AU-201H User Guide
Page 6
...] included with account track settings, set "Synchronize User Authentication & Account Track" to "Synchronize". Under "IC Card Type", select the type of IC card to "ON (MFP)", and then touch [OK]. If "Do Not Synchronize" is not supported. When combined with the multifunctional product.
...] included with account track settings, set "Synchronize User Authentication & Account Track" to "Synchronize". Under "IC Card Type", select the type of IC card to "ON (MFP)", and then touch [OK]. If "Do Not Synchronize" is not supported. When combined with the multifunctional product.
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 2
... 1 1 Introduction 3 1.1 Safety Information 4 2 Getting Started 7 2.1 Product Overview 7 2.2 Part names and their functions 8 2.3 Pre-Setting 9 2.3.1 Configuring Network Settings 9 2.3.2 Registering Active Directory for Authentication 11 2.3.3 Correcting the MFP Time 12 2.3.4 Registering the DNS Server Associated with Active Directory ........ 13 2.3.5 Specifying the PIV Transitional Mode 14 2.3.6 Configuring Settings for Verifying the Active Directory Certificate...
... 1 1 Introduction 3 1.1 Safety Information 4 2 Getting Started 7 2.1 Product Overview 7 2.2 Part names and their functions 8 2.3 Pre-Setting 9 2.3.1 Configuring Network Settings 9 2.3.2 Registering Active Directory for Authentication 11 2.3.3 Correcting the MFP Time 12 2.3.4 Registering the DNS Server Associated with Active Directory ........ 13 2.3.5 Specifying the PIV Transitional Mode 14 2.3.6 Configuring Settings for Verifying the Active Directory Certificate...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 8
...a PKI card authentication unit that uses the PKI card authentication unit on the MFP. Use conditions The following conditions are required to use this system. - - 2 PKI card authentication unit (This unit) MFP compatible with this system. 2 Reminder Do not disconnect the USB cable while using...system PKI card available for PIV and CAC User management using Active Directory (Kerberos authentication + PKINIT) Connectable to the MFP via the USB port. (The MFP contains the optional local connection kit.) Note This system can also implement the unique functions using this system to carry...
...a PKI card authentication unit that uses the PKI card authentication unit on the MFP. Use conditions The following conditions are required to use this system. - - 2 PKI card authentication unit (This unit) MFP compatible with this system. 2 Reminder Do not disconnect the USB cable while using...system PKI card available for PIV and CAC User management using Active Directory (Kerberos authentication + PKINIT) Connectable to the MFP via the USB port. (The MFP contains the optional local connection kit.) Note This system can also implement the unique functions using this system to carry...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 10
Getting Started 2 2.3 Pre-Setting To use the MFP in a network environment. TCP/IP Settings On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [TCP/IP Settings]. When automatically retrieving the ... settings (page 9) - Description Select whether to use this system, pre-configure the following settings on the MFP. - Correcting the MFP time (page 12) - When directly specifying the IP address, enter the IP address of the MFP. Specifying the PIV transitional mode (page 14) - Configuring settings for authentication (page 11) -
Getting Started 2 2.3 Pre-Setting To use the MFP in a network environment. TCP/IP Settings On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [TCP/IP Settings]. When automatically retrieving the ... settings (page 9) - Description Select whether to use this system, pre-configure the following settings on the MFP. - Correcting the MFP time (page 12) - When directly specifying the IP address, enter the IP address of the MFP. Specifying the PIV transitional mode (page 14) - Configuring settings for authentication (page 11) -
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 11
... retrieving the IPv6 address using DHCP. Item DNS Host Name Dynamic DNS Settings DNS Domain Description Specify the host name of the MFP (up to automatically retrieve the domain name. Specify the IPv6 global address when not automatically retrieving the IPv6 address. Specify the IPv6... Auto IPv6 Settings DHCPv6 Setting Global Address Prefix Length Gateway Address Link-Local Address DNS Host Description Select [ON] when using the MFP in an IPv6 environment. Getting Started 2 Item Subnet Mask Default Gateway Description When directly entering the IP address, specify the subnet ...
... retrieving the IPv6 address using DHCP. Item DNS Host Name Dynamic DNS Settings DNS Domain Description Specify the host name of the MFP (up to automatically retrieve the domain name. Specify the IPv6 global address when not automatically retrieving the IPv6 address. Specify the IPv6... Auto IPv6 Settings DHCPv6 Setting Global Address Prefix Length Gateway Address Link-Local Address DNS Host Description Select [ON] when using the MFP in an IPv6 environment. Getting Started 2 Item Subnet Mask Default Gateway Description When directly entering the IP address, specify the subnet ...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 12
..., and specify its default domain name (up to 255 bytes with the host name). Specify the domain name that the MFP is available when using DHCPv6. External Server Settings On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [User Authentication/Account Track] - [External Server Settings] - [New]. Select... Type Description Specify the name of the external server (up to 253 bytes). 2.3.2 Registering Active Directory for Authentication Register Active Directory for authentication in the MFP.
..., and specify its default domain name (up to 255 bytes with the host name). Specify the domain name that the MFP is available when using DHCPv6. External Server Settings On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [User Authentication/Account Track] - [External Server Settings] - [New]. Select... Type Description Specify the name of the external server (up to 253 bytes). 2.3.2 Registering Active Directory for Authentication Register Active Directory for authentication in the MFP.
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 13
Specify the host address of the NTP server, select [ON]. Specify the port number. Time Adjustment Setting On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [Forward] - [Detail Settings] [Time Adjustment Setting]. To ... Select [ON]. AU-211P 12 When [ON] is enabled. Description When an automatic time correction is extremely different between the MFP and Active Directory. Correct the MFP time so it matches the Active Directory time with Active Directory. Getting Started 2 2.3.3 Correcting the...
Specify the host address of the NTP server, select [ON]. Specify the port number. Time Adjustment Setting On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [Forward] - [Detail Settings] [Time Adjustment Setting]. To ... Select [ON]. AU-211P 12 When [ON] is enabled. Description When an automatic time correction is extremely different between the MFP and Active Directory. Correct the MFP time so it matches the Active Directory time with Active Directory. Getting Started 2 2.3.3 Correcting the...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 14
Secondary DNS Server 1 Specify the IPv4 address of the priority DNS server associated with Active Directory. DNS Server Settings (IPv6) On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [TCP/IP Settings] - [DNS ...Server Settings (IPv6)]. 2 Note These settings are required when using DHCP. DNS Server Settings (IPv4) On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [TCP/IP Settings] - [DNS Server Settings (IPv4)]. Priority...
Secondary DNS Server 1 Specify the IPv4 address of the priority DNS server associated with Active Directory. DNS Server Settings (IPv6) On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [TCP/IP Settings] - [DNS ...Server Settings (IPv6)]. 2 Note These settings are required when using DHCP. DNS Server Settings (IPv4) On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [TCP/IP Settings] - [DNS Server Settings (IPv4)]. Priority...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 15
... when using DHCPv6. Priority DNS Server Specify the IPv6 address of the secondary DNS server and 2 associated with Active Directory. Authentication Device Settings On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [User Authentication/Account Track] [Authentication Device Settings] - [General Settings] - [PKI Card Authentication]. Item PIV...
... when using DHCPv6. Priority DNS Server Specify the IPv6 address of the secondary DNS server and 2 associated with Active Directory. Authentication Device Settings On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [User Authentication/Account Track] [Authentication Device Settings] - [General Settings] - [PKI Card Authentication]. Item PIV...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 16
Certificate Verification Setting On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [User Authentication/Account Track] - [Certificate Verification Setting]. Item Verify Validity... to verify the Active Directory certificate when communicating with Active Directory. Select whether to "External Certificate Setting" (page 18). For details on the MFP. Getting Started 2 2.3.6 Configuring Settings for Verifying the Active Directory Certificate Configure the certificate verification settings to check the root signature. For details on...
Certificate Verification Setting On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [User Authentication/Account Track] - [Certificate Verification Setting]. Item Verify Validity... to verify the Active Directory certificate when communicating with Active Directory. Select whether to "External Certificate Setting" (page 18). For details on the MFP. Getting Started 2 2.3.6 Configuring Settings for Verifying the Active Directory Certificate Configure the certificate verification settings to check the root signature. For details on...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 17
... expiration date. If this check box to 511 characters). If the DNS server is set to the User's Guide [Network Administrator] supplied together with the MFP. If [IPv6] is specified, you can enter the host name instead. Getting Started 2 Certificate Verification Settings In the PageScope Web Connection administrator mode, select [Security...
... expiration date. If this check box to 511 characters). If the DNS server is set to the User's Guide [Network Administrator] supplied together with the MFP. If [IPv6] is specified, you can enter the host name instead. Getting Started 2 Certificate Verification Settings In the PageScope Web Connection administrator mode, select [Security...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 19
... deletion confirmation dialog box. Displays the validity period of external certificates. If necessary, you want to the User's Guide [Network Administrator] supplied together with the MFP. Item Certificate type [New Registration] Issuer Subject Validity Period Detail Delete AU-211P Description Select the type of the external certificate. Detail • To check...
... deletion confirmation dialog box. Displays the validity period of external certificates. If necessary, you want to the User's Guide [Network Administrator] supplied together with the MFP. Item Certificate type [New Registration] Issuer Subject Validity Period Detail Delete AU-211P Description Select the type of the external certificate. Detail • To check...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 21
..., SNMP v1/v2c write setting, and SNMP v3 in the disable state. ! Disabling the OpenAPI function To associate the MFP with the MFP. However, the initial setting results in the initial setting of PageScope Authentication Manager, and disable the OpenAPI function of security.... AU-211P 20 To ensure security, change the MFP administrator password, press the [Utility/Counter] key, and then [Administrator Settings] - [Security Settings] [Administrator Password] on the network. ...
..., SNMP v1/v2c write setting, and SNMP v3 in the disable state. ! Disabling the OpenAPI function To associate the MFP with the MFP. However, the initial setting results in the initial setting of PageScope Authentication Manager, and disable the OpenAPI function of security.... AU-211P 20 To ensure security, change the MFP administrator password, press the [Utility/Counter] key, and then [Administrator Settings] - [Security Settings] [Administrator Password] on the network. ...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 22
...log in and log out using this unit and also describes the functions for authentication, click [Server Name] to insert a PKI card into the MFP as a public user if Public User Access is also available in the normal display mode. You can log in as an administrator or User Box...mode, refer to the User's Guide [Enlarge Display Operations] supplied together with this unit and log into the MFP. 1 Insert a PKI card in the unit. - To change the server for use with the MFP. 3.1 Login and Logout 3.1.1 Login Use the following explains the procedures applicable in the Enlarge Display mode. ...
...log in and log out using this unit and also describes the functions for authentication, click [Server Name] to insert a PKI card into the MFP as a public user if Public User Access is also available in the normal display mode. You can log in as an administrator or User Box...mode, refer to the User's Guide [Enlarge Display Operations] supplied together with this unit and log into the MFP. 1 Insert a PKI card in the unit. - To change the server for use with the MFP. 3.1 Login and Logout 3.1.1 Login Use the following explains the procedures applicable in the Enlarge Display mode. ...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 23
... pressing the [ID] key on the control panel is displayed. • If you log into the MFP as an administrator, you can check or delete the desired job. • If you log into the MFP. You can view the contents of all the created User Boxes regardless of PKI card authentication failures.... of authentication failures reaches an upper limit, the PKI card will be locked to Use the Authentication Unit 3 ! This starts authentication and logs into the MFP as a User Box administrator, you will be logged out as a PIN code. ! For details on the screen.
... pressing the [ID] key on the control panel is displayed. • If you log into the MFP as an administrator, you can check or delete the desired job. • If you log into the MFP. You can view the contents of all the created User Boxes regardless of PKI card authentication failures.... of authentication failures reaches an upper limit, the PKI card will be locked to Use the Authentication Unit 3 ! This starts authentication and logs into the MFP as a User Box administrator, you will be logged out as a PIN code. ! For details on the screen.
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 24
... the system auto reset function is specified, the function will activate and you cannot log out by pressing the [ID] key on the MFP that supports this system, user authentication is not operated for the specified time. How to perform user authentication before account authentication. When Account ...Track is enabled on the control panel. • If the MFP sub power is enabled, use the PKI card to Use the Authentication Unit 3 ! AU-211P 23 Detail When Account Track is turned off...
... the system auto reset function is specified, the function will activate and you cannot log out by pressing the [ID] key on the MFP that supports this system, user authentication is not operated for the specified time. How to perform user authentication before account authentication. When Account ...Track is enabled on the control panel. • If the MFP sub power is enabled, use the PKI card to Use the Authentication Unit 3 ! AU-211P 23 Detail When Account Track is turned off...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 25
...data to the Home folder of the user's Home folder from the printer driver and can only be printed when authentication at the MFP with the PKI card when searching for the destination via SMB. The user can ensure the confidentiality of an e-mail. Once the... same user performs authentication at the MFP using the PKI card authentication system. p. 50 Sends scanned data to Use the Authentication Unit 3 3.2 Functions Using the PKI Card Authentication ...
...data to the Home folder of the user's Home folder from the printer driver and can only be printed when authentication at the MFP with the PKI card when searching for the destination via SMB. The user can ensure the confidentiality of an e-mail. Once the... same user performs authentication at the MFP using the PKI card authentication system. p. 50 Sends scanned data to Use the Authentication Unit 3 3.2 Functions Using the PKI Card Authentication ...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 26
... obtain access privileges, and configure the single sign-on the network. Active Directory PKI Card (1) (2) LDAP Server (3) Address Search (1) Insert the PKI card into the MFP to perform Active Directory authentication. (2) Obtain the Kerberos authentication ticket. (3) Use the Kerberos authentication ticket to log in to the LDAP server and search for... public on environment to be convenient. How to Use the Authentication Unit 3 3.3 Address Search (LDAP) Using PKI Card 3.3.1 Overview This function logs in to the MFP as a public user or User Box administrator.
... obtain access privileges, and configure the single sign-on the network. Active Directory PKI Card (1) (2) LDAP Server (3) Address Search (1) Insert the PKI card into the MFP to perform Active Directory authentication. (2) Obtain the Kerberos authentication ticket. (3) Use the Kerberos authentication ticket to log in to the LDAP server and search for... public on environment to be convenient. How to Use the Authentication Unit 3 3.3 Address Search (LDAP) Using PKI Card 3.3.1 Overview This function logs in to the MFP as a public user or User Box administrator.
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 27
...Setting Up LDAP Register the desired LDAP server to use the LDAP server. Enabling LDAP Configure settings to search for the destination. On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [LDAP Settings] - [Enabling LDAP... 3.3.2 Related Settings This section explains how to configure the address search (LDAP) settings on the MFP that supports this system. Item Enabling LDAP Description Select [ON]. AU-211P 26 On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings]...
...Setting Up LDAP Register the desired LDAP server to use the LDAP server. Enabling LDAP Configure settings to search for the destination. On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings] - [LDAP Settings] - [Enabling LDAP... 3.3.2 Related Settings This section explains how to configure the address search (LDAP) settings on the MFP that supports this system. Item Enabling LDAP Description Select [ON]. AU-211P 26 On the MFP control panel, press the [Utility/Counter] key, and then [Administrator Settings] - [Network Settings]...
AU-211P Authentication Unit User Guide for bizhub 223/283/363/423
Page 28
...]: Select whether to check that the server certificate is within the validity period. Search Base Specify the search starting point in this attribute between the MFP and LDAP server with SSL. The chain is validated by the issuer. [Chain]: Select whether to check that the server certificate chain (certification path) is...
...]: Select whether to check that the server certificate is within the validity period. Search Base Specify the search starting point in this attribute between the MFP and LDAP server with SSL. The chain is validated by the issuer. [Chain]: Select whether to check that the server certificate chain (certification path) is...