will be assumed). The search root is not case

sensitive.

10 Match the name entered with LDAP

attribute of

When searching for the device user's information in the

LDAP database, the contents of the attribute specified in

this field are compared to the username that was typed

during authentication. In the Windows Active Directory

environment, this attribute is typically sAMAccountName.

11 Retrieve the device user's email address

using attribute of

After the device user has been located in the LDAP

database, the user's e-mail address is retrieved from the

database by using the LDAP attribute specified in the

Retrieve the device user's e-mail address using attribute

of field. In the Windows Active Directory environment, this

attribute is typically mail.

12 and name using the attribute of The user's display name is obtained from the LDAP

attribute that is specified in the "and name using the

attribute of" field. In the Windows Active Directory

environment, this attribute is typically displayName.

Kerberos Authentication Tasks

Kerberos is a network authentication protocol. It is designed to provide secure authentication for client/

server applications by using secret keys delivered with session tickets.

Table 3-9 Kerberos Authentication (continued)

ENWW Kerberos Authentication 47

Settings