e-ManualTopSite mapHelpGlossary

Category Top

Overview of This Function

Overview of Login Services

Default Authentication (Department ID Management)

Login Screens

SSO-H (Single Sign-On H)

Login Screens

System Requirements

SMS (Service Management Service)

SSO-H (Single Sign-On H)

Before Starting SMS (Preparations)

Specifying the SSL Encrypted Communication Settings

Before Logging In to SSO-H

Logging In to SMS

Logging In with the SMS Password

Logging In with the User Name and Password of the Machine

Logging In from the Remote UI Portal

Logging Out from SMS

Managing Applications

Starting/Stopping Applications

Uninstalling Applications

Confirming Application Preferences

Managing Application Licenses

Setting Application Authentication Information

Installing Applications

Managing System Applications and Login Services

Login Service Selection

Uninstalling a Login Service

Starting/Stopping System Applications

Uninstalling System Applications

Installing System Applications

Changing the Login Method for SMS

Confirming System Information

Confirming Application Data

Confirming License Files

Changing the Password

Managing Application Setting Information

Managing Application Logs

Logging In to SSO-H

Menu for Administrators

Setting the User Information for SSO-H

Registering/Editing User Data for Local Device Authentication

Registering/Editing User Data for Active Directory Authentication

Registering/Editing User Data for LDAP Server Authentication

Setting the SSO-H

Setting the User Authentication System

Registering/Editing LDAP Server Information

Setting the User Group to Register the Server Administrator

Specifying the Number of Users Displayed on the Touch Panel Display

Setting the Access Mode in Sites

Setting the Security for SSO-H

Allowing Administrators to Operate Using the Default Password

Setting Password Restrictions

Setting the Lockout Function

Setting Web Service Authentication System

Menu for General Users

File Formats for Local Device Authentication User Information Files

SDL Format

NetSpot Accountant 3.x Format

NetSpot Accountant 4.x Format

Troubleshooting

Trouble That May Occur When the Windows Server Firewall Is Set

Other Trouble

Top » MEAP » Overview of Login Services » SSO-H (Single Sign-On H)
SSO-H (Single Sign-On H)
06RH-20C
This is a login service which can be used in the domain on the Active Directory environment network, in the LDAP server, or in the machine. You can register/edit user data and specify administrator/general user settings in the following location:
Server authentication is performed in the external authentication server.
Local device authentication is performed in the memory of the machine from a Web browser.
SSO-H contains the following functions:
Enables the functions of the machine and MEAP applications, etc., to be used after being authenticated once.
Contains a user authentication system that uses the external server, and has two compatible user authentication systems, which can be used even when there is network trouble and only the machine can be authenticated. These two user authentication systems can be used together or alone.
SSO-H includes the following three user authentication systems:
Server Authentication
Server Authentication includes the following two authentication methods:
Active Directory Authentication
Active Directory Authentication is a user authentication method that logs in to the machine and authenticates the domain on the network by connecting with the domain controller of the Active Directory. In addition to the user that belongs to the domain with the machine, you can authenticate up to 200 users that belong to the domain that is directly related to the domain with the machine. The user selects the domain name when logging in.
LDAP Server Authentication
LDAP Authentication is an authentication method that uses the LDAP server to authenticate the user. The user selects the server name of the LDAP server which you have registered on the LDAP Server Management screen for SSO-H when logging in.
Local Device Authentication
A user authentication system which only uses the machine. Users to be authenticated are registered/managed using a database inside the machine. [This device] is the login destination.
'Server Authentication + Local Device Authentication'
A user authentication system which includes the functions of both Server Authentication and Local Device Authentication. This is useful for using Server Authentication to authenticate users registered/managed in the external server, and using Local Device Authentication to authenticate temporary users which cannot be added to the external server.
'Active Directory Authentication + Local Device Authentication'
Users belonging to Domain A (which includes the machine), and users belonging to Domain B (which is bi-directionally trusted by Domain A), can be authenticated, and users registered in the machine itself can be authenticated. The user selects the location to log in to (domain name or [This device]) when logging in.
'LDAP Server Authentication + Local Device Authentication'
Users registered/managed on the LDAP server or users registered in the machine can be authenticated. The user selects the locations to log in to (the server name of the LDAP server or [This device]) when logging in.

IMPORTANT
If you are logging in as the administrator for Local Device Authentication and the user name and password is still the default setting, the screen to change the password appears when you click [Log In]. Change the password to increase security.
If you want to use Local Device Authentication and Department ID Management at the same time to keep track of the number of printed or scanned sheets for each Department ID, set [Department ID Management] to 'On'. To use Local Device Authentication and Department ID Management at the same time, the information registered for Local Device Authentication and the user information for Department ID Management (Department ID and PINs) must match. If they does not match, the user cannot log in.
You cannot use Server Authentication and Department ID Management at the same time.
You cannot use the control card reader with 'Server Authentication' or with 'Server Authentication + Local Device Authentication'.
NOTE
The three user authentication systems can be switched using a Web browser. (See "Setting the User Authentication System.")
The default setting is 'Server Authentication + Local Device Authentication.' To increase security, set the user authentication system to 'Server Authentication' or change the user name and password of the Local Device Authentication administrator immediately after you start using SSO-H.