This setting enables or disables user authentication and specifies the authentication
method.
When the user authentication is enabled, each user of the machine is registered. When
a user logs in, the separate authentication settings apply to the user. This function
allows greater control of security and cost management than that on previous machines.
Even if user information is not stored on the machine, you can directly enter the
user information stored in an LDAP server to log in the machine if necessary. For
more information see "Users stored as factory default".
User Authentication
When [User Authentication] is enabled, the authentication screen appears before an
operation is carried out in any mode except the job status screen*.
Log in as an already registered user.
After logging in, you can move freely through the modes.
* The login screen appears when a document filing file is used or when a broadcast transmission is reattempted from the job status screen.
Set the location where user authentication is to be enabled.
Login Locally: User authentication is performed on this machine.
LDAP: User authentication by LDAP server.
Active Directory: User authentication by Active Directory.
Sharp OSA: Authenticate the user using the Sharp OSA application.
Use this to set the default network authentication server.
When you log into Setting mode (Web version) or send a print job to the machine using
user information that is not registered in the machine, the authentication server
is not known.
This setting is used to select one of the LDAP servers registered in the machine as
the authentication server.
Register the access control information for page count limits, authorities, and favourite
operations can be registered on an network server in advance. By using this network
server for network authentication, perform the user authentication based on the registered
access control information.
Use this function when user authentication is performed by network authentication
using an LDAP server or a directory service (Active Directory, etc.).
Before using this function, configure settings for authentication by network server,
obtain control numbers for the "Pages Limit Group", "Authority Group", "Favourite
Operation Group", and "My Folder" (including base settings for each group), and associate
these with the control numbers registered in the machine.
To use this function, add the properties associated with "Pages Limit Group", "Authority
Group", "Favourite Operation Group", and "My Folder" to the directory information
of the network server used for user authentication. The property information is indicated
below. Settings previously stored in the machine cannot be changed.
| Property | Name of property in factory default state | Settings |
|---|---|---|
|
Pages Limit Group |
pagelimit |
Registration number of Pages Limit Group registered in the machine, or a group name previously registered in the machine. Unlimited: unlimited |
|
Authority Group |
authority |
Registration number of Authority Group registered in the machine, or a group name previously registered in the machine. Admin: admin User: user Guest: guest |
|
Favourite Operation Group |
favourite |
Registration number of Favourite Operation Group registered in the machine, or a group name previously registered in the machine. Following the System Settings: systemsettings |
|
My Folder |
myfolder |
Folder name of user folder stored in the machine. Do not enter if the default folder is specified. |
Rename the properties that the machine obtains from the LDAP server as follows. In
"Settings", select [Network Settings] → [LDAP Settings]. From the Global Address Book
setting screen that is displayed, select [Linkage with User Control Function] and
then select [Pages Limit Group], [Authority Group], [Favourite Operation Group] and
[My Folder].
The [Pages Limit Group], [Authority Group], and [Favourite Operation Group] information
that is registered in each machine determines the authority and settings that the
user is actually granted. To use this function to ensure that users are granted the
same authority and settings on any machine, register the [Pages Limit Group], [Authority
Group], and [Favourite Operation Group] information with the same authority so that
they will be registered in each machine using the same registration numbers.
For [My Folder], register the folder having the same name in [Custom Folder] in each
machine.
The directory information of the network server that is used cannot be changed from
the machine. Consult the administrator of the network server.
If 1000 users have already been manually registered, login will not be possible. Consult
the administrator of the machine.
Users auto-registered
When you log in by network authentication, your user information is automatically
registered in the machine. The information stored is as follows:
| Item | Description |
|---|---|
|
User Name |
This information is acquired from the authentication server.* |
|
Initial |
1 |
|
Index |
User1 |
|
Card ID |
- |
|
PIN Code/Password |
- |
|
Authentication Server Settings |
- |
|
Authentication Server |
Network Authentication |
|
E-mail Address |
When Access Control is enabled, this information is acquired from the authentication server. |
|
My Folder |
|
|
Pages Limit Group |
|
|
Authority Group |
|
|
Favourite Operation Group |
* If the user name cannot be acquired by network authentication, the first 16 characters of the text string used as the login name for network authentication is applied.
This selects the authentication method. When using user authentication, be sure to
configure this setting first. The items to be configured for users stored after setting
the user authentication method vary depending on the selected authentication method.
Authenticate a User by Login Name and Password
Standard authentication method using a login name and password.
Authenticate a User by Login Name, Password and E-mail Address
This authentication also checks the e-mail address, in addition to the login name
and password of the user.
Authenticate a User by User Number Only
Use this option for simple authentication if you skip the network authentication.
, login names with identical spelling but different cases (upper and lower) will be
identified as different login names. Therefore, login names with identical spelling
but different cases will be authenticated as user names of different users. If the
checkbox is set to
, case sensitivity for login names is disabled. Therefore, identically spelled user
names with upper and lower case character differences will be authenticated as the
user name of the same user., and identical user names with only upper and lower case character differences exist,
the user names that have already been registered are identified as user names of different
users.Enable "QUICK AUTHENTICATION".
A specific user can be registered as an auto login user. When this option is enabled,
the registered user can log in the machine automatically.
This function can eliminate each login procedure on the authentication screen and
apply the selected user settings.
Also, you can temporarily log in as a user other than the auto login user, and operate
the machine with the privileges of this user. To allow other users to log in temporarily
when [Device Account Mode] is enabled, select [Allow Login by Different User].
This setting is used to select the auto login user when auto user login is enabled.
Store User Information
Set whether or not automatically registered users are created.
Externally authenticated users in Sharp OSA can also be automatically registered.
Set whether or not authentication information for connection to the cloud is retained
as cache information.
When this setting is enabled, the authentication information of a successfully authenticated
user is retained to enable smooth authentication when the user subsequently logs in.
When this setting is disabled, the previously retained cloud connection authentication
information of all users is deleted and authentication information is no longer retained.
Use IC Card for Authentication
Allows the IC card to be used when authenticating the user.
| Item | Description |
|---|---|
|
Only Card Authentication Approved |
User authentication is only for IC cards. |
|
Card / Front Panel Operation Authentication Approved |
User authentication is possible from both the IC card and the operation panel. |
Request Password at IC Card Authentication
This can be set when "Authentication Settings" is "Active Directory" and "Use IC Card
for Authentication" is enabled. When enabled, enter the password each time you authenticate
with the IC card. If disabled, the password will be entered when logging in with the
IC card for the first time, and the password information will be sent to the Active
Directory server. You can omit entering the password for the second and subsequent
logins.
Print jobs by users who have not registered user information in this machine, such
as jobs for which appropriate user information has not been entered in the printer
driver or when "DIRECTLY PRINTING A FILE ON AN FTP SERVER" is entered from the setting mode (administrator), are prohibited.
When user authentication is enabled, this setting specifies whether or not to enable
automatic logout.
The time until logout can be specified up to 240 seconds in increments of 10 seconds.
When entering passwords, including administrator passwords, during user authentication,
the number of incorrect password attempts is counted, and if the number of attempts
reaches the specified number (three), the user account is locked, and the user is
blocked from making any more attempts at authenticating their account until a period
of five minutes has elapsed. The number of incorrect entries made is counted separately
for each user, and the count is reset when the correct password is entered.
This prevents an unauthorised person from attempting to guess a password. (The number
of failed login attempts is retained even if the power is turned off.)
When user authentication is enabled, this setting specifies whether or not to include
the job status in user authentication.
Set whether the system information screen can be displayed before logging in.
Enable IPP authentication on a non-printer driver.
This setting allows you to limit the number of users who can edit the home screen.
This setting determines whether or not a job will be completed if the page limit is
reached while the job is in progress. The following settings can be configured.
When retention is enabled in the printer driver and print data has been spooled to
the machine, you can have the spooled print data automatically print out when the
user who enabled retention logs in.
After E-mail Status has been sent, the counter is reset.
Displayed only when E-mail Alert and Status is enabled.
This can be set when the job status is subject to user authentication.
When this setting is enabled, only the logged-in user's job is displayed on the job
status screen.
Applies the login name to the user name in the shared folder.
When user authentication is enabled, select whether the login name is shown or asterisks
are shown.
| Item | Description |
|---|---|
|
Display login name |
Show the login name. |
|
Display login name with "*" |
Hide the login name with asterisks. |
When user authentication is enabled, this setting specifies whether or not to display
the page counts of a user when the user logs in.
Settings you have created here is displayed on the login screen.
Card Scan Test
Perform a read test of the card to be used.
Card ID Registration/Change Authority
Set whether the logged-in user can register/change/delete his/her card ID information
in this machine.
Set when connecting a card reader/writer.
Version 02a / bpc542pw_usr_02a_en
