Filter
Top Products
• Mail Attribute—Type the mail attribute.
• Full Name Attribute—Type the full name attribute.
• Search Base—Specify the node in the LDAP server where user accounts reside. Multiple search bases can be
entered, separated by semicolons.
Note: A search base consists of multiple attributes, such as cn (common name), ou (organizational unit), o
(organization), c (country), or dc (domain), separated by semicolons.
• Search Timeout—Specify a value from 5 to 30 seconds.
• Required User Input—Select either User ID and Password or User ID to specify which credentials a user must
provide when attempting to access a function protected by the LDAP building block.
Device Credentials (optional)
• Use Active Directory Device Credentials—Click to select or clear. When the printer authenticates to the LDAP
server, it can provide Active Directory device credentials in addition to supporting anonymous binding or the
specified credentials in the MFP's Kerberos Username and MFP's Password fields.
• MFP's Kerberos Username—Type the distinguished name of the print server or servers.
• MFP's Password—Type the Kerberos password for the print servers.
Search specific object classes (optional)
• person—Click to select or clear. This specifies that the “person” object class will also be searched.
• Custom Object Class—Click to select or clear. The administrator can define up to three custom search object
classes.
LDAP Group Names
Administrators can associate as many as 32 named groups stored on the LDAP server.
• Group Search Base—Type the name of the group search base.
• For each LDAP+GSSAPI group you want to define, specify the “Short name for group” and the Group Identifier.
• When creating security templates, you will select groups from this setup to control access to device functions.
5 Click Submit.
Using the touch screen
1
From the home screen, touch > Security > Edit Security Setups > Edit Building Blocks > LDAP+GSSAPI.
2 Touch Add Entry.
3 Type a setup name, and then touch Done. This name will be used to identify this particular LDAP+GSSAPI Server
Setup when creating security templates.
4 For Server Address, type the IP address or host name of the LDAP server where authentication will be performed,
and then touch Done. The MFP returns to the General Information screen.
5 Touch General Information, and then adjust the following settings as needed:
• Server Port—Type the port number used to communicate with the LDAP server. The default LDAP port is 389.
• Use SSL/TLS—Select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS.
• Userid Attribute—Type sAMAccountName (default), uid, userid, user‑defined, or cn (common
name).
• Mail Attribute—Type the mail attribute.
28