HP Web Jetadmin 10.3 - User Guide

ManualsBrandsHP ManualsSoftwareHP Web Jetadmin Software

431

432

433

434

435

436

437

438

439

440

●

Kerberos: The selected LDAP (Active Directory) Server requires user credentials. A Kerberos ticket

will be obtained from the Kerberos (Active Directory) Server and used to authenticate to the LDAP

Server. The Password will be sent across the network encrypted and will be unreadable to a third

party. In order to use Kerberos as a bind method, you must first configure Kerberos settings. If

using "user's credentials", make sure that Kerberos Authentication is required for email.

●

Kerberos over SSL: The selected LDAP (Active Directory) Server requires user credentials. Using

SSL (Secure Sockets Layer) the password, if any, will be sent across the network encrypted and will

be unreadable to a third party.

2. Set the options for LDAP credentials: The credentials that are used to bind to a specific path (or

subtree) in the LDAP Server. In most cases, this is a user's domain account name and a password. With

the Simple or Simple over SSL methods, the user DN form should be used. In some Windows

environments, the form DOMAIN\username may be used. If the user DN form is used, HP recommends

that the bind path specified in the username match the Search root field. This ensures that the relative

bind distinguished name has sufficient privileges to search from the specified Search root. You can

choose one of the following:

●

Use device user's credentials

●

Use public credentials: Type the user name and password, and then select the Kerberos default

realm or domain.

3. Bind prefix: This is the LDAP attribute used to construct the user's Distinguished Name (DN) for

authentication. This prefix is combined with the username typed at the control panel to form the

Relative Distinguished Name (RDN). Commonly used prefixes are "CN" (for common name) or "UID" (for

user identity).

4. Bind and search root: This is used to validate the user's credentials with the LDAP server. This value is

combined with the RDN to construct the full Distinguished Name (DN) of the user. The string consists of

"attribute=value" pairs, separated by commas. For example:

ou=engineering,o=Hewlett Packard,c=USou=marketing,o=Hewlett

Packard,c=USo=hp.comou=engineering,cn=users,dc=hp,dc=com

NOTE: The Bind prefix and Bind and search root settings are only used if the LDAP server bind

method is set to Simple or Simple over SSL, Use device user credentials is selected, and the user

authenticates to the device via Kerberos authentication.

5. Type the IP address or hostname for the LDAP server whose database contains the centralized address

book in LDAP server.

NOTE: Some MFP devices only recognize IP addresses. In such cases, host names will be converted to

the equivalent IP address.

6. Type the number of the TCP/IP port on the server that receives LDAP requests in Port (usually 389).

7. Set the options for Searching the database:

●

Search root: The Distinguished Name (DN) of the entry in the LDAP directory structure where

address searching is to begin. A DN is made up of attribute=value pairs, separated by

commas. For example:

ou=engineering,o=Hewlett Packard,c=USou=marketing,o=Hewlett

Packard,c=USo=hp.comou=engineering,cn=users,dc=hp,dc=com

ENWW Device Configuration Options for Digital Sending 409