Kerberos authentication tasks, Initializing kerberos authentication – HP Color LaserJet CM3530 Multifunction Printer series User Manual
Page 61
Callout
Area on the screen
Information or capability that the area provides
11
Port
The Port is the IP port used by the LDAP protocol to
communicate with the LDAP server. This is typically port
389 or port 3268.
12
Search Root
The Search Root is the Distinguished Name (DN) of the
entry in the LDAP directory structure where address
searching is to begin. A DN is made up of ' attribute=value
' pairs, separated by commas.
NOTE:
On some LDAP Servers, the Search Root can
be left blank (in which case its root node will be assumed).
The search root is not case sensitive.
13
Retrieve the device user's email address
using attribute of
After the device user has been located in the LDAP
database, the user's e-mail address is retrieved from the
database by using the LDAP attribute specified in the
Retrieve the device user's e-mail address using attribute
of field. In the Windows Active Directory environment, this
attribute is typically mail.
14
and name using the attribute of
The user's display name is obtained from the LDAP
attribute that is specified in the and name using the
attribute of field. In the Windows Active Directory
environment, this attribute is typically displayName.
Kerberos Authentication Tasks
Kerberos is a network authentication protocol. It is designed to provide secure authentication for client/
server applications by using secret keys delivered with session tickets.
Before following the initializing and configuring steps, complete the following:
1.
Install the Microsoft LDP tool.
2.
Discover the LDAP server.
3.
Set up LDP.
After you have performed these steps, perform the steps in the following section,
Initializing Kerberos authentication
Follow these steps to initialize Kerberos Authentication for your product.
NOTE:
Embedded Kerberos Authentication uses session tickets in the authentication process. The
session tickets are time stamped by both the Key Distribution Center (KDC) and the product. It is
essential that the stamped times are within five minutes of each other. This can be accomplished by
setting identical time on both the KDC and product.
1.
Open the HP EWS in a web browser.
2.
Select the Settings tab, and then Kerberos Authentication.
Table 3-10
Kerberos Authentication (continued)
ENWW
Kerberos Authentication
49