Setup and Install

ManualsBrandsHP ManualsSoftwareHP MFP Digital Sending Software 4.9X

Table 3-12 Authentication bind methods

Bind method Description Can be used by

Anonymous The selected LDAP server does not require user credentials to gain

access to the LDAP database

Windows

Novell

Simple The selected LDAP server requires user credentials but does not

support NTLM or SPNEGO.

● The password, if any, is sent non-encrypted across the network.

●

The process requires a username and password.

Windows

Novell

LDAP

Simple over Secure

Channel (SSL)

The selected LDAP server requires user credentials but does not

support NTLM or SPNEGO.

● All data, including the username and password, is encrypted by

using the Secure Sockets Layer (SSL).

● The LDAP server must be set up to support SSL.

Windows

LDAP

Windows Negotiated

(SPNEGO)

The selected LDAP server requires user credentials and supports

SPNEGO and SSL.

●

Use this selection negotiate the strongest authentication protocol

that both the LDAP Server and the DSS server support.

● Kerberos 5 is supported for Active Directory authentication.

●

NTLM is supported for Exchange 5.5 server authentication.

Windows

Search root

The search root is the distinguished name (DN) of the entry in the LDAP directory where the search is

to begin. A DN is made up of 'attribute=value' pairs separated by commas.

In Windows Active Directory Services, the search root normally takes the form:

CN=User s, DC=domai n_name, DC=domai n_suf f i x. To limit the address search even more, for

example, to a single organizational unit (OU), add components to the search root. For example, to

search for users in the “accounting” OU, add “OU=account i ng” to the search root

(OU=account i ng, CN=User s, DC=domai n_name, DC=domai n_suf f i x). By using these methods

to configure the search root that is used in authentication, access to Digital Sending features can be

limited to a subset of users in an organization. Several methods can be used to determine the search

root.

NOTE: On some LDAP servers, the search root can remain blank. In this case, the root node is

assumed to be the starting place.

How to

Use the Configuration Utility Authentication tab to control how users are authenticated when using

the Digital Sending features.

Authentication consists of two interdependent parts. First, the device verifies the user’s credentials by

using the selected authentication method. Then, the device attempts to find the user’s e-mail address

76 Chapter 3 Installation and configuration ENWW