Kerberos: The selected LDAP (Active Directory) Server requires user credentials. A Kerberos ticket will be obtained from the Kerberos (Active Directory) Server and used to authenticate to the LDAP Server. The Password will be sent across the network encrypted and will be unreadable to a third party. In order to use Kerberos as a bind method, you must first configure Kerberos settings. If using "user's credentials", make sure that Kerberos Authentication is required for email.

Kerberos over SSL: The selected LDAP (Active Directory) Server requires user credentials. Using SSL (Secure Sockets Layer) the password, if any, will be sent across the network encrypted and will be unreadable to a third party.

2.Set the options for LDAP credentials: The credentials that are used to bind to a specific path (or subtree) in the LDAP Server. In most cases, this is a user's domain account name and a password. With the Simple or Simple over SSL methods, the user DN form should be used. In some Windows environments, the form DOMAIN\username may be used. If the user DN form is used, HP recommends that the bind path specified in the username match the Search root field. This ensures that the relative bind distinguished name has sufficient privileges to search from the specified Search root. You can choose one of the following:

Use device user's credentials

Use public credentials: Type the user name and password, and then select the Kerberos default realm or domain.

3.Bind prefix: This is the LDAP attribute used to construct the user's Distinguished Name (DN) for authentication. This prefix is combined with the username typed at the control panel to form the Relative Distinguished Name (RDN). Commonly used prefixes are "CN" (for common name) or "UID" (for user identity).

4.Bind and search root: This is used to validate the user's credentials with the LDAP server. This value is combined with the RDN to construct the full Distinguished Name (DN) of the user. The string consists of "attribute=value" pairs, separated by commas. For example:

ou=engineering,o=Hewlett Packard,c=USou=marketing,o=Hewlett Packard,c=USo=hp.comou=engineering,cn=users,dc=hp,dc=com

NOTE: The Bind prefix and Bind and search root settings are only used if the LDAP server bind method is set to Simple or Simple over SSL, Use device user credentials is selected, and the user authenticates to the device via Kerberos authentication.

5.Type the IP address or hostname for the LDAP server whose database contains the centralized address book in LDAP server.

NOTE: Some MFP devices only recognize IP addresses. In such cases, host names will be converted to the equivalent IP address.

6.Type the number of the TCP/IP port on the server that receives LDAP requests in Port (usually 389).

7.Set the options for Searching the database:

Search root: The Distinguished Name (DN) of the entry in the LDAP directory structure where address searching is to begin. A DN is made up of attribute=value pairs, separated by commas. For example:

ou=engineering,o=Hewlett Packard,c=USou=marketing,o=Hewlett Packard,c=USo=hp.comou=engineering,cn=users,dc=hp,dc=com

ENWW

Device Configuration Options for Digital Sending 409

Page 437
Image 437
HP Web Jetadmin Software manual Use device users credentials, Set the options for Searching the database