beautypg.com

Table 3-8 ldap authentication, Settings – HP 9250c Digital-Sender User Manual

Page 44

background image

Table 3-8

LDAP Authentication

Callout

Area on the screen

Information or capability that the area provides

1

HP EWS tabs and
menus

For more information, see

Navigating through the HP Embedded Web Server

.

2

LDAP Server Bind
Method

The LDAP Server Bind Method setting determines how the device will access the
LDAP server. Contact your LDAP server administrator to determine which method
will work best for you.

Simple - The selected LDAP server does not support encryption. Note that the
password, if any, will be sent unencrypted across the network.

Simple over SSL - The selected LDAP server supports encryption using the
Secure Sockets Layer (SSL) protocol. All data, including the username and
password, will be encrypted. The LDAP server must be set up to support SSL,
including configuring a certificate that establishes its identity.

Also, the device network interface must be configured with a Certificate Authority
(CA) certificate to validate the LDAP server. The CA certificate is configured on
the Networking tab of the Web interface. In some LDAP server configurations,
a client certificate is also required and is configured on the same Networking
tab.

3

LDAP Server

The LDAP Server setting is the host name or IP address of the LDAP server to be
used to authenticate device users. When using SSL, the name or address typed here
must match the name in the certificate that the server sends.

Multiple servers can be included in this field by separating their addresses with a
vertical bar ('|', ASCII 0x7c) character. This feature can be used, for example, to
specify primary and backup servers. The network interface only supports a single
Certificate Authority (CA) certificate, so all the LDAP servers in the list must use the
same CA.

4

Port

The Port setting refers to the TCP/IP port number on which the server is processing
LDAP requests. Typically, this is port 389 for Simple binds or 636 for Simple over SSL
binds.

5

Use Device User's
Credentials

The Use Device User's Credentials method uses the Bind Prefix, the string that the
user enters at the control panel, and the Bind and Search Root to construct the User
DN. The constructed User DN is used to authenticate the user.

The Bind Prefix setting is the LDAP attribute used to construct the user's
Distinguished Name (DN) for authentication. This prefix is combined with the
username typed at the control panel to form the Relative Distinguished Name (RDN).
Commonly used prefixes are "CN" (for common name) or "UID" (for user identity).

6

Use LDAP
Administrator's
Credentials

Use Administrator’s Credentials
attempts to search for the user’s
DN instead of trying to construct
it.

The Administrator DN is the DN
(Distinguished Name) of a user
who has read access to the LDAP
directory. The account entered
here does not have to have
administrative access to the
directory. Read access is
sufficient.

The Administrator Password is
the password of the user whose
user DN was entered in the
Administrator DN field.

34

Chapter 3 Configuring the product from the Settings screens

ENWW

Settings