e-ManualTopSite mapHelp

Chapter Top

Available Functions

Overview of Login Services

Default Authentication (Department ID Management)

SSO-H (Single Sign-On H)

System Requirements (SSO-H)

Launching and Closing SMS

Before Launching SMS (Preparation)

Setting Up HTTP Communication

Launching SMS (Log in)

Attention (Launching SMS (Log in))

Closing SMS (Logging Out)

MEAP Application Settings

Installing MEAP Applications

Attention (Installing MEAP Applications)

Uninstalling MEAP Applications

Starting/Stopping MEAP Applications

Starting MEAP Applications

Stopping MEAP Applications

Checking the Details of MEAP Applications

MEAP Application License Settings

Adding License Files

Disabling License Files

Downloading Disabled License Files

Deleting Disabled License Files

Setting Authentication Information for MEAP Applications

System Settings

Changing the MEAP Applet Display Order

Login Service Selection

Uninstalling a Login Service

Setting Enhanced System Applications

Starting/Stopping Enhanced System Applications

Starting Enhanced System Applications
Stopping Enhanced System Applications

Installing Enhanced System Applications

Uninstalling Enhanced System Applications

Checking Information

Checking System Information

Checking Application Information

Checking License Files

Changing the SMS Password

Deleting the MEAP Application Setting Information

Managing MEAP Application Log Data

Downloading Log Data

Deleting Log Data

Setting the SSO-H Function

Before Logging In to SSO-H

Logging In to SSO-H

Menu for Administrators

Setting the User Information for SSO-H

Registering/Editing User Data for Local Device Authentication
Registering/Editing User Data for Active Directory Authentication

Setting the SSO-H Configuration

Setting the User Authentication System
Setting the User Group to Register the Server Administrator
Setting the Access Mode in Sites

Setting the Security for SSO-H

Allowing Administrators to Operate Using the Default Password
Setting Password Restrictions
Setting the Lockout Function
Setting Web Service Authentication System

Menu for General Users

File Formats for Local Device Authentication User Information Files

SDL Format

NetSpot Accountant 3.x Format

NetSpot Accountant 4.x Format

Troubleshooting (SSO-H)

Trouble That May Occur When the Windows Server Firewall Is Set

Other Trouble

List of Error Messages (MEAP)

Errors Relating to the [Login] Page

Errors Relating to the [MEAP Application Management] Page

Errors Relating to the [Install MEAP Application] Page

Errors Relating to the [Authentication Information Settings] Page

Errors Relating to the [License Management] Page

Errors Relating to the [Enhanced System Application Management] Page

Errors Relating to the [Check License] and [Change Password] Pages

Errors Relating to the [MEAP Application Setting Information Management] Page

Errors Relating to the [MEAP Application Log Management] Page

Other Errors

Top » MEAP » Overview of Login Services » SSO-H (Single Sign-On H) » System Requirements (SSO-H)
System Requirements (SSO-H)
07E3-0U5
SSO-H operates with the following system environments:
Windows Server Used for Active Directory Authentication (Domain Controller)
System Requirements for Administrators and General Users
IMPORTANT
To use Active Directory Authentication, you must match the current time on the server in which Active Directory is running with the machine (and the computer to log in with).
When using Server Authentication, make sure you register a Server Authentication administrator. If you do not register a Server Authentication administrator, some settings and management functions may not be available, depending on the application. The registration method differs depending on your system environment.
The user that belongs to the "Canon Peripheral Admins" group on Active Directory is the administrator for Server Authentication by default. (You can also set other groups to the administrator.) Follow the instructions in the manual for Active Directory to create the "Canon Peripheral Admins" group, and then register a Server Authentication administrator.
If the default password is being used, the screen for changing the password is automatically displayed for security purposes. Change the password. (See "Registering/Editing User Data for Local Device Authentication.")
Windows Server Used for Active Directory Authentication (Domain Controller)
A windows server in which Active Directory is installed and a DNS server for name resolution are necessary to use Active Directory Authentication with SSO-H.
Windows Server to Install Active Directory (Domain Controller)
Software
Operating system:
Windows Server 2003 SP2*
Windows Server 2003 R2 SP2*
Windows Server 2008 SP2*
Windows Server 2008 R2
* 64 bit version for the operating system is not supported.
IMPORTANT
This version of SSO-H is compatible with both 128-bit AES (Advanced Encryption Standard) and DES (Data Encryption Standard) as the Kerberos encryption type to be used when performing Domain Authentication. The encryption type automatically switches according to the Active Directory settings. AES is used in an environment that supports both encryption types.
If you use Windows Server 2003 SP2/R2 SP2 for the Active Directory, only the IPv4 communication protocol is supported (IPv6 cannot be used).
Server Ports Used
The following server ports are used when using Active Directory Authentication with SSO-H:
Port Number
Application
53
Communication with the DNS server
88
Domain Authentication with the KDC (Key Distribution Center)
389
LDAP communications with the directory service (Default is 389, but it can be changed to a user-defined port in the LDAP service properties.)
System Requirements for Administrators and General Users
The following system environments are necessary for administrators and general users to use SSO-H via a web browser.
System Requirements
Operating System
Web Browser
Java Runtime Environment
Windows XP Professional SP3
Internet Explorer 7
Internet Explorer 8
Java Runtime Environment 1.5 or later*
Windows Vista SP2
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Windows 7 SP1
Internet Explorer 8
Internet Explorer 9
Windows Server 2003 SP2
Windows Server 2003 R2 SP2
Internet Explorer 7
Internet Explorer 8
Windows Server 2008 SP2
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Windows Server 2008 R2 SP1
Internet Explorer 8
Internet Explorer 9
Mac OS X v 10.5
Safari 4.0.5
Safari 5.0.5
Java 2 Platform Standard Edition 5.0
Mac OS X v 10.6
Safari 4.0.5
Safari 5.0.5
Safari 5.1
Mac OS X Lion
Safari 5.1
* If you use Java Runtime Environment 1.6 with Internet Explorer 9, use Java Runtime Environment 1.6.0_24 or later.
System Requirements (When Using IPv6 Communications)
Operating System
Web Browser
Java Runtime Environment
Windows XP Professional SP3
Internet Explorer 7
Internet Explorer 8
Java Runtime Environment 1.5 or later*
Windows Vista SP2
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Windows 7 SP1
Internet Explorer 8
Internet Explorer 9
Windows Server 2003 SP2
Windows Server 2003 R2 SP2
Internet Explorer 7
Internet Explorer 8
Windows Server 2008 SP2
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Windows Server 2008 R2 SP1
Internet Explorer 8
Internet Explorer 9
* If you use Java Runtime Environment 1.6 with Internet Explorer 9, use Java Runtime Environment 1.6.0_24 or later.
IMPORTANT
For information on obtaining the Java Runtime Environment or Java 2 Platform Standard Edition, see the Oracle Web site.
You must use the user logon name (pre-Windows 2000) registered in Active Directory in order to enter a user name for Domain Authentication. You can use only alphanumeric characters for Domain Authentication.
You cannot use symbols (\ / : * ? l <> [ ] ; , = + . "), or spaces. You can log in only if you use valid characters.
User names and passwords are registered in a database in the machine.
When using the Local Device Authentication system, you can use only alphanumeric characters for the user name.
NOTE
Port number is a default value. If you change the settings, the port number is different. (See "Before Logging In to SSO-H.")
Back to Top