SHARP

Language

Authentication Settings

Default Settings

This section describes the settings in [System Settings] → [Authentication Settings] → [Initial Settings] in "Settings (Administrator)".

User Authentication

This setting enables or disables user authentication and specifies the authentication method.
When the user authentication is enabled, each user of the machine is registered. When a user logs in, the separate authentication settings apply to the user. This function allows greater control of security and cost management than that on previous machines.
Even if user information is not stored on the machine, you can directly enter the user information stored in an LDAP server to log in the machine if necessary. In this case, the authentication information of the "User" being stored as factory default applies to the login user. For more information see " Users stored as factory default".

Factory default settings:
Disable

  • For the procedure for storing users, see " User List".
  • For details on login procedures when user authentication is enabled, see " USER AUTHENTICATION"".

User Authentication
When [User Authentication] is enabled, the authentication screen appears before an operation is carried out in any mode except the job status screen*.
Log in as an already registered user.
After logging in, you can move freely through the modes.

* The login screen appears when a document filing file is used or when a broadcast transmission is reattempted from the job status screen.

Authentication Settings

Set the location where user authentication is to be enabled.
Login Locally: User authentication is performed on this machine.
LDAP: User authentication by LDAP server.
Active Directory: User authentication by Active Directory.
Sharp OSA: Authenticate the user using the Sharp OSA application.

Factory default settings:
Login Locally

Default Network Authentication Server Setting

Use this to set the default network authentication server.
When you log into Setting mode (Web version) or send a print job to the machine using user information that is not registered in the machine, the authentication server is not known.
This setting is used to select one of the LDAP servers registered in the machine as the authentication server.

When login is performed by network authentication using user information that is not registered in the machine, the login user will be the "User" registered as factory default. For more information see " Users stored as factory default".

Specify network server access control

Register the access control information for page count limits, authorities, and favorite operations can be registered on an network server in advance. By using this network server for network authentication, perform the user authentication based on the registered access control information.
Use this function when user authentication is performed by network authentication using an LDAP server or a directory service (Active Directory, etc.).
Before using this function, configure settings for authentication by network server, obtain control numbers for the "Pages Limit Group", "Authority Group", "Favorite Operation Group", and "My Folder" (including base settings for each group), and associate these with the control numbers registered in the machine.
To use this function, add the properties associated with "Pages Limit Group", "Authority Group", "Favorite Operation Group", and "My Folder" to the directory information of the network server used for user authentication. The property information is indicated below. Settings previously stored in the machine cannot be changed.

Property Name of property in factory default state Settings

Pages Limit Group

pagelimit

Registration number of Pages Limit Group registered in the machine, or a group name previously registered in the machine.

Registration number of Authority Group registered in the machine, or a group name previously registered in the machine.

Unlimited: unlimited

Authority Group

authority

Registration number of Authority Group registered in the machine, or a group name previously registered in the machine.

Registration number of Authority Group registered in the machine, or a group name previously registered in the machine.

Admin: admin

User: user

Guest: guest

Favourite Operation Group

favorite

Registration number of Favourite

Operation Group registered in the machine, or a group name previously registered in the machine.

Following the System Settings: systemsettings

My Folder

myfolder

Folder name of user folder stored in the machine.

Do not enter if the default folder is specified.

Rename the properties that the machine obtains from the LDAP server as follows. In "Settings", select [Network Settings] → [LDAP Settings]. From the Global Address Book setting screen that is displayed, select [Linkage with User Control Function] and then select [Pages Limit Group], [Authority Group], [Favourite Operation Group] and [My Folder].
The [Pages Limit Group], [Authority Group], and [Favourite Operation Group] information that is registered in each machine determines the authority and settings that the user is actually granted. To use this function to ensure that users are granted the same authority and settings on any machine, register the [Pages Limit Group], [Authority Group], and [Favourite Operation Group] information with the same authority so that they will be registered in each machine using the same registration numbers.
For [My Folder], register the folder having the same name in [Custom Folder] in each machine.
The directory information of the network server that is used cannot be changed from the machine. Consult the administrator of the network server.
If 1000 users have already been manually registered, login will not be possible. Consult the administrator of the machine.

Factory default settings:
Disable

  • If Access Control is enabled and the access control information cannot be acquired from the authentication server, user authentication will not be possible.
  • If a user that is registered in the machine is authenticated by network authentication, the user registration settings in the machine will be given priority for the page count limit group, authority group, favorite operations group, and my folder.
  • If the access control obtained from the LDAP server is not registered in the machine, the factory default user authority will be applied.
  • When this function is not enabled and a user is authenticated by network authentication as a non-registered user, the factory default user authority will be applied.

Users auto-registered
When you log in by network authentication, your user information is automatically registered in the machine. The information stored is as follows:

Item Description

User Name

This information is acquired from the authentication server.*

Initial

1

Index

User1

Card ID

-

PIN Code/Password

-

Authentication Settings

-

Authentication Server

Network Authentication

E-mail Address

When Access Control is enabled, this information is acquired from the authentication server.

My Folder

Pages Limit Group

Authority Group

Favourite Operation Group

* If the user name cannot be acquired by network authentication, the first 16 characters of the text string used as the login name for network authentication is applied.

Authentication Method Setting

This selects the authentication method. When using user authentication, be sure to configure this setting first. The items to be configured for users stored after setting the user authentication method vary depending on the selected authentication method.
Authenticate a User by Login Name and Password
Standard authentication method using a login name and password.
Authenticate a User by Login Name, Password and E-mail Address
This authentication also checks the e-mail address, in addition to the login name and password of the user.
Authenticate a User by User Number Only
Use this option for simple authentication if you skip the network authentication.

Factory default settings:
Authenticate a User by Login Name and Password
  • The login screen will vary depending on the authentication method that is selected.
  • For more information see " USER AUTHENTICATION"".
  • When "Authenticate a User by User Number Only" is selected for the authentication method, network authentication cannot be used.
Case sensitivity of login name is enabled.
Set whether or not to make login names used at the time of user authentication case sensitive. If the checkbox is set to , login names with identical spelling but different cases (upper and lower) will be identified as different login names. Therefore, login names with identical spelling but different cases will be authenticated as user names of different users. If the checkbox is set to , case sensitivity for login names is disabled. Therefore, identically spelled user names with upper and lower case character differences will be authenticated as the user name of the same user.
Factory default settings:
Enable
If the selected checkbox is changed to , and identical user names with only upper and lower case character differences exist, the user names that have already been registered are identified as user names of different users.

Enable Quick Login

Enable " QUICK AUTHENTICATION".

Factory default settings:
Disable

Device Account Mode Setting

A specific user can be registered as an auto login user. When this option is enabled, the registered user can log in the machine automatically.
This function can eliminate each login procedure on the authentication screen and apply the selected user settings (such as network authentication and favorite operations). As an example, this enables uses such as "authentication for color copying only".
Also, you can temporarily log in as a user other than the auto login user, and operate the machine with the privileges of this user. To allow other users to log in temporarily when [Device Account Mode] is enabled, select [Allow Login by Different User].

Factory default settings:
Device Account Mode:Disable, Allow Login by Different User:Disable, Disable Home Edit Mode when in Device Account Mode:Disable

  • If you have logged in as the Auto Login user, and if you have failed automatic login due to some reasons or if you do not have the administrator's privileges, you cannot use the general setting modes or Setting mode. In that case, the administrator should tap the [Administrator Password] key on the Setting mode screen and log in again.
  • To log in as a user other than a fixed user when [Allow Login by Different User] is enabled, tap the [Logout] key to cancel the fixed user login state. When the user authentication screen appears, log in as the desired user again. After you have used the machine, tap the [Logout] key to log out as the current user.

Login User

This setting is used to select the auto login user when auto user login is enabled.

Settings for Using Authentication Information

Store User Information
Set whether or not automatically registered users are created.
Externally authenticated users in Sharp OSA can also be automatically registered.

Factory default settings:
Enable
Store Password
Set whether or not automatically registered users are created. Externally authenticated users in Sharp OSA can also be automatically registered.
Factory default settings:
Enable
Cache Period
Set whether or not automatically registered users are created.
Externally authenticated users in Sharp OSA can also be automatically registered.
Factory default settings:
Unlimited
Enable Offline Authentication with stored User Information
Allows the machine to be used in the event of a network failure, even when using network-based user authentication.
Factory default settings:
Disable
Enable Personalization when external authentication is used
Even if you use external authentication such as LDAP authentication, you can customize it for each user.
The items that can be customized are as follows.
Home screen icon, home screen text color, custom display pattern, display language, large text mode, favorites
Factory default settings:
Enable

Cache Authentication Information for External Service Connect

Set whether or not authentication information for connection to the cloud is retained as cache information.
When this setting is enabled, the authentication information of a successfully authenticated user is retained to enable smooth authentication when the user subsequently logs in.
When this setting is disabled, the previously retained cloud connection authentication information of all users is deleted and authentication information is no longer retained.

Factory default settings:
Enable

Card Setting

Use IC Card for Authentication
Allows the IC card to be used when authenticating the user.

Factory default settings:
Disable
Authentication Method Setting
Set the authentication method with the IC card.
Factory default settings:
Only Card Authentication Approved

Item Description

Only Card Authentication Approved

User authentication is only for IC cards.

Allow both use of IC card and input from the operation panel

User authentication is possible from both the IC card and the operation panel.

Request Password at IC Card Authentication
This can be set when "Authentication Settings" is "Active Directory" and "Use IC Card for Authentication" is enabled. When enabled, enter the password each time you authenticate with the IC card. If disabled, the password will be entered when logging in with the IC card for the first time, and the password information will be sent to the Active Directory server. You can omit entering the password for the second and subsequent logins.

Factory default settings:
Disable
Automatic Logout with a Card
Log out when you remove the IC card from the IC card reader/writer. (You can also log out by tapping the [Logout] key.)
Factory default settings:
Disable

Administration Settings

Disable Printing by Invalid User

Print jobs by users who have not registered user information in this machine, such as jobs for which appropriate user information has not been entered in the printer driver or when "DIRECTLY PRINTING A FILE ON AN FTP SERVER" is entered from the setting mode (administrator), are prohibited.

Factory default settings:
Disable

Automatic Logout Setting

When user authentication is enabled, this setting specifies whether or not to enable automatic logout.
The time until logout can be specified up to 240 seconds in increments of 10 seconds.

Factory default settings:
Enable

A Warning when Login Fails

When entering passwords, including administrator passwords, during user authentication, the number of incorrect password attempts is counted, and if the number of attempts reaches the specified number (three), the user account is locked, and the user is blocked from making any more attempts at authenticating their account until a period of five minutes has elapsed. The number of incorrect entries made is counted separately for each user, and the count is reset when the correct password is entered.
This prevents an unauthorized person from attempting to guess a password. (The number of failed login attempts is retained even if the power is turned off.)

Factory default settings:
Disable

  • Lockout only applies to the user who failed to login, not all users. Even if one user is locked out, the other users can still log in.
  • When LDAP or Active Directory network authentication is used, lockout is executed by the server, not the machine. Select appropriate lockout settings on the server.
  • If the same user has been locked out, the [Release Operation Lock Status] key is displayed in the "User Registration" screen for that user. An administrator can tap this key to carry out a manual clear.

Allow Remote Scanner Using Before Login.

This setting specifies whether scanning can be performed by remote operation before a user has logged in.

Factory default settings:
Disable

Include Job Status in user authentication

When user authentication is enabled, this setting specifies whether or not to include the job status in user authentication.

Factory default settings:
Disable

Display System Information Screen Before Login

Set whether the system information screen can be displayed before logging in.

Factory default settings:
Disable

Enable IPP Authentication Except for Printer Driver

Enable IPP authentication on a non-printer driver.

Factory default settings:
Enable

Actions when the user is authenticated

Actions when the Limit of Pages for Output Jobs

This setting determines whether or not a job will be completed if the page limit is reached while the job is in progress. The following settings can be configured.

  • Print through the end of the job
  • Stop the job
  • Cancel and delete the job during receiving
  • Factory default settings:
    Switch at End of Job

Automatically print stored jobs after login

When retention is enabled in the printer driver and print data has been spooled to the machine, you can have the spooled print data automatically print out when the user who enabled retention logs in.

Factory default settings:
Disable

Reset Counter After Sending E-mail Status

After E-mail Status has been sent, the counter is reset.
Displayed only when E-mail Alert and Status is enabled.

Factory default settings:
Disable

Disable display/change of other users' information in the job status

This can be set when the job status is subject to user authentication.
When this setting is enabled, only the logged-in user's job is displayed on the job status screen.

Factory default settings:
Disable

Set Email Address of Logged In User in the From/Sender Field of E-mail

When scanning E-mail transmissions (including resending) during user authentication, when [System Settings] → [Authentication Settings] → [Default Settings] → [Set Email Address of Logged In User in the From/Sender Field of E-mail] is enabled in "Settings (Administrator)", the user name and E-mail address of the logged-in user will be set as the From/Sender field of E-mail.
When the logged-in user has not registered an e-mail address or a job is configured to use digital signatures for sending e-mail in the S/MIME function, the settings in [System Settings] → [Network Settings] → [Service Settings] → [SMTP] (tab) → [Sender Name] and [Sender Address] will be entered.

Factory default settings:
Disable

When this function is enabled, sending may fail depending on the mail server environment. Contact your email provider in advance to check if this function is available.

Apply login name to the user name of network folder

Applies the login name to the user name in the shared folder.

Login Name Display

When user authentication is enabled, select whether the login name is shown or asterisks are shown.

Factory default settings:
Display login name

Item Description

Display login name

Show the login name.

Display login name with "*"

Hide the login name with asterisks.

Display Usage Status after Login

When user authentication is enabled, this setting specifies whether or not to display the page counts of a user when the user logs in.

Factory default settings:
Disable

Edit Help Display of Login Screen

Settings you have created here is displayed on the login screen.

Card Reader Settings

Condition Settings

Card Scan Test
Perform a read test of the card to be used.
Card ID Registration/Change Authority
Set whether the logged-in user can register/change/delete his/her card ID information in this machine.

Factory default settings:
Disable

Check System Code only in FeliCa User Area mode
Check the System Code only in FeliCa User Area mode.

Factory default settings:
Disable
Check Facility Code in HID Mode
Set whether to check the facility code when using a HID card.
When this setting is enabled, the facility code (up to 128 single-byte characters) is registered.
Factory default settings:
Disable
Import from Configuration file
When you enter the configuration file name and tap the [Execute] key, the card area settings are read from the configuration file. If you tap the [Clear] key, all files that match the current search conditions are deleted.
Facility Code
Enters the facility code of a HID card. When you tap the [Store] key, the facility code is stored.

Card Reader Device Registration

Set when connecting a card reader/writer.

This setting can be set in the setting mode of this machine.
Language

Version 03a / bp70m65_usr_03a_us

↑Top of page