I am trying to enable LDAP authentication on a BizHub 363 machine. After importing certificates and configuring settings it finally worked, but the machine authenticates every user of the domain that has provided a valid (enabled) user name and password. I specifically configured the Search Base parameter but it seems that the machine ignores what I enter in this field - it always authenticates all users although I enter the distinguished name of the start OU from where the search of the user must begin in the format OU=MyOU,OU=MyUpperOU,DC=MyDomain,DC=MyTLD. Does this field play any role at all?

20167

If you have entered in your search base incorrectly, then the machine may sometimes ignore the input and just search from the Top Level of your domain.

Are you sure that the users are contained within an OU (Organisational Unit) and not a CN (Container)?

http://www.copytechnet.com/forums/connectivity/68472-ldap-dummies.html

Thanks for your reply. I actually enter OU=,OU=,DC=,DC and not CN=,OU=,DC=,DC=. But it makes sense to enter the CN of the OU. I'll give it a try and report back.

It didn't work either way. The users are in an OU, not in a container. The OUs had spaces in them, so I renamed them to an underscore just to make sure. But nevertheless, the machine authenticates every user. Is it possible that this is a software bug in the MFD? Is there a log somewhere on the machine that I can use to diagnose this?

My next suggestion was to upgrade the firmware.

Unfortunately there is no newer software for this device, support has probably been discontinued. I assume there's nothing more I can do about this. Thanks for your time and cooperation.

What version are you running?

According to Konica Minolta, the latest version is GCJ-D6, but this could be for Australia only as not all firmware versions go accross the globe.

Pagescope reports following information, but which of these should I look at?



ROM Version



MFP Controller BOOT Program
A1UD0Y0-1E00-G00-02(00)


MFP Controller SubSet
A1UD0Y0-1F00-G00-04(00)


MFP Controller
A1UD0Y0-0100-G00-D6(00)


Operation Panel Message Data
A1UD0Y0-8100-G00-D4-00


Fax Board Controller1



Fax Board Controller2



Scanner
A1UD0Y0-0023-G91-0F


Printer
A1UD0Y0-0050-G00-15


ADF
A1430Y0-0024-G00-12


Finisher



Panel CPU
A0P00Y0-8900-G00-00


DSC1



DSC2



LCT



Loadable Device Driver



SD



Voice Data



Movie Data
A1UD0Y0-A000-G00-00


Dictionary Data
A1UD0Y0-B000-G00-0000


OCR Library



MFP Controller System
A1UD0Y0-1000-G00-D6(00)


MFP Controller Print Controller
A1UD0Y0-3000-G00-67


MFP Controller Print Controller Font
A1UD0Y0-3F00-G00-0D


MFP Controller Print Controller Demo Page
A1UD0Y0-3E00-G00-00


MFP Controller MIO
A1UD0Y0-5000-G00-09(00)


MFP Controller PSWC
A1UD0Y0-5100-G00-10(00)


MFP Controller MIB IF
A1UD0Y0-5200-G00-00


MFP Controller IPP IF
A1UD0Y0-5200-G00-00


MFP Controller Outside Controller IF



MFP Controller TCP/Socket
A1UD0Y0-6300-G00-21(00)


MFP Controller OPEN API
A1UD0Y0-7000-G00-13(00)


MFP Controller Operation Panel
A1UD0Y0-8000-G00-D6(00)


MFP Controller CSRC Control Body
A1UD0Y0-8300-G00-01


MFP Controller PIC
A1UD0Y0-8200-G00-A5

The MFP Controller version is stating that you are running G00-D6 which is the mass production firmware release, but there should a new version of D6 available.

Try this setting via Web Connection in "Setting Up LDAP":
- Use Referral = OFF

For faster search change the <OR> operator to <Begin with> for each field
under "Initial Setting for Search Details"

I couldn't find any way to update the firmware - on the website there is neither a firmware package nor a tool or updater to download.

As for the LDAP - I actually have not configured this LDAP page since I thought this is only for searching addresses and contacts via LDAP. Does it also play any role in authentication? I have set up only the External Server setting with an LDAP entry.