e-ManualTopSite mapHelp

Chapter Top

Available Functions

Overview of Login Services

Default Authentication (Department ID Management)

SSO-H (Single Sign-On H)

System Requirements (SSO-H)

Launching and Closing SMS

Before Launching SMS (Preparation)

Setting Up HTTP Communication

Launching SMS (Log in)

Attention (Launching SMS (Log in))

Closing SMS (Logging Out)

MEAP Application Settings

Installing MEAP Applications

Attention (Installing MEAP Applications)

Uninstalling MEAP Applications

Starting/Stopping MEAP Applications

Starting MEAP Applications

Stopping MEAP Applications

Checking the Details of MEAP Applications

MEAP Application License Settings

Adding License Files

Disabling License Files

Downloading Disabled License Files

Deleting Disabled License Files

Setting Authentication Information for MEAP Applications

System Settings

Changing the MEAP Applet Display Order

Login Service Selection

Uninstalling a Login Service

Setting Enhanced System Applications

Starting/Stopping Enhanced System Applications

Starting Enhanced System Applications
Stopping Enhanced System Applications

Installing Enhanced System Applications

Uninstalling Enhanced System Applications

Checking Information

Checking System Information

Checking Application Information

Checking License Files

Changing the SMS Password

Deleting the MEAP Application Setting Information

Managing MEAP Application Log Data

Downloading Log Data

Deleting Log Data

Setting the SSO-H Function

Before Logging In to SSO-H

Logging In to SSO-H

Menu for Administrators

Setting the User Information for SSO-H

Registering/Editing User Data for Local Device Authentication
Registering/Editing User Data for Active Directory Authentication

Setting the SSO-H Configuration

Setting the User Authentication System
Setting the User Group to Register the Server Administrator
Setting the Access Mode in Sites

Setting the Security for SSO-H

Allowing Administrators to Operate Using the Default Password
Setting Password Restrictions
Setting the Lockout Function
Setting Web Service Authentication System

Menu for General Users

File Formats for Local Device Authentication User Information Files

SDL Format

NetSpot Accountant 3.x Format

NetSpot Accountant 4.x Format

Troubleshooting (SSO-H)

Trouble That May Occur When the Windows Server Firewall Is Set

Other Trouble

List of Error Messages (MEAP)

Errors Relating to the [Login] Page

Errors Relating to the [MEAP Application Management] Page

Errors Relating to the [Install MEAP Application] Page

Errors Relating to the [Authentication Information Settings] Page

Errors Relating to the [License Management] Page

Errors Relating to the [Enhanced System Application Management] Page

Errors Relating to the [Check License] and [Change Password] Pages

Errors Relating to the [MEAP Application Setting Information Management] Page

Errors Relating to the [MEAP Application Log Management] Page

Other Errors

Top » MEAP » Setting the SSO-H Function » Before Logging In to SSO-H
Before Logging In to SSO-H
07E3-0U8
SSO-H is an authentication system that runs on the machine. It is necessary to specify the following settings in the machine to use SSO-H for authentication.
Installing SSO-H
Obtaining a license file
In order to install SSO-H, a valid license file is required.
Obtain a valid license file from License Management System (http://www.canon.com/lms/license/).
In order to obtain a license file, a license access number in your package of "AMS KIT" and a device serial number (the number displayed on the upper left of the SMS screen) are required.
Installation of SSO-H
For SSO-H installation procedure, see "Installing Enhanced System Applications."
The following files are required for installation.
File to be selected with [Enhanced System Application File Path]
The following file stored in the "AMS for SFP Software/Manual CD-ROM":
SSOHforSFP_xxx.jar (xxx varying with the version)
"Confirming the Supplied Accessories and Checking the Installation Site"
File to be selected with [License File Path]
License file obtained in License Management System
Specifying the Various Settings
Network Settings
Confirm the machine's IP address. For more information, see "[Setup] Menu ([Network] Options)."
Date and Time Settings
When using Active Directory Authentication with SSO-H, it is necessary to synchronize the date and time settings of the authentication server and machine. Set the date and time of the machine in [Date/Time Settings] to the same date and time set on the authentication server. For more information, see "[Setup] Menu ([Control Menu] Options)." You can also specify daylight saving settings to automatically advance the standard time of the machine forward by one hour for a certain period each year.
DNS Settings (Active Directory Authentication)
For Active Directory Authentication, the machine uses a DNS server. If using Active Directory Authentication, specify the network settings. For more information, see "[Setup] Menu ([Network] Options)."
The DNS server that manages the domain name registered in the machine requires the following:
The domain name of the Active Directory server used for authentication (the IP address of the domain controller) must be able to be retrieved.
The DNS server must support SRV records.
The following settings are required if the port number used for LDAP on the Active Directory side is changed.
Information for the LDAP service of Active Directory must be registered as an SRV record as follows:
Service:
'_ldap'
Protocol:
'_tcp'
Port number:
The port number used by the LDAP service of the Active Directory domain (zone)
Host offering this service:
Host name of the domain controller that is actually providing the LDAP service of the Active Directory domain (zone)
Department ID Management Settings
Department ID Management must be disabled before using SSO-H. For instructions on disabling Department ID Management, see "Specifying an ID for Each Department ."
Language Settings
Specify the same language settings for Active Directory and the machine.
IMPORTANT
If the date and time settings of the authentication server and machine are not synchronized, a login error will occur when using Active Directory Authentication.
NOTE
The allowed difference in times can be changed using the settings of Active Directory. However, if more than '5' minutes is specified, the allowed difference will not be changed.
If Department ID Management is enabled, a warning message will be displayed on the login screen.
Back to Top