2
2
2-171
2-171
Technology > MEAP > Login Service > Differences among Login services
Technology > MEAP > Login Service > Differences among Login services
1) SSO-Tokyo acquires site lists from Active Directories.
Note, however, that the Active Directories accessed in order to acquire site lists are in the
order in which they were returned by DNS, so there is no guarantee that the same Active
Directory will be accessed as in the initial settings (upon device settings or changes to NW
settings, etc.).
[Site subnet list]
Site: Tokyo: = 172.24.12.0/24, 172.24.35.0/24
Site: Osaka: = 192.168.1.0/24
Site: Hakata: = 211.111.1.0/24
As a result, since SSO-Tokyo is 172.24.12.80, the subnet is 172.24.12.0/24, and is judged
as belonging to site Tokyo.
2) The DNS server obtains its Active Directory list from the primary or secondary DNS, as set
in the device.
[Active Directory]
172.24.12.2, 172.24.35.2, 192.168.1.2, 211.111.1.30
3) Of the Active Directories in 2), above, the ones that belong to the same site (Tokyo) are
172.24.12.2 and 172.24.35.2.
Of these, the Active Directory that is the same subnet as SS-Tokyo is 172.24.12.2.
Therefore, this one will be accessed.
4) If access fails at step 3), above, the other Active Directory of the same site, 172.24.35.2,
will be accessed.
5) If access fails at step 4), above, also, SSO-Osaka and SSO-Hakata will be accessed (the
order will depend on the order of the Active Directories in DNS). Note, however, that this is
an optional operation.
Logging into other domains at multi-domain
At multi-domain, if another domain is logged into, based on the site/ subnet information
retrieved in the home domain, the Active Directories of the login destination domain/ KDC
address list are computed. In the event that the domain controller IP addresses of other
domains are outside of the site access range, and only the domain controller within the site
is programmed for access, an error message will be displayed to the effect that the site
information is incorrect.
■
Environment confirmation
Refer to Checking the Operating Environment in this manual for details on the system
requirements when using login services.
■
Differences among Login services
Login service
SSO-H
SSO-K*1
SSOV3
Local device users upper limit
5000
1000
1000
No. of domains
200
10
200
Operating devices
Up till latest model
Till before iR
3245series
Up till latest model
IpV6
Available, but
authentication not
performed in IPv6
N/A
Available
Memory (KB)/ threads
3584/33
2800/33
2800/33
Supported AD
Windows 2000
Server/ Windows
Server 2003
Windows 2000
Server/ Windows
Server 2003
Windows 2000 Server/
Windows Server 2003
Authentication method
NTLM Kerberos
Local Device
Authentication
Kerberos
NTLM
Local
Server
AD/KDC
(included in AD)
SA/AD
Key
DES
-
Department ID management
linkage
Local authentication only available
However, domain
requires NSA.
Site access
Available
Available
SSO Ver3.x
Excluded from pre-installation, but included in Administrator's CD (SA also included).
SSO included in the Administrator's CD from iR3245 onward has AMS functionality
deleted and is provided as a non AMS enabled login application.
Summary of Contents for imagePRESS 1110
Page 242: ...3 3 Periodical Service Periodical Service Periodical service item ...
Page 655: ...5 5 Adjustment Adjustment Overview When replacing parts Major adjustment ...
Page 944: ...8 8 Service Mode Service Mode Overview COPIER FEEDER SORTER BOARD Situation Mode ...
Page 1555: ... Service Tools General Circuit Diagram General Timing Chart Operator Maintenance Appendix ...