SSO-H is an authentication system that runs on the machine. It is necessary to specify the following settings in the machine to use SSO-H for authentication.
Set the items in Network in Preferences (from the Settings/Registration screen). Also, confirm the machine's IP address. For more information, see "Network."
|
NOTE
|
|
If the optional imagePASS is attached to the machine, see the documentation included with the imagePASS.
|
Follow the procedure below to set [Use HTTP] to 'On'. Setting [Use HTTP] to 'On', enables you to access the machine from your Web browser.
Use the control panel of your machine to set up MEAP functions.
|
IMPORTANT
|
|
You cannot connect to the machine via a proxy server. Specify the following settings if you are working in an environment using a proxy server (as these settings differ, depending on the network environment, contact your network administrator).
In the proxy server settings of your web browser, enter the IP address of your machine in the [Exceptions] (addresses that do not use a proxy) list.
Only enter characters in your web browser that can also be entered from the touch panel display of the machine. Otherwise, the characters you enter from your web browser may not be displayed or recognized correctly on the touch panel display.
You cannot use SSO-H if your web browser is not set to enable cookies, JavaScript, and JavaApplet.
By setting [Use HTTP] to 'On', you can open a necessary port. However, it is recommended that it is set to 'Off', if a port is not used. If you leave the port open, an unauthorized user may access the machine.
|
|
NOTE
|
|
The default setting is 'On'.
|
1.
Press 
→ [Preferences].
→ [Preferences].2.
Press [Network] → [TCP/IP Settings] → [Use HTTP].
3.
Press [On].
|
[On]:
|
HTTP server is used.
|
|
[Off]:
|
HTTP server is not used.
|
|
NOTE
|
|
To use SSL, set [Use SSL] in [MEAP Settings] in [License/Other] in [Management Settings].
Settings for [Use SSL] are also applied to the settings for [Use SSL] in [Remote UI] in [Management Settings].
To set [Use SSL] to 'On', it is necessary to set the key pair and server certificate necessary for performing Encrypted SSL communications in [Certificate Settings] in [Management Settings]. For information on generating the key for SSL, see "Generating and Confirming a Key Pair and Device Signature Certificate and User Certificate for Adding Digital Signatures to PDF or XPS Files."
|
4.
Press [OK].
The selected mode is set.
5.
Press [Close].
6.
Turn the main power of the machine OFF, wait 10 seconds, and then turn the power ON.
|
IMPORTANT
|
|
The setting for [Use HTTP] and [Use SSL] is activated only after you restart the machine (the main power switch is turned OFF, and then back ON).For instructions on turning the power ON/OFF, see "Main Power and Control Panel Power."
|
When using SSO-H, it is necessary to synchronize the date and time settings of the authentication server and machine. Set the date and time of the machine in Date & Time Settings to the same date and time set on the authentication server. For more information, see "Current Date and Time."
You can also specify daylight saving settings to automatically advance the standard time of the machine forward by one hour for a certain period each year.
|
IMPORTANT
|
|
If the date and time settings of the authentication server and machine are not synchronized, a login error will occur when using Domain Authentication.
|
|
NOTE
|
|
You can set a time difference of up to 5 minutes (default setting) between the time set on the machine and the time set on the server.
The allowed difference in times can be changed using the settings of Active Directory. However, if more than 5 minutes is specified, the allowed difference will not be changed.
|
Set the machine to use a DNS server in Network in Preferences (from the Settings/Registration screen). For more information, see "Network."
The DNS server that manages the domain name registered in the machine requires the following:
The domain name of the Active Directory server used for authentication (the IP address of the domain controller) must be able to be retrieved.
The DNS server must support SRV records.
The following setting may also be required, depending on the functions you use.
Information for the LDAP service of Active Directory must be registered as an SRV record as follows:
|
Service:
|
'_ldap'
|
|
Protocol:
|
'_tcp'
|
|
Port number:
|
The port number used by the LDAP service of Active Directory
|
|
Host offering this service:
|
Host name of the domain controller that is actually providing the LDAP service of the Active Directory domain (zone)
|
Department ID Management must be set to 'Off' before using SSO-H. For more information, see "Department ID Management."
|
NOTE
|
|
If Department ID Management is set to 'On', a warning message will be displayed on the login screen.
|
Check the language settings of Active Directory and the machine. If the display language of Active Directory and the machine differ, the sender's full name will not be displayed in the destination for e-mail.