This machine can utilize an authentication system to enable personalization for user convenience and improved security by limiting user access to functions.

By registering user accounts to the machine, settings can be specified for users individually.

When users use the machine, they must log in to the machine with a user account and password.

This is called "user management," and the person in charge of managing users is called an "administrator."

The term "authentication" is used to refer to both limiting access to functions and managing users.

Unauthorized access can be prevented with an authentication system because users without an account cannot use the functions of the machine at all or can only use some limited functions.

Authentication information can also be used to personalize the machine for each user. You can create personal buttons for the Quick Menu and store password information entered when using functions so that it does not need to be entered a second time.

You can register and delete user accounts and limit the functions that can be used by each user.

The default authentication system that can be used with the machine is "User Authentication." To make full use of the functions of User Authentication, it is necessary to enable the ACCESS MANAGEMENT SYSTEM. (See "ACCESS MANAGEMENT SYSTEM.")

User Authentication includes two authentication systems; "Local Device Authentication," which manages users using the machine by itself, and "Server Authentication + Local Device Authentication," which manages users by connecting with an authentication server (such as Active Directory).

Another authentication system called "DepartmentID Authentication" is also provided.

Use the authentication system that suits your environment.

When performing authentication using User Authentication, the administrator with all privileges is called the "Administrator."

The Administrator can assign a single "role" to each user account.

Roles are "setting groups" that set what functions a user can and cannot use in detail.

The Administrator can create several setting groups that are able to use different functions and assign those groups to users to perform more detailed user management, rather than setting privileges regarding the use of the machine itself.

Examples:

Privileges Regarding Settings/Registration

Local Device Authentication can also be used in conjunction with Department ID Management. In this case, a Department ID can be assigned to each user account to restrict the number of copies for the entire department.

For details on User Authentication, see "Setting User Authentication (for the Administrator)."

When performing authentication using DepartmentID Authentication, the administrator is called the "System Manager."

The Department ID Management authentication function can be used with DepartmentID Authentication. You can manage the users by department or project by registering the Department ID and PIN. The Department ID Management enables you to restrict various functions such as Copy, Print, and Send that each department can use, and the Page Limits for Copy, Scan, and Print for each department.

For details on DepartmentID Authentication, see "Setting Department ID Management (for the System Manager)."

You can set functions that use authentication systems (such as personal folders).

You can also omit the login procedure for each function.

This mode enables you to link information such as the user name and password set for each function by each user with the user information of User Authentication.

You can delete the user setting information that each user is using from the User Setting Information Management Service page. (See "User Setting Information Management (User Setting Information Management Service).")

You can specify what type of authentication method you use for accessing personal folders or external servers, and which user name and password you use as authentication information. (See "Authentication Method Settings for Sending Operations.")

When you are performing user management using a login service such as User Authentication, you can perform secure printing without having to enter a user name and password each time. (See "Simple Authentication Settings for Secure Print.")

This function enables you to use the login information, required to log in to the machine, for other authentications. If the login service you are using supports integrated authentication, it is not necessary for logged in users to perform authentication by entering a login name and password when using functions that are allowed (such as sending to personal folders or accessing LDAP servers and file servers). (See "Accessing the Advanced Box of Another Machine.")

You can disable this function if necessary.

The ACCESS MANAGEMENT SYSTEM enables you to use the machine more conveniently by creating custom roles, etc.

This document assumes that the ACCESS MANAGEMENT SYSTEM has been enabled. (See "ACCESS MANAGEMENT SYSTEM.")

The ACCESS MANAGEMENT SYSTEM is disabled. To enable the ACCESS MANAGEMENT SYSTEM, it is necessary to set [Use ACCESS MANAGEMENT SYSTEM] to 'On' in Settings/Registration.