Connecting your printer to an Active Directory domain
Using Active Directory simplifies network authentication and authorization setup, automatically creating and
configuring LDAP+GSSAPI and Kerberos authentication building blocks.
Notes:
•
This feature is available only in some printer models.
•
Use HTTPS to protect the credentials that are used to join the printer to the domain.
1
From the Embedded Web Server, click
Settings
>
Security
>
Security Setup
>
Active Directory
>
Join an Active
Directory Domain
.
2
Provide the information needed for each account:
•
Realm
—Type the name of the realm that you are using.
•
Domain Controllers
—Type the domain controllers that you are using. Separate each domain controller with a
comma.
•
User ID
—Type the user name of the network administrator or any individual who has rights to add computers
to a network.
•
Password
—Type the password of the network administrator or the individual who has rights to add computers
to a network.
Note:
Passwords are case
‑
sensitive and are not cached by the device.
•
Organizational Unit
—If necessary, type the name of your organizational unit.
3
Click
Submit
.
Note:
If the configuration is unsuccessful, a big red
X
mark appears. A message appears if the configuration is
not successful.
4
Click
Manage Security Templates
to use the Active Directory information to complete your security setup.
If you want to review or make some small modifications to the LDAP+GSSAPI building block, then click
Return to
Security Setup
and do the following:
a
Under Advanced Security Setup, click
Kerberos 5
.
b
Click
View File
to open the Kerberos Config file that was created using the Active Directory setup.
c
Review the file, and then click the back button of the browser.
d
Click
Return to Security Setup
, and then click
LDAP+GSSAPI
.
e
Under LDAP+GSSAPI Setups, click the building block that was created by the Active Directory Setup process.
Note:
By default, the building block name is the realm name, and the server address field is the domain
controller name.
f
If necessary, change some of the building block settings depending on your environment, including the following:
•
Server Port
—The standard port for LDAP is 389. Another common port is 3268, but this port is used only
for Global Catalog servers in Active Directory. If applicable, change the port to 3268 to speed up the querying
process.
•
Search Base
—This setting indicates the location in the directory tree where the device starts searching. At
the most basic we recommend specifying the root of the directory (such as “dc=company,dc=com”).
Managing authentication and authorization methods
14
