8.2 Setup for user authentication linking with the directory server (Windows only)

User authentication through linking with a directory server has two methods. One is to use a DS user and the other is to use a linkage user. Use a DS user for the case where JP1 authentication information (JP1 user authentication information and JP1 operating permission) is managed by a directory server. Use a linkage user for the case where only JP1 user authentication information is managed by a directory server.

If user authentication is performed by linking with the directory server, both the JP1 administrator and directory server administrator need to perform setup tasks.

The following table shows the required setup tasks for the cases using a DS user or a linkage user respectively.

Table 8‒4: Setup tasks for JP1 administrator and directory server administrator

JP1 user type	Setup tasks for JP1 administrator	Setup tasks for directory server administrator
Linkage user	Settings for directory server linkage on the authentication server Designation of a directory server Setting of a JP1 user (linkage user)	Registration of a JP1 user (linkage user) to the directory server
DS user	Settings for directory server linkage on the authentication server Designation of a directory server Setting of operating permissions (when setting in JP1/Base)	In-advance setting of the Active Directory Extension of the schema to set operating permission Creation and settings of a group Setting of operating permissions (when setting in Active Directory)

The following figure shows the setup procedure required on each host and the corresponding subsections in this manual when performing user authentication by linking with the directory server.

Figure 8‒10: User management setup procedure (operation to use a linkage user)

Figure 8‒11: User management setup procedure (operation to use a DS user)

In the subsequent subsections, explanations will be given for settings required only for the cases performing user authentication through linking with a directory server. For details on other settings, see the location in this manual indicated in Figure 8-10 or Figure 8-11. The settings are the same as the settings when using the authentication server only.

Notes when linking with the directory server

• A standard user can log into the authentication server even if directory server linkage is enabled.

• When SSL is used, check the following:

  Directory server

  • Whether the certification service has been installed

  Authentication server

  • Whether the certification exported from the directory server has been installed

• jp1hosts information or jp1hosts2 information cannot be used to resolve the name of the linked directory server to an IP address. Therefore, specify settings so that, for example, the OS hosts file can resolve the name.

Organization of this section

• 8.2.1 Settings for the operation to use a linkage user

• 8.2.2 Settings for the operation to use a DS user

To Page Top