Job Management Partner 1/Remote Control Description and Operator's Guide

[Contents][Glossary][Index][Back][Next]

3.4.4 Authentication settings

You can define authentication information for restricting users making controller connections. Specify authentication information when you want to permit remote control for specified users. If you do not specify anything, the system accepts connections from all users.

You can also define authentication information that remains in effect only for a predefined period of time. By registering this authentication information together with other authentication information, you can usually permit connection only for registered users while also temporarily permitting connection for the help desk in the case of a machine failure.

You can register multiple users in the authentication information, and manage them with passwords. For each user registered, you can specify whether or not to permit remote control operations such as setting shared mode or exclusive mode and shutting down the agent. You can also use user authentication linked with the Windows Authentication feature to enhance security for remote control.

You can use the following three types of user authentication for setting authentication information:

If user information has been specified in an agent 07-00 or earlier, the User Authentication dialog box appears before you specify authentication information. In this case, specify the user ID and password specified in 07-00 or earlier.

The dialog box for setting up authentication information is shown below. In the Remote Control Agent - Properties dialog box, the Authentication Settings page corresponds to this dialog box.

Figure 3-28 Remote Control Agent Setup dialog box (setting authentication information)

[Figure]

Permitted user list
Displays a list of users for which remote control is permitted.
Name
Displays the user names for which remote control is permitted. If you specify Group for the user type for Windows authentication, the group names are displayed. For temporary authentication, Temporary user appears. For details on specifying Windows authentication, see (1) Adding authentication information.
Type
Displays the types of users listed in the table below.

Table 3-8 User types

User type Description
Standard User for which connection is permitted in standard authentication
Windows User User for which connection is permitted in Windows authentication
Windows Group Group for which connection is permitted in Windows authentication
Temporary User for which connection is permitted in temporary authentication
Domain
Displays the domain name for Windows authentication. For a Windows user or group on the local computer, the local computer name is displayed.
A domain name is not displayed for standard authentication and temporary authentication. This item is not displayed in Windows Me and Windows 98.
Description
Displays a description of the user.

The following describes how to add, delete, and edit authentication information.

Organization of this subsection
(1) Adding authentication information
(2) Setting temporary user authentication information
(3) Deleting authentication information
(4) Editing authentication information
(5) Notes on setting authentication information

(1) Adding authentication information

To add authentication information, use the Add User dialog box that appears when you click the Add button.

In the pages of this dialog box, specify information such as the user name and password, and the functions of permitted remote control operations.

When you finish the specification on the pages, click the OK button to close the dialog box. Click the Cancel button to cancel the specified authentication information. If you want to continue the specification of authentication information without closing the dialog box, click the Apply button.

The following describes how to specify user information, including user name and password, and permitted remote control operations.

(a) Specifying user information

In the General page, specify user information such as the user name and password. The following shows the General page.

Figure 3-29 General page

[Figure]

The following describes how to specify user information for each authentication method.

Using standard authentication
To use standard user authentication provided by JP1/Remote Control, select Standard for Type.
Name
Specify the user name, using no more than 20 characters. This item must be specified. The specified user name is case sensitive.
You cannot use the following names:
  • Already registered name
  • A name containing any of the following symbols or space:
    \, /, *, ", :, ', !, |, ., <, >, ?, %, ,
When you use standard authentication function, the List button is disabled.
Description
Specify the description of the user, using no more than 260 characters. This item is optional. This item is optional.
Password
Specify the password, using no more than 14 characters. This item is optional.
Re-enter the password
When you enter the password, re-enter it for confirmation.
Change the user name and password when a connection is established
Select this check box if you want the Change User Name and Password dialog box to be displayed when an attempt is made to connect from Remote Control Manager. By default, this check box is cleared.
Once the user name and password have been changed, this check box is automatically cleared. Note that the check box is also cleared when the old user name and password and the new user name and password are the same.

Using Windows authentication
To use user authentication linked with the Windows Authentication feature, select Windows for Type.
Note that you cannot use Windows authentication when:
  • Connection is made from a controller 07-00 or earlier.
  • The operating system is Windows Me or Windows 98.
For the user or group that uses Windows authentication, you must specify Access this computer from the network for the Windows user rights. For details on how to set the user rights, see J. Setting Permissions for Access via the Network.
When using the Windows Authentication feature, note that a user name containing an at mark (@) prevents authentication from being performed correctly.
Name
In the dialog box that appears when you click the List button, select the user or group. If you selected User for Type, the User List dialog box appears. If you selected Group for Type, the Group List dialog box appears.
When you select the Do not check the existence of Windows user check box to directly enter the name, use no more than 260 characters. The specified name is case insensitive. Note that you cannot specify a name that is already registered.
Description
Specify the description of the user, using no more than 260 characters. This item is optional. If you do not specify anything, the specification of Description in the User List or Group List dialog box for the user name or group name specified for Name is set.
Domain
When you select the Windows user or group, select a domain from the pull-down list. If you do not specify anything, the Windows user or group on the local computer is set.
You cannot specify this item unless the computer has joined the domain.
Type
Select either of the following items:
  • User
    Select this to specify a Windows user.
  • Group
    Select this to specify a Windows group.
Do not check the existence of a Windows user
With this check box selected, you can directly enter a value for Name, Description, and Domain. To permit remote control for a Windows user or a user to be registered in the group, select this check box and enter the value for each item. When you directly enter a value for Domain, use the NetBIOS domain name. This check box is cleared by default.

Using temporary authentication
To use temporary user authentication, select Temporary for Type. The Temporary option is inactive if the temporary user has already been set.
Since the Temporary User Registration Wizard is used to set the authentication for the temporary user, do not set the user name or password in the Add User dialog box.
To display the Temporary User Registration Wizard after you add a temporary user in the Add User dialog box, from the Start menu, choose Programs, JP1_Remote Control Agent, and then Temporary User Registration Wizard. To display this wizard for JP1/Software Distribution Remote Control Agent, from each JP1/Software Distribution program folder, choose Remote Control Agent, and then double-click the Temporary User Registration Wizard icon.
For details on how to use the Temporary User Registration Wizard to set authentication information, see (2) Setting temporary user authentication information.
Description
Specify a description of the user, using no more than 260 characters. This item is optional.
Create a shortcut on the desktop.
Select this check box if you want the Remote Control - Temporary User Registration icon to be created on the desktop after a temporary user is added. Clicking this icon displays the Temporary User Registration Wizard. By default, this check box is not selected.
(b) Setting permitted remote control operations

In the Permit Operation page, specify the remote control operations you want to permit, such as shutting down an agent and transferring clipboard data. The following shows the Permit Operation page.

Figure 3-30 Permit Operation page

[Figure]

The following describes the items you can specify in the Permit Operation page. By default, all the check boxes are selected.

Permit shared mode settings
Enables the setting of shared mode.
When you want to permit the controller to only view the agent's screen, clear this check box and the Permit exclusive mode settings check box.

Permit exclusive mode settings
Enables the setting of control mode.

Permit the execution of shutdown
Permits a shutdown to be performed by choosing Tools and then Shutdown in the controller. You cannot restrict any other shutdown operation performed, for example, by choosing Shutdown from the Start menu.

Permit the execution of rebooting
Permits rebooting to be performed by choosing Tools and then Reboot in the controller. You cannot restrict any other reboot operation that is performed, for example, by choosing Reboot from the Start menu.

Permit the input of Ctrl + Alt + Del key
Permits the same operation as pressing the Ctrl + Alt + Del keys to be performed by choosing Tools and then Send Ctrl+Alt+Del in the controller.

Permit transfer to clipboard
Permits transfer of clipboard data. For an overview of clipboard data transfer and the method of operation, see 4.2.3 Transferring clipboard data.

Permit file reading during file transfer#
Permits the reading of files during file transfer. For an overview of file transfer and the method of operation, see 4.3 Transferring files.

Permit file writing during file transfer#
Permits the writing of files during file transfer. For an overview of file transfer and the method of operation, see 4.3 Transferring files.

#
Specifies whether or not to permit file transfer for each user. For details on how to permit file transfer for the entire agent, see 3.4.6 File transmission settings.

The table below lists the file operations that the controller performs for the agent according to the possible combinations of Permit file reading during file transfer and Permit file writing during file transfer.

Table 3-9 File operations permitted for the agent

File operation Check boxes
Read#1 and write#2 Only Read#1 is selected Only Write#2 is selected
Both selected Both cleared
File reception from the agent Y N Y N
File transmission to the agent Y N N Y
Folder creation Y N N Y
File deletion Y N N Y
File renaming Y N N Y
File attribute change Y N N Y
File opening Y N Y N
Viewing of files Y N Y Y

Legend:
Y: Permitted
N: Not permitted

#1
Indicates Enable file read during file transfer.

#2
Indicates Enable file write during file transfer.

(c) Setting how to display a dialog box for confirming a connection request

In the Connection Confirmation page, specify whether to display the Confirm Connection Request dialog box used for permitting or rejecting connection when a connection request from a user is accepted. The following shows the Connection Confirmation page.

Figure 3-31 Connection Confirmation page

[Figure]

The following describes the items you can specify in the Connection Confirmation page. By default, the dialog box is not displayed.

Display the Connection Confirmation dialog box.
Specify whether to display the Confirm Connection Request dialog box. By default, this check box is not selected.
Select this check box to display the Confirm Connection Request dialog box.

Dialog box display position
Set where the Confirm Connection Request dialog box will be displayed on the Windows desktop. You can select from Center, Top left, Top right, Bottom left, and Bottom right. The default is Bottom right.

Dialog box display time
Specify a value from 0 to 180 seconds as the length of time that the Confirm Connection Request dialog box is displayed while waiting for the connection to be permitted or rejected. The default is 10. If you specify 0, the dialog box is displayed until connection is permitted or rejected.

After display time has elapsed
Specify whether to automatically permit or reject connection when the period of time specified in Dialog box display time has elapsed. The default is Permit. Select Reject to automatically reject connection.

Logoff status
Specify whether to automatically permit or reject the connection when the agent is in the logoff status. The default is Reject.
When the agent is in the logoff status, the Confirm Connection Request dialog box does not appear regardless of whether or not the connection is permitted.

The following shows the Confirm Connection Request dialog box.

Figure 3-32 Confirm Connection Request dialog box

[Figure]

The Confirm Connection Request dialog box shows the IP address and host name of the controller that requested connection, and the user name registered in the authentication information.

Click the Yes button to permit connection. Click the No button to reject connection. If you do not perform any operation before the waiting time has elapsed, the system performs the processing indicated in the settings in the Connection Confirmation page.

If the computer is locked, the Confirm Connection Request dialog box is not displayed. However, connection is permitted or rejected according to the settings in Dialog box display time and After display time has elapsed.

(2) Setting temporary user authentication information

To use temporary authentication, use the Temporary User Registration Wizard to set temporary user authentication information and the connection waiting time. Display the Temporary User Registration Wizard using either of the following methods:

The following explains how to set information when the Temporary User Registration Wizard is displayed.

(a) Setting authentication information

Set authentication information for the temporary user.

Figure 3-33 Temporary User Registration wizard (setting authentication information)

[Figure]

User name
Specify the temporary user name, using no more than 20 characters. This item must be specified. The specified user name is case sensitive.
You cannot use a name containing any of the following symbols or space:
\, /, *, ", :, ', !, |, ., <, >, ?, %, ,
If the temporary user has already been registered, the user name specified previously is displayed.

Password
Specify the password, using no more than 14 characters. This item is optional.

Re-enter the password
When you enter the password, re-enter it for confirmation.

When you finish setting the information, click the Next button. Click the Cancel button to exit the wizard without saving the authentication information settings.

(b) Setting the waiting time for connection

Specify the time that can elapse from registration of the temporary user authentication information until a connection request from the temporary user is accepted.

If the time you specify here has elapsed since you completed setup with the Temporary User Registration Wizard, the temporary user authentication information will no longer be valid. If you want to re-permit connection from the temporary user, you will need to use the Temporary User Registration Wizard to set the information again.

Figure 3-34 Temporary User Registration wizard (setting the waiting time for connection)

[Figure]

Waiting time
Specify the waiting time during which a connection request from the temporary user will be accepted. Enter a value from 0 minutes to 99 hours.
Note, however, that if you specify 0 minutes or 0 hours, the temporary user is not registered. If a temporary user has already been registered, the temporary user is deleted.

By setting authentication information and specifying 0 as the waiting time, you can forcibly disconnect the connected temporary user.

When you finish setting the waiting time, click the Next button.

(c) Checking the settings

Check the specified temporary user authentication information and the waiting time for a connection request.

Once you have registered the temporary user authentication information in the Temporary User Registration Wizard, you will not be able to check this information. If you have forgotten the user name or password, you must use the Temporary User Registration Wizard to register the temporary user authentication information again.

To permit connection for a temporary user, report the information and password displayed here to the controller user.

Figure 3-35 Temporary User Registration wizard (checking the settings information)

[Figure]

Temporary user information
Indicates the name of the temporary user and the connection waiting time.

Computer information
Indicates the computer name of the agent and the IP address for local area connection. If more than one NIC is installed, the IP address that was first bound is displayed.

If the settings are correct, click the Finish button.

The setup of the temporary user authentication information is complete and the system waits for a connection request from the temporary user according to the settings.

(d) Notes on setting a temporary user

The following are notes on setting a temporary user.

(3) Deleting authentication information

In the Permitted user list field, select the user information to be deleted, and then click the Delete button. A dialog box appears asking you whether you want to delete the selected user information. Click the Yes button to delete the user information. You cannot delete more than one item of user information at a time.

When you delete the temporary user, the Remote Control - Temporary User Registration icon is also deleted from the desktop.

(4) Editing authentication information

In the Permitted user list field, select the user information for which you want to edit the user name or password, and then click the Edit button. The Edit User dialog box, in which you edit the user information, appears. You cannot edit more than one item of user information at a time.

To edit temporary user authentication information, set it again from the Temporary User Registration Wizard. The temporary user authentication information will be updated with the new settings.

In the Edit User dialog box, a user whose type is Temporary cannot be changed to any other type. Similarly, the user type cannot be changed to Temporary from any other type. If you want to change the user type, delete the user information and then add it again.

The method of using the Edit User dialog box is the same as that of using the Add User dialog box. For details, see (1) Adding authentication information. Note, however, that the Edit User dialog box does not contain an Apply button.

(5) Notes on setting authentication information

The authentication function might not operate depending on the connected product or its version, causing remote control requests from all users to be rejected.

If the specified settings will cause remote control requests from all users to be rejected, a warning message appears before the settings take effect. If this message appears, check the settings.

The table below shows when the authentication function is valid and when it is invalid.

Table 3-10 Status of the authentication function according to the combinations of version, applicable OS, and user type

Controller Version Agent
Standard#1 Windows#1 Temporary#1
All#2 Windows Me
Windows 98#2
Windows NT 4.0 or later#2 All#2
Usual version 03-00 - 07-10 Y N#3 N Y
07-11 or later Y N#3 Y Y
Security PC 07-11 - 08-00 Y N#3 Y Y
08-01 or later Y N#3 Y Y

Legend:
Y: The authentication function is valid.
N: The authentication function is invalid.

#1
Type of user for which remote control is permitted.

#2
OSs applicable to the agent.
All
All OSs applicable to the product.
Windows NT 4.0 or later
Windows 8, Windows Server 2012, Windows Server 2008, Windows Server 2003 (excluding Windows Server 2003 (IPF) and Windows Server 2003 (x64)), Windows XP, Windows 2000, and Windows NT 4.0

#3
The authentication setting itself is impossible.