manualshive.com logo in svg

Konica Minolta AU-211P, User Manual, Page: 22 / 52

Share
Download
Konica Minolta AU-211P User Manual Download Page 22

AU-211P

3-6

3.3

Address Search (LDAP) Using PKI card

3

[Setting Up LDAP]

Register the LDAP server used to search for a destination.

Select [Utility] - [Administrator] - [Network] - [LDAP Setting] - [LDAP Setting] - 

Select any list in the server 

list.

 - [Edit], and configure the following settings.

Item

Description

[LDAP Server Name]

Enter the name of the LDAP server (using up to 32 characters).

[Server Address]

Enter the LDAP server address.
When specifying the host name instead of the address, select the [Please 
check to enter host name.] check box.

[Port No.]

If necessary, change the LDAP server port number (default: [389]).

[Enable SSL]

When using SSL communications, set this option to ON (default: OFF).

[Port No.(SSL)]: Change the port number for SSL communication as 
needed (default: [636]).

[Certificate Verification Level 
Settings]

To verify the certificate for SSL communication, select items to be veri-
fied.

[Expiration Date]: Confirm whether the certificate is within the validity 
period (default: ON).

[CN]: Confirm whether CN (Common Name) of the certificate matches 
the server address (default: OFF).

[Key Usage]: Confirm whether the certificate is used according to the 
intended purpose approved by the certificate issuer (default: OFF).

[Chain]: Confirm whether there is a problem in the certificate chain 
(certificate path) (default: OFF). The chain is validated by referencing 
the external certificates managed on the MFP.

[Expiration Date Confirmation]: Confirm whether the certificate has 
expired (default: OFF). The expiration date confirmation is performed 
in the order of OCSP (Online Certificate Status Protocol) service, and 
CRL (Certificate Revocation List).

[Search Base]

Specify the starting point to search for a destination (using up to 255 
characters).
The range from the entered starting point, including the following tree 
structure, is searched.

[Timeout]

If necessary, change the time-out time to limit a communication with the 
LDAP server (default: [60] sec.).

[Max.Search Results]

Change the maximum number of destinations to be displayed as search 
results, if necessary (default: [100] destinations).

[General Settings]

Select the authentication method to log in to the LDAP server depending 
on your environment (default: [anonymous]).

[Domain Name]: If [GSS-SPNEGO] is selected for [General Settings], 
enter the domain name of Active Directory (using up to 64 characters).

[Use Referral]

Select whether to use the referral function (default: [ON]).

[Search Condition Attrib-
utes]

Select attributes to be specified when performing the LDAP search (de-
fault: [Name]). The setting can be switched between [Name] (cn) and 
[Nickname] (displayName).

[Search]

Select whether to display candidate destinations when entering a part of 
the name to perform LDAP search (default: [OFF]).

[Initial Setting for Search De-
tails]

Specify the default LDAP search conditions for each item (default: [OR]).

[Search Attributes Authentication]: This setting is not available.
[Search Attribute]: This setting is not available.

Summary of Contents for AU-211P

Page 1: ...User s Guide Authentication Unit AU 211P...

Page 2: ...Settings 2 8 External Certificate Setting 2 9 2 3 7 Enabling TPM Trusted Platform Module 2 9 TPM Function Settings 2 9 SSL Setting 2 9 2 3 8 Setting the Power Saving Mode 2 9 2 4 Operation Settings 2...

Page 3: ...3 21 Sending print data Printer driver setting 3 21 MFP printing 3 23 3 8 Scan To Me 3 26 3 8 1 Overview 3 26 3 8 2 Related Settings 3 27 Obtaining the e mail address 3 27 E mail TX SMTP 3 27 S MIME 3...

Page 4: ...AU 211P 1 3 5 Appendix 5 1 Product Specifications 5 2 5 2 Cleaning the Authentication Unit 5 2 5 3 Troubleshooting 5 2...

Page 5: ...1 Introduction...

Page 6: ...s User s Guide Trademark copyright acknowledgements Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and or other countries All other...

Page 7: ...2 Getting Started...

Page 8: ...to carry out operations without making a password public on the network and to configure the system environment with a higher level of security You can also implement the unique functions using this...

Page 9: ...Part Names and their Functions No Part name Description 1 Card inlet Used to insert the PKI card 2 LED lamp Turns green when you insert a PKI card into this unit Blinks green during authentication 3 U...

Page 10: ...IP ad dress select Manual Setting To automatically specify the IP address using DHCP select Auto Setting and specify the automatic setting method IP Address Enter the fixed IP address assigned to the...

Page 11: ...tically updated LLMNR Setting When using LLMNR set this option to ON default ON Using LLMNR enables you to resolve the name even in an environment that does not have a DNS server This option is only c...

Page 12: ...ion External Server Name Enter the name of the authentication server using up to 32 characters External Server Type Select Active Directory Active Directory Register Active Directory connection inform...

Page 13: ...ser Auth Account Track PKI Card Authentication and configure the fol lowing settings Item Description DNS Server Auto Obtain When automatically specifying the DNS server address using DHCP set this op...

Page 14: ...is not expired in the OCSP service For details on the OCSP service setting procedure refer to Certificate Verification Settings p 2 8 Item Description Certificate Verification Set tings When verifyin...

Page 15: ...eference For details on how to use Web Connection refer to the User s Guide Web Management Tool supplied with the MFP 2 3 7 Enabling TPM Trusted Platform Module When TPM Trusted Platform Module is ins...

Page 16: ...Server Setting and set FTP Server to OFF default OFF SNMP Setting Select Utility Administrator Network SNMP Setting and configure the following settings 2 4 2 Settings to Change after Initialization...

Page 17: ...3 How to Use the Authentication Unit...

Page 18: ...e MFP 3 1 Login and Logout NOTICE Do not pull out the card while the access lamp is blinking Otherwise the card may be damaged 3 1 1 Login This section describes the procedure to insert the PKI card i...

Page 19: ...PKI card when the system is running a warning message is displayed or the screen on which you cannot log out using the Access key is displayed If you log in to the MFP as the administrator you can che...

Page 20: ...ing PKI card Encrypts a PDF document and adds a signature using the digital certificate registered in the PKI card when distributing scanned data as a PDF document This function prevents illegal acces...

Page 21: ...environment to be convenient 1 Insert the PKI card into the MFP to perform Active Directory authentication 2 Obtain the Kerberos authentication ticket 3 Use the Kerberos authentication ticket to log i...

Page 22: ...tes managed on the MFP Expiration Date Confirmation Confirm whether the certificate has expired default OFF The expiration date confirmation is performed in the order of OCSP Online Certificate Status...

Page 23: ...s an example to perform LDAP search using LDAP addr Search 1 When multiple servers are registered select the server to connect 2 Enter the search word and tap Search Perform authentication for the sel...

Page 24: ...public on the network The user can also perform the Active Directory authentication only once to obtain access privileges and con figure the single sign on environment to be convenient 1 Insert the PK...

Page 25: ...performed when authentication has failed us ing a Kerberos authentication ticket If this item is set to ON while Authentication Setting if Kerberos Fails is set to Enable NTLM v1 v2 the system display...

Page 26: ...eros authentication ticket to log in to the destination computer and save data in a shared folder dReference For details on the SMB TX method refer to the User s Guide Scan supplied with the MFP This...

Page 27: ...omputer on the Windows network and register or specify it as the destination When you are logging in to the MFP using a PKI card log in to the searched computer using the Kerberos authentication ticke...

Page 28: ...e mail encryption when sending an e mail Sending an encrypted e mail prevents information from being leaked to a third party on the transmission route To encrypt e mail addressed to you using the Sca...

Page 29: ...digital signature when sending e mails select the authentication method using the digital signature default SHA 1 E Mail Text Encrypt Meth od Select the method to encrypt the e mail text default 3DES...

Page 30: ...up to 10 e mail ad dresses to be broadcasted When setting to enable encryption or to add a digital signature after 11 or more e mail addresses have already been specified you need to cancel all the sp...

Page 31: ...Encrypting a PDF document prevents third parties from illegally viewing data Furthermore adding a signa ture identifies the author of a PDF document and guarantees that the file has not been fabricate...

Page 32: ...al certificate registered in the PKI card Select PDF or Compact PDF on the scan fax screen of classic style set PDF Detail Setting Encryption to ON and configure the following setting 1 In Encryption...

Page 33: ...the digital certificate registered in the PKI card Select PDF or Compact PDF on the Scan Fax screen of classic style set PDF Detail Setting Digital Sig nature to ON and select the signature encryption...

Page 34: ...n only be printed when authentication at the MFP using the PKI card is successful therefore you can ensure the confidentiality of documents 1 Insert the PKI card into the authentication unit attached...

Page 35: ...indows Server 2012 R2 Datacenter Windows Server 2012 R2 Standard Windows 10 Home Windows 10 Pro Windows 10 Enterprise Windows 10 Education Windows Server 2016 Standard Windows Server 2016 Datacenter A...

Page 36: ...r details on how to uninstall the printer driver refer to the User s Guide Print supplied with the MFP 3 7 3 Specifying the Print Data Deletion Time The data encrypted with the PKI card is deleted fro...

Page 37: ...data Printer driver setting This section describes the printer driver setting to encrypt print data using the PKI card and send it to the MFP 1 Click Print in the menu of the application software 2 Se...

Page 38: ...tion number of Active Directory When per forming authentication using Active Direction registered in No 2 set the Realm Domain value to 2 PKI Card Print uses authentication information of the PKI card...

Page 39: ...in the PKI Encrypted Document User Box after authentication Using method 1 you can insert the PKI card into the MFP and perform authentication to easily print the relevant user s data Using method 2...

Page 40: ...Access and insert the PKI card Inserting the PKI card displays the PIN code entry page When authentication succeeds after enter ing the PIN code the system prints all the relevant user s data and logs...

Page 41: ...PKI card 2 Enter the PIN code and log in to the MFP 3 Tap User Box on the main menu of classic style 4 Tap User Box System PKI Encrypted Document A login user s print data list is displayed 5 Select t...

Page 42: ...the MFP to perform Active Directory authentication 2 Obtain the user s e mail address 3 Send an e mail to the user s e mail address If necessary encrypt an e mail or add a digital signature using the...

Page 43: ...on how to handle e mail TX using the PKI card and configure the setting refer to Scan to E mail S MIME using PKI card p 3 12 3 8 3 Handling Scan To Me If the setting is correctly configured to use Sca...

Page 44: ...folder 3 Use the Kerberos authentication ticket to log in to the user s computer and save scanned data in the Home folder Tips This function is not available when you log in to the MFP as a public us...

Page 45: ...me If the setting is correctly configured to use Scan To Home Home for sending to the user s Home folder is displayed on the Scan Fax screen of classic style 1 Tap Scan Fax on the main menu of classic...

Page 46: ...4 Added or Changed Setting Information...

Page 47: ...lete Time Setting Allows the user to specify the time required to delete a PKI encrypted document For details refer to Specifying the Print Data Deletion Time p 3 20 Item Description User Authenticati...

Page 48: ...refer to Client Setting p 3 9 Item Description Setting Up LDAP Login Name Password and Select Server Authentication Method are not displayed GSS SPNEGO or anonymous is selectable for General Settings...

Page 49: ...1 4 Security Security Details Job Log Settings Item Description TCP Socket OFF is specified by default Item Description WebDAV Server Settings OFF is specified by default Item Description Prohibited F...

Page 50: ...5 Appendix...

Page 51: ...a mal function 5 3 Troubleshooting If an error occurs during running refer to the following If any of the above errors recur after taking the specified action or if other errors occur contact your ser...

Page 52: ...AA2J 9635 00 2019 6 2015 http konicaminolta com...

Reviews:

No comments