PDA

View Full Version : Joining a domain for single sign on


Custom Search


rrrohan
03-15-2018, 01:25 PM
Having some issues joining to a domain. It's 1st time i have tried.

IT says it want hostname of copier, domain and admin credentials.

Provided all that but no good.

I see there are different authentication methods also

Active directory
LDAP
Ntlm v1 v2 and v3

Problem is customers IT obviously doesn't want to give me the domain password and he got fed up with typing it in as i did some trial and error.

Any tips?
I'm sure im missing something simple

Synthohol
03-15-2018, 11:11 PM
what about joining a domain? they should be printing by IP not windows lame SMB printing.
if the SMB scanning is an issue you can try their domain name under workgroup otherwise the scan credentials may need to include the domain name first.
ie: copytechnet\synthohol
ill send you the SMB guide links via PM.

blackcat4866
03-15-2018, 11:37 PM
I think he's trying to authenticate the machine against LDAP, to control usage. =^..^=

Synthohol
03-16-2018, 12:52 AM
so in admin there is authenticate to external server.
also he should create a user called service and give you a password. that might help!!

rrrohan
03-16-2018, 04:14 AM
single user sign on is so that we can link to AD so user authetication is managed by AD and not the local copier.
its also so that when we roll out the driver we dont have to manually assign credentials.

keep in mind this is the plan, i have never attempted it.

Also i get the impression this will also allow self association of swipe cards.

all of this is worth the effort of researching as they are rolling out over 10 copiers and not having to do this on each will drain the life from me


so in admin there is authenticate to external server.
also he should create a user called service and give you a password. that might help!!

i told him he can always change the password once i get it working but he made it seem like a huge security issue like he was in the military.

B0265
03-16-2018, 11:42 AM
Is the MFP setup with external server authentication?

From the user's guide:
Join the machine to the Active Directory domain and establish the single sign-on environment.
You can set this option by selecting [External Server Authentication] or [Main + External Server] in
[Administrator Settings] - [User Authentication/Account Track] - [General Settings] - [User Authentication] -
[Authentication Method].

Self association of swipe cards is another story, search for "LDAP-IC Card Authentication Setting" in the user's guide.

EarthKmTech
03-16-2018, 12:11 PM
huge security issue like he was in the military.

Funny that, considering this is the exact setup that is used in such places here

rrrohan
03-17-2018, 03:49 AM
Funny that, considering this is the exact setup that is used in such places here

wow you have the military domain password? I cant even get a real estate domain password half the time lol

EarthKmTech
03-18-2018, 04:47 AM
wow you have the military domain password? I cant even get a real estate domain password half the time lol

No, their ICT sets that all up.

Real estate agents are usually pretty relaxed with network security I've found, a little too relaxed. A mixture of branch owned PC's and personal laptops running god knows what and half the people not even there when you want to do an install. Some can be extremely finicky about the most trivial issues and are nickel and dime customers while others are relaxed and pump out massive volumes of colour too. Luck of the draw.

rrrohan
03-18-2018, 11:40 AM
No, their ICT sets that all up.

Real estate agents are usually pretty relaxed with network security I've found, a little too relaxed. A mixture of branch owned PC's and personal laptops running god knows what and half the people not even there when you want to do an install. Some can be extremely finicky about the most trivial issues and are nickel and dime customers while others are relaxed and pump out massive volumes of colour too. Luck of the draw.

so you got experiance setting it up or you handball it to the IT.

none of our techs really interested in figuring out the more advanced configs if it takes more than 10 mins to get working so if I dont work it out I fully expect it will never be used.

are you able to offer any pointers?

It did give us various errors but all very vague.

one was that it couldnt connect and the other was "unspecified error"

i will get exact wording of the error tomorrow

Custom Search