This setting enables or disables user authentication
and specifies the authentication method.
When the user authentication is enabled, each user of the
machine is registered. When a user logs in, the separate authentication
settings apply to the user. This function allows greater control
of security and cost management than that on previous machines.
Even if user information is not stored on the machine, you
can directly enter the user information stored in an LDAP server
to log in the machine if necessary. For more information see "
Users stored as factory default".
User Authentication
When [User Authentication] is enabled, the authentication screen appears
before an operation is carried out in any mode except the job status
screen*.
Log in as an already registered user.
After logging in, you can move freely through the modes.
* The login screen appears when a document filing file is used or when a broadcast transmission is reattempted from the job status screen.
Set the location where user authentication is to be
enabled.
Login Locally: User authentication is performed on this machine.
LDAP: User authentication by LDAP server.
Active Directory: User authentication by Active Directory.
Sharp OSA: Authenticate the user using the Sharp OSA application.
Use this to set the default network authentication server.
When you log into Setting mode (Web version) or send a print
job to the machine using user information that is not registered
in the machine, the authentication server is not known.
This setting is used to select one of the LDAP servers registered
in the machine as the authentication server.
Register the access control information for page count
limits, authorities, and favourite operations can be registered
on an network server in advance. By using this network server for
network authentication, perform the user authentication based on
the registered access control information.
Use this function when user authentication is performed by
network authentication using an LDAP server or a directory service
(Active Directory, etc.).
Before using this function, configure settings for authentication
by network server, obtain control numbers for the "Pages Limit Group",
"Authority Group", "Favourite Operation Group", and "My Folder"
(including base settings for each group), and associate these with
the control numbers registered in the machine.
To use this function, add the properties associated with "Pages
Limit Group", "Authority Group", "Favourite Operation Group", and
"My Folder" to the directory information of the network server used
for user authentication.
The property information is indicated below. Settings previously
stored in the machine cannot be changed.
Property | Name of property in factory default state | Settings |
---|---|---|
Pages Limit Group |
pagelimit |
Registration number of Pages Limit Group registered in the machine, or a group name previously registered in the machine. Unlimited: unlimited |
Authority Group |
authority |
Registration number of Authority Group registered in the machine, or a group name previously registered in the machine. Admin: admin User: user Guest: guest |
Favourite Operation Group |
favourite |
Registration number of Favourite Operation Group registered in the machine, or a group name previously registered in the machine. Following the System Settings: systemsettings |
My Folder |
myfolder |
Folder name of user folder stored in the machine. Do not enter if the default folder is specified. |
Rename the properties that the machine obtains from
the LDAP server as follows. In "Settings", select [Network Settings] →
[LDAP Settings]. From the Global Address Book setting screen that is
displayed, select [Linkage with User Control Function] and then select [Pages Limit
Group], [Authority Group],
[Favourite Operation Group] and [My Folder].
The [Pages Limit Group], [Authority Group], and [Favourite Operation Group] information
that is registered in each machine determines the authority and
settings that the user is actually granted. To use this function
to ensure that users are granted the same authority and settings
on any machine, register the [Pages Limit Group], [Authority Group], and [Favourite
Operation Group]
information with the same authority so that they will be registered
in each machine using the same registration numbers.
For [My Folder], register the folder having the same name
in [Custom Folder] in each machine.
The directory information of the network server that is used
cannot be changed from the machine. Consult the administrator of
the network server.
If 1000 users have already been manually registered, login
will not be possible. Consult the administrator of the machine.
Users auto-registered
When you log in by network authentication, your user information
is automatically registered in the machine.
The information stored is as follows:
Item | Description |
---|---|
User Name |
This information is acquired from the authentication server.* |
Initial |
1 |
Index |
User1 |
Card ID |
- |
PIN Code/Password |
- |
Authentication Server Settings |
- |
Authentication Server |
Network Authentication |
E-mail Address |
When Access Control is enabled, this information is acquired from the authentication server. |
My Folder |
|
Pages Limit Group |
|
Authority Group |
|
Favourite Operation Group |
* If the user name cannot be acquired by network authentication, the first 16 characters of the text string used as the login name for network authentication is applied.
This selects the authentication method. When using user
authentication, be sure to configure this setting first. The items to
be configured for users stored after setting the user authentication
method vary depending on the selected authentication method.
Authenticate a User by Login Name and Password
Standard authentication method using a login name and password.
Authenticate a User by Login Name, Password and E-mail Address
This authentication also checks the e-mail address, in addition
to the login name and password of the user.
Authenticate a User by User Number Only
Use this option for simple authentication if you skip the
network authentication.
Enable "
QUICK AUTHENTICATION".
A specific user can be registered as an auto login user.
When this option is enabled, the registered user can log in the machine
automatically.
This function can eliminate each login procedure on the authentication
screen and apply the selected user settings (such as network authentication
and favourite operations). As an example, this enables uses such
as "authentication for copying only".
Also, you can temporarily log in as a user other than the
auto login user, and operate the machine with the privileges of this
user. To allow other users to log in temporarily when [Device Account Mode]
is enabled, select [Allow Login by Different User].
This setting is used to select the auto login user when
auto user login is enabled.
Store User Information
Set whether or not automatically registered users are created.
Externally authenticated users in Sharp OSA can also be automatically
registered.
Set whether or not authentication information for connection
to the cloud is retained as cache information.
When this setting is enabled, the authentication information
of a successfully authenticated user is retained to enable smooth
authentication when the user subsequently logs in.
When this setting is disabled, the previously retained cloud
connection authentication information of all users is deleted and
authentication information is no longer retained.
Use IC Card for Authentication
Allows the IC card to be used when authenticating the user.
Item | Description |
---|---|
Only Card Authentication Approved |
User authentication is only for IC cards. |
Card / Front Panel Operation Authentication Approved |
User authentication is possible from both the IC card and the operation panel. |
Request Password at IC Card Authentication
This can be set when "Authentication Settings" is "Active Directory" and "Use IC Card
for Authentication"
is enabled. When enabled, enter the password each time you authenticate
with the IC card. If disabled, the password will be entered when
logging in with the IC card for the first time, and the password
information will be sent to the Active Directory server. You can
omit entering the password for the second and subsequent logins.
Print jobs by users who have not registered user information
in this machine, such as jobs for which appropriate user information
has not been entered in the printer driver or when "
DIRECTLY PRINTING A FILE ON AN FTP SERVER" is entered from
the setting mode (administrator), are prohibited.
When user authentication is enabled, this setting specifies
whether or not to enable automatic logout.
The time until logout can be specified up to 240 seconds in
increments of 10 seconds.
When entering passwords, including administrator passwords,
during user authentication, the number of incorrect password attempts
is counted, and if the number of attempts reaches the specified
number (three), the user account is locked, and the user is blocked
from making any more attempts at authenticating their account until
a period of five minutes has elapsed. The number of incorrect entries
made is counted separately for each user, and the count is reset when
the correct password is entered.
This prevents an unauthorised person from attempting to guess
a password. (The number of failed login attempts is retained even
if the power is turned off.)
This setting specifies whether scanning can be performed
by remote operation before a user has logged in.
When user authentication is enabled, this setting specifies
whether or not to include the job status in user authentication.
Set whether the system information screen can be displayed
before logging in.
Enable IPP authentication on a non-printer driver.
This setting allows you to limit the number of users
who can edit the home screen.
This setting determines whether or not a job will be
completed if the page limit is reached while the job is in progress.
The following settings can be configured.
When retention is enabled in the printer driver and
print data has been spooled to the machine, you can have the spooled
print data automatically print out when the user who enabled retention
logs in.
After E-mail Status has been sent, the counter is reset.
Displayed only when E-mail Alert and Status is enabled.
This can be set when the job status is subject to user
authentication.
When this setting is enabled, only the logged-in user's job
is displayed on the job status screen.
When scanning E-mail transmissions (including resending)
during user authentication, when [System Settings] → [Authentication
Settings] → [Default Settings] → [Set E-mail Address of Logged In
User in the From/Sender Field of E-mail] is enabled in "Settings
(Administrator)", the user name and E-mail address of the logged-in
user will be set as the From/Sender field of E-mail.
When the logged-in user has not registered an e-mail address
or a job is configured to use digital signatures for sending
e-mail in the S/MIME function, the settings in [System Settings]
→ [Network Settings] → [Service Settings] → [SMTP]
(tab) → [Sender Name] and [Sender Address] will be entered.
Applies the login name to the user name in the shared
folder.
When user authentication is enabled, select whether
the login name is shown or asterisks are shown.
Item | Description |
---|---|
Display login name |
Show the login name. |
Display login name with "*" |
Hide the login name with asterisks. |
When user authentication is enabled, this setting specifies
whether or not to display the page counts of a user when the user
logs in.
Settings you have created here is displayed on the login
screen.
Card Scan Test
Perform a read test of the card to be used.
Card ID Registration/Change Authority
Set whether the logged-in user can register/change/delete
his/her card ID information in this machine.
Set when connecting a card reader/writer.
Version 03a / bp70m65_usr_03a_en