|
      0WR7-09W
      Configuring the Personal Authentication Management Settings
      The User Authentication login service performs personal authentication based on the information registered for each user, enabling you to limit the users who can access the machine. User information registration (authentication) can be performed on this machine and on an external server. You can configure the authentication system to use only this machine as the authentication device, or you can additionally specify an Active Directory or LDAP authentication server on the network as an authentication device to utilize the existing user information registered on the server. Administrators can also specify which functions are available to each individual user. For example, user A may be prohibited from copying, while user B is allowed to use all machine functions. For the user login method, you can specify whether users enter authentication information, select an icon, or use an IC card. Before configuring the user authentication settings, decide the authentication device and login method.
      Authentication Device
      The authentication devices described below can be used for personal authentication management. Each type of authentication device requires a different environment and settings. Confirm your system environment before configuring. Specifications
      Local Device (This Machine)
      User information is managed on the database inside the machine. User information is registered and edited via the control panel or the Remote UI. When the local device is configured as a standalone authentication device, Department ID Management can also be performed at the same time. Registering User Information in the Local Device
      Active Directory/LDAP Server
      In addition to the local device, you can specify an LDAP server or Windows Server with Active Directory installed as the authentication device. One advantage of using this type of device is that the users registered on the server can be added as general users without any changes. To provide administrator privileges to a user, the user must be assigned to a specific administrator group on the Active Directory or LDAP server. To specify the additional authentication device, you must register the information of the server used for authentication. Registering Server Information
      Login Method
      The user login methods described below are available for personal authentication management. It is also possible to use these methods in combination with each other. For more information on login operations, see Logging into the Machine.
      Keyboard Authentication
       
      With this method, users log in by entering their user name and password using the keyboard displayed on the control panel. This method is available regardless of the authentication device that is used.
      IC Card Authentication
       
      This method uses an IC card for user authentication. To log in, users simply touch an IC card to the reader, eliminating the need to remember a user name and password. Optional equipment is required in order to use this function. For more information, contact your local authorized Canon dealer.
      Configuring Personal Authentication Management with User Authentication
      Configure the personal authentication management settings in the order described below.
       
       
      Check the basic configuration.
      Is the machine properly connected to the computer? Setting up the Network Environment
      If you are using an authentication server, have the DNS settings been configured for the machine?
      If you are using an authentication server, have the date and time been properly set? Setting the Date/Time
       
       
      Check the login service.
      Log in to the Remote UI with Administrator privileges, click [Settings/Registration]  [User Management]  [Authentication Management]  [Authentication Service Information], and check that the login service is indicated as User Authentication.
       
       
      Configure the authentication server settings.
      Register user information on the local device and specify the authentication server.
       
       
      Select the user authentication system.
      IMPORTANT
      Make sure to log out after you finish using the Remote UI. If you close the Remote UI without logging out, it may take a long time to log in next time.
      If you want to limit authentication method to User Authentication (restrict use of System Manager ID for authentication) when the machine is accessed from a device management software or driver, make sure to set <Prohibit Authentication Using Department ID and PIN> to <On>. <Authentication Function Settings>