HP MFP Digital Sending Software (DSS) 5.0 - Configuring DSS to Use Two-Server Authentication

ManualsBrandsHP ManualsSoftwareHP MFP Digital Sending Software 5.0

Page 1 of 5 white paper



Introduction

In some network environments DSS may require two different servers to fully authenticate a user at the MFP

control panel. A Windows authentication server is employed to verify the user’s access, and a second, LDAP,

server is used to retrieve the user’s full name and email address. The secondary user information query is

performed on the LDAP server using bind methods such as “Simple – Non-SSL or SSL” or “Anonymous.”

To configure two-server authentication in DSS 5 the Administrator needs to supply parameters for each

authentication server separately. First, information for the primary authentication server needs to be entered in

the Configuration Utility. Second, an XML document specifying the LDAP query values needs to be edited.

How to Configure DSS

The steps needed to configure DSS are to select a primary authentication method, and then edit the two-server

XML document. The following example uses Windows for the primary authentication and LDAP with

anonymous bind for the second server.

1. Open the Configuration Utility and select the Authentication tab. This is configured the same as

single server authentication and query. When using two-server authentication the “Match the name

entered with this attribute” and “Retrieve the user’s email address using this attribute” text boxes

should remain configured with some non-empty value, but they are not used. These attributes,

along with other information about the LDAP server, will be specified in an XML document instead

of in the Configuration Utility.

white paper

HP Digital Sending

Software 5.01

–

Two-Server Authentication

Security Level: Public

Date Written/Updated December 1

, 2013

Document Summary

 Configuring DSS to use two-server authentication

Summary of content (5 pages)

PAGE 1
white paper HP Digital Sending Software 5.01 – Two-Server Authentication  Security Level: Public Date Written/Updated December 1st, 2013 Document Summary  Configuring DSS to use two-server authentication  Introduction In some network environments DSS may require two different servers to fully authenticate a user at the MFP control panel. A Windows authentication server is employed to verify the user’s access, and a second, LDAP, server is used to retrieve the user’s full name and email address.
PAGE 2
The next several steps involve using a text editor (e.g. Notepad) to edit an XML document. 2. Using a tool such as File Explorer, browse to the DSS installation folder. Within the installation folder, browse to the file Hewlett-Packard\HP Digital Sending Software\FileSystems\Product\Dss\Configuration\HP.Dss.App.Utilities.TwoServerAuthentication.xml. To open this XML document, right-click on the filename and select “Open with…” and then “Notepad.
PAGE 3
The Bind Method is used to indicate if the LDAP server requires credentials (user name and password). Possible values for the BindMethod attribute: anonymous No username and password are required for this server simple Username and password are required, and connection is not encrypted simple-over-SSL Username and password are required, and connection is encrypted using SSL (recommended) windows-negotiated Domain, username, and password are required.
PAGE 4
The BindRoot value is the root LDAP directory location to start a search for user information. Multiple search roots are not supported in DSS 5.01. A typical value might look like “o=companyname.com”. o=hp.com UserMappingMethod defines how the user name entered at the device control panel will be formatted to match the LDAP directory. as-entered Search for the username as entered at the device domain-slash-username Search for Domain\UserName.
PAGE 5
mail displayName Sample XML document using Windows Negotiated authentication
Who We Are
About Us
Company
Careers
Terms & Privacy
Resources
List of Manufacturers
Support
For the Press
Media assets
FAQ
Get in touch
Blog
Email
DMCA
ManualShelf © 2013-2025