Xerox 3550 manual SMB Authentication Windows NT 4 or Windows 2000/Windows

Page 22

XEROX WorkCentre 3550 Information Assurance Disclosure Paper

5)If the LDAP Query is successful, the user’s email address is placed in the From: field. Otherwise, the

default From: is used.

6)The user may then add recipient addresses by accessing the Address Book on the LDAP server. Please see the User Manual for details. Each addition is a separate session to the LDAP server.

3.2.2.2.SMB Authentication (Windows NT 4 or Windows 2000/Windows 2003)

This is also an option that may be enabled on the device, and is used in conjunction with scan to network and scan to email features. The authentication steps vary somewhat, depending on the network configuration. Listed below are 3 network configurations and the authentication steps.

Basic Network Configuration: Device and Domain Controller are on the same Subnet

Authentication Steps:

1)The device broadcasts an authentication request that is answered by the Domain Controller.

2)The Domain Controller responds back to the device whether or not the user was successfully authenticated.

If (2) is successful, steps 3 – 5 proceed as described in steps 4 – 6 of the Kerberos section.

Device and Domain Controller are on different Subnets, SA defines IP Address of Domain Controller

Authentication Steps:

1)The device sends an authentication request directly to the Domain Controller through the router using the IP address of the Domain Controller.

2)The Domain Controller responds back to the device through the router whether or not the user was successfully authenticated.

If (2) is successful, steps 3 – 5 proceed as described in 4 - 6 of Kerberos section.

Subnet 1

Domain Controller

Router

1

2

2

Subnet 2

 

 

3

WorkCentre or

4

 

WorkCentre Pro

5

LDAP Server

Figure 3-1 SMB Authentication with IP Address

Device and Domain Controller are on different Subnets, SA defines Hostname of Domain Controller Authentication Steps:

 

22

Ver. 1.3, March 2011

Page 22 of 32

Page 21 Page 23
Image 22
Page 21 Page 23
Contents Prepared by Ver .3, March Target Audience Device DescriptionSecurity Aspects of Selected Features Target Audience PurposeDisclaimer Device Description Security-relevant Subsystems Physical PartitioningSecurity Functions allocated to Subsystems Security Functions allocated to SubsystemsMemory Components ControllerPurpose Controller memory componentsController External Connections External ConnectionsUSB Ports USB PortsHardware Fax ModuleScanner Fax Module memory componentsControl and Data Interfaces Local User Interface LUIUser Interface memory components Open-source components System Software StructureOS Layer in the Controller Network Protocols IPv4 Network Protocol StackLogical Access IPSecPort 53, DNS PortsPort 25, Smtp Network PortsPort 68, Dhcp Port 80, HttpPorts 137, 138, 139, Netbios Port 88, KerberosPort 396, Netware Ports 161, 162, SnmpPort 389, Ldap Port 427, SLPIP Filtering System Administrator Login All product configurations Authentication ModelLogin and Authentication Methods User authenticationSMB Authentication Windows NT 4 or Windows 2000/Windows SMB Authentication with IP AddressSMB Authentication with Hostname DdnsPrinting Multifunction models only DiagnosticsSystem Accounts Network Scanning Multifunction models onlySupplies Assistant SMart eSolutionsMeter Assistant SummaryResponses to Known Vulnerabilities IPSec Appendix a AbbreviationsElectrically erasable programmable read only memory Ldap ServerUDP WebUISnmp version / Network Transport support WorkCentre Appendix B Supported MIB ObjectsRFC 1759 Printer MIB Group WorkCentre Additional Capabilities / Application Support WorkCentre RFC 1514 Host Resources MIB group WorkCentreRFC 1213 MIB-II for TCP/IP group WorkCentre Supported MIB ObjectsRFC/Standard Controller SoftwareController Software Printing Description Languages Appendix E References
Top Page Image Contents