White Papers
Table Of Contents
- Contents
- Change history
- Overview
- Securing network connections
- Managing devices remotely
- Managing login methods
- Restricting public access to functions, applications, printer management, and security options
- Using local accounts
- Using LDAP or LDAP+GSSAPI
- Using Kerberos
- Using Active Directory
- Creating LDAP, LDAP+GSSAPI, or Active Directory groups
- Editing or deleting LDAP, LDAP+GSSAPI, or Active Directory groups
- Understanding access controls
- Managing certificates
- Managing other access functions
- Securing data
- Troubleshooting
- User is locked out
- User is logged out automatically
- User cannot access applications or functions
- KDC and MFP clocks are out of sync
- Domain controller certificate is not installed
- KDC is not responding within the required time
- LDAP lookups fail
- Make sure that the server and firewall settings are configured to allow communication between the pr ...
- If reverse DNS lookup is not used in your network, then disable it in the Kerberos settings
- If the LDAP server requires SSL, then enable SSL for LDAP lookups
- Narrow the LDAP search base to the lowest possible scope that includes all necessary users
- Make sure that all LDAP attributes that are being searched for are correct
- Notices
- Index
Installing certificates manually
Note: To download the CA
certificate
automatically, see “Installing
certificates
automatically” on page 24.
Before
configuring
Kerberos or domain controller settings, make sure to install the CA
certificate
used for
domain controller validation. If you want to use chain validation for the domain controller certificate, then make
sure to install the entire certificate chain. Each certificate must be in a separate PEM (.cer) file.
1 From the Embedded Web Server, click Settings > Security >
Certificate
Management.
2 From the Manage CA Certificates section, click Upload CA, and then browse to the PEM (.cer) file.
Sample certificate:
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIQY6sV0KL3tIhBtlr4gHG85zANBgkqhkiG9w0BAQUFADBs
…
l3DTbPe0mnIbTq0iWqKEaVne1vvaDt52iSpEQyevwgUcHD16rFy+sOnCaQ==
-----END CERTIFICATE-----
3 Click Save.
Installing certificates automatically
1 From the Embedded Web Server, click Settings > Security > Certificate Management > Configure
Certificate Auto Update.
2 If you are prompted to join an Active Directory domain, then click Join Domain, and then type the domain
information.
3 Select Enable Auto Update.
Note: If you want to install the CA certificate without waiting for the scheduled run time, then select Fetch
Immediately.
4 Click Save.
Viewing, downloading, and deleting a certificate
1 From the Embedded Web Server, click Settings > Security > Certificate Management.
2 Select a
certificate
from the list.
3 Click one or more of the following:
• Delete—Remove a previously stored
certificate.
• Download To File—Download or save the
certificate
as a PEM (.cer)
file.
• Download Signing Request—Download or save the signing request as a .csr file.
• Install Signed Certificate—Upload a previously signed certificate.
Note: To delete multiple
certificates,
select the
certificates,
and then click Delete.
Managing certificates 24