HP CM4730 manual Same CA, Port, Binds, Use Ldap, Administrators To construct it Credentials

Page 53

Table 3-8LDAP Authentication (continued)

Callout

Area on the screen

Information or capability that the area provides

 

 

 

2

LDAP Server Bind

The LDAP Server Bind Method setting determines how the device will access the

 

Method

LDAP server. Contact your LDAP server administrator to determine which method

 

 

will work best for you.

 

 

Simple - The selected LDAP server does not support encryption. Note that the

 

 

password, if any, will be sent unencrypted across the network.

 

 

Simple over SSL - The selected LDAP server supports encryption using the

 

 

Secure Sockets Layer (SSL) protocol. All data, including the username and

 

 

password, will be encrypted. The LDAP server must be set up to support SSL,

 

 

including configuring a certificate that establishes its identity.

 

 

Also, the device network interface must be configured with a Certificate Authority

 

 

(CA) certificate to validate the LDAP server. The CA certificate is configured on

 

 

the Networking tab of the Web interface. In some LDAP server configurations,

 

 

a client certificate is also required and is configured on the same Networking

 

 

tab.

 

 

 

3

LDAP Server

The LDAP Server setting is the host name or IP address of the LDAP server to be

 

 

used to authenticate device users. When using SSL, the name or address typed here

 

 

must match the name in the certificate that the server sends.

 

 

Multiple servers can be included in this field by separating their addresses with a

 

 

vertical bar ('', ASCII 0x7c) character. This feature can be used, for example, to

 

 

specify primary and backup servers. The network interface only supports a single

 

 

Certificate Authority (CA) certificate, so all the LDAP servers in the list must use the

 

 

same CA.

 

 

 

4

Port

The Port setting refers to the TCP/IP port number on which the server is processing

 

 

LDAP requests. Typically, this is port 389 for Simple binds or 636 for Simple over SSL

 

 

binds.

 

 

 

5

Use Device User's

The Use Device User's Credentials method uses the Bind Prefix, the string that the

 

Credentials

user enters at the control panel, and the Bind and Search Root to construct the User

 

 

DN. The constructed User DN is used to authenticate the user.

 

 

The Bind Prefix setting is the LDAP attribute used to construct the user's

 

 

Distinguished Name (DN) for authentication. This prefix is combined with the

 

 

username typed at the control panel to form the Relative Distinguished Name (RDN).

 

 

Commonly used prefixes are "CN" (for common name) or "UID" (for user identity).

 

 

 

6

Use LDAP

Use Administrator’s Credentials attempts to search for the user’s DN instead of trying

 

Administrator's

to construct it.

 

Credentials

The Administrator DN is the DN (Distinguished Name) of a user who has read access

 

 

 

 

to the LDAP directory. The account entered here does not have to have administrative

 

 

access to the directory. Read access is sufficient.

 

 

The Administrator Password is the password of the user whose user DN was entered

 

 

in the Administrator DN field.

 

 

 

7

Bind and search Root

When the Use Device User’s Credentials method is selected, the Bind and Search

 

 

Root value is used during both phases of authentication. During the credential

 

 

verification phase, this value is combined with the RDN to construct the full

Distinguished Name (DN) of the user. During the user information searching phase, this value is the DN of the LDAP entry where the search begins.

When the Use LDAP Administrator's Credentials method is selected, the Bind and Search Root is only used as a search root. The Search Root of the base of the LDAP directory can be specified, and the device will search the entire LDAP tree for the user object corresponding to the username entered at the device.

Settings

ENWW

LDAP Authentication 43

Page 52 Page 54
Image 53
Page 52 Page 54
Contents HP Color LaserJet CM4730 MFP Page HP Embedded Web Server Trademarks and credits Copyright and WarrantyCopyright Hewlett-Packard Development Company, L.P Table of contents Managing network operation from the Networking screens Setting the digital sending optionsIndex Using the Other Links as a resource103 List of tables List of figures 100 Features What is an embedded Web server?Opening the HP Embedded Web Server HP Web Jetadmin and the HP Embedded Web ServerSystem requirements IPv6 TCP/IP address http//20010ba0000000000000000000001234 To log off as an administrator Login and logoffTo log in as an administrator HP Embedded Web Server Navigating through the HP Embedded Web Server1HP Embedded Web Server Viewing product status from the HP EWS Information screens 1Device Status Device StatusStatus is Out Change SettingsMedia 2Configuration Page screen 1 ConfigurationFollowing information appears 2ConfigurationHP EWS tabs and menus Direct Ports check box 4Supplies Status screen Supplies Status3Supplies Status Size page side that it prints or copies Event LogEvent Log Usage Usage Menus Calibration DiagnosticsToner is less than 100% 6Diagnostics9Device Information screen Device Information10Control Panel Snapshot screen Control Panel Snapshot7Color Usage Job Log Color Usage Job LogPrint PrintPrint screen 8Print Printing a file or updating firmware from the Print screen1Configure Device screen Configure DeviceClick Information Click Sample Pages/Fonts Using the menus on the Configure Device screen1Configure Device 2Tray Sizes/Types Tray Sizes/TypesTray Sizes and Tray TypesE-mail Server Mail ServerMail Server screen Select the Enable Outgoing E-mail check box Configuring outgoing e-mailConfiguring the return e-mail address Alerts screen AlertsAlerts Using the Alerts screen with a product 5Alerts setup screen To configure alerts 6Alerts test screen To test the configuration of a destination listTo delete destinations and destination lists AutoSendAutoSend To turn on the AutoSend featureMail destinations field This file will be created in EnglishLink. For more information, see Login and logoff Set PasswordSecurity Security screen6Security DisabledDevice is printing internal pages Direct Ports7Authentication Manager Authentication ManagerDigital Sending Service DSS Workflow Digital Sending Service DSS Secondary E-mailFuture Installations Future8LDAP Authentication Ldap AuthenticationAccess to the directory. Read access is sufficient Administrators To construct it CredentialsAdministrator DN field Same CAMatch the name entered with the Ldap attribute 11Kerberos Authentication screen Kerberos Authentication9Kerberos Authentication Kerberos Authentication Tasks Select the Settings tab, and then Kerberos Authentication Initializing Kerberos authenticationConfigure Address Settings for Kerberos Authentication Use the MFP control panel for Kerberos Authentication 12Device PIN Authentication screen Device PIN AuthenticationUser PIN Authentication Adding a new user Add New UsersDeleting a user Edit or delete existing usersEditing a user 10Edit Other Links Edit Other LinksRemoving a link Adding a linkClick Add Link Click Remove Selected Link15Device Information screen View Pages in Browser Language11 Language Language 12 Date & Time Date & TimeRefresh Information, see Date/Time FormatClock Drift Correction Date/Time Format19Date & Time clock drift correction screen Select the Enable Clock Drift Correction check box13 Wake Time Wake Time21Restrict Color screen Restrict Color14Restrict Color Using the Restrict Color screen with a productPermission list Application Permission listPermission System User Name 15Restrict Color Color if AllowedType the System User Name in this field PermissionUser Permission List To set System User or Technical Application permissionsColor Usage Job Log ApplicationGeneral Settings screen General SettingsSending tab 1General SettingsSend to Folder 2Send to Folder settingsEditing or viewing a predefined folder Adding a predefined folderRemoving all folders Testing a predefined folderRemoving a predefined folder Mail Settings screen Mail SettingsE-mail Settings Is not responding or is not a valid Smtp Gateway Server3E-mail Settings Message Text Advanced E-mail Settings4Advanced E-mail Settings Mail Address Book tasks Mail Address BookDeleting an e-mail address Adding an e-mail addressEditing an e-mail address Menus Help Fax SettingsFax Settings screen 5Send to Fax 6Advanced Fax Settings Advanced Fax SettingsGeneral Jbig compression and Error Correction on or offIs busy or does not answer Receive9Modem Diagnostics screen Fax Address Book tasks Fax Address BookDeleting a fax number Adding a fax numberEditing a fax number Import an address book Import/ExportSmith, Joe Importing an address bookMail distribution list User recordFax number Fax speed-dialClear address books Export an address book7Addressing Settings Addressing SettingsSimple over SSL AnonymousSimple Custom Exchange 5.5 DefaultsActive Directory Defaults 8Advanced Addressing Settings Advanced Addressing SettingsLog Log9Log 15 Details screen16Troubleshoot screen PreferencesText 10Preferences SettingsGraphics MixedUsing the HP DSS software Overview 1Network SettingsSelect Language Using the Other Links as a resource Shop for Supplies Hp instant supportHow hp instant support works Information you can get from hp instant supportProduct Support My Service Provider and My Service ContractIndex Enww Enww Hewlett-Packard Development Company, L.P
Top Page Image Contents