White Papers
Table Of Contents
- Contents
- Change history
- Overview
- Securing network connections
- Managing devices remotely
- Managing login methods
- Restricting public access to functions, applications, printer management, and security options
- Using local accounts
- Using LDAP or LDAP+GSSAPI
- Using Kerberos
- Using Active Directory
- Creating LDAP, LDAP+GSSAPI, or Active Directory groups
- Editing or deleting LDAP, LDAP+GSSAPI, or Active Directory groups
- Understanding access controls
- Managing certificates
- Managing other access functions
- Securing data
- Troubleshooting
- User is locked out
- User is logged out automatically
- User cannot access applications or functions
- KDC and MFP clocks are out of sync
- Domain controller certificate is not installed
- KDC is not responding within the required time
- LDAP lookups fail
- Make sure that the server and firewall settings are configured to allow communication between the pr ...
- If reverse DNS lookup is not used in your network, then disable it in the Kerberos settings
- If the LDAP server requires SSL, then enable SSL for LDAP lookups
- Narrow the LDAP search base to the lowest possible scope that includes all necessary users
- Make sure that all LDAP attributes that are being searched for are correct
- Notices
- Index
Creating LDAP, LDAP+GSSAPI, or Active Directory groups
Use groups to customize user access to applications and printer functions.
1 From the Embedded Web Server, click Settings > Security > Login Methods.
2 From the Network Account section, click the LDAP, LDAP+GSSAPI, or Active Directory login method.
3 Click Manage Groups > Add Group.
4 Do either of the following:
Search for the group name or user name
a Select how you want to search for the group in your LDAP server.
b Depending on the search scope selected, type the group name or user name.
c Click Search.
d Select the group you want to add.
e Click Add Selected.
Add a group manually
a Click Manual Add.
b In the Group Name
field,
type the name of the group.
c In the Group Identifier field, type the LDAP identifier for the group.
d Click Submit.
5 Select the group, and then from the Access Controls section, select the functions, menus, and applications
the group can access.
6 Click Save.
Notes:
• To import access controls from another group, click Import Access Controls, and then select a group.
• For more information on access controls, see “Understanding access controls” on page 21.
Editing or deleting LDAP, LDAP+GSSAPI, or Active
Directory groups
1 From the Embedded Web Server, click Settings > Security > Login Methods.
2 Click the LDAP, LDAP+GSSAPI, or Active Directory login method, and then click Manage Groups.
3 Click the group, and then do either of the following:
•
Configure
the access controls, and then click Save.
• Click Delete Group.
Notes:
• To import access controls from another group, click Import Access Controls, and then select a group.
• To delete multiple groups, select the groups, and then click Delete.
Managing login methods 20