When you select Cleartext authentication, LDAP simplified authentication is
enabled. Simplified authentication can be performed with a user attribute
(such as cn or uid) instead of the DN.
Requirements for
authentication
To use SSL/TLS, the server must support the TLS 1.0/1.1/1.2 or SSL
3.0 encryption method.
TLS 1.0/SSL 3.0 is disabled in the factory default setting. To use TLS
1.0/SSL 3.0, specify TLS 1.0/SSL 3.0 to Enable on Web Image
Monitor.
To use Kerberos authentication, register the realm to distinguish the
network area.
Registering the Realm
Data transmission between the machine and the KDC (Key
Distribution Center) server must be encrypted if Kerberos
authentication is enabled.
Encrypting Network Communication
When you use LDAP, only version 3.0 can use Digest authentication.
Notes when the LDAP server is configured using Active
Directory
When Kerberos authentication is enabled together with SSL/TLS, the e-mail address
cannot be obtained.
Anonymous authentication might be available. To improve security, set anonymous
authentication to Disable.
Even if you edit an authenticated user's information, such as an e-mail address, in the machine's
Address Book, it may be overwritten by the information from the server when authentication is
performed.
Under LDAP authentication, you cannot specify access limits for groups registered in the server.
Do not use double-byte Japanese, Traditional Chinese, Simplified Chinese, or Hangul characters
when entering the login user name or password. If you use double-byte characters, you cannot
authenticate using Web Image Monitor.
When using the machine for the first time, the user can use Available Functions specified in [User
Authentication Management].
To specify Available Functions for each user, register the user together with Available Functions in
the Address Book, or specify Available Functions in the user registered automatically in the
address book.