Domain Authentication

A Windows server in which Active Directory is installed and a DNS server for name resolution are necessary to use Domain Authentication.

  • Windows Server to Install Active Directory (Domain Controller)
  • Software
  • Operating system:
    Microsoft Windows 2000 Server SP4
    Microsoft Windows Server 2003 SP1
    Microsoft Windows Server 2003 R2

  • System Requirements for Administrators and End Users
Operating System Software Web Browsers Java Runtime Environment
Windows 2000 Professional Microsoft Internet Explorer 6 SP1
  • Microsoft Internet Explorer 6:
    Sun Java Runtime Environment 1.4 or later
  • Microsoft Internet Explorer 7:
    Sun Java Runtime Environment 1.4 or later
Windows XP Professional Microsoft Internet Explorer 6 SP1,
Microsoft Internet Explorer 6 SP2,
Microsoft Internet Explorer 7
Windows Server 2003
Windows Server 2003 R2
Microsoft Internet Explorer 6 SP1,
Microsoft Internet Explorer 6 SP2,
Microsoft Internet Explorer 7
Windows Vista Microsoft Internet Explorer 7
Mac OS X v10.3 Safari 1.3.2 Sun Java Runtime Environment 5.0
Mac OS X v10.4 Safari 2.0.4

  • System Requirements for Administrators and End Users (When Using IPv6 Communications)
Operating System Software Web Browsers Java Runtime Environment
Windows XP Professional Microsoft Internet Explorer 6 SP2,
Microsoft Internet Explorer 7
  • Microsoft Internet Explorer 6:
    Sun Java Runtime Environment 1.4 or later
  • Microsoft Internet Explorer 7:
    Sun Java Runtime Environment 1.4 or later
Windows Server 2003
Windows Server 2003 R2
Microsoft Internet Explorer 6 SP2,
Microsoft Internet Explorer 7
Windows Vista Microsoft Internet Explorer 7

  • Other System Requirements
  • Access privilege to Windows 2000/2003 Domain Name System (DNS)
  • Access privilege to Domain Controller

Remark
  • The Java Runtime Environment must be installed to use a computer running Windows 2000 (Service Pack 4 or later), Windows XP Professional (Service Pack 1a or later), Windows Server 2003, or Windows Server 2003 R2 as a client computer. For information on obtaining the Java Runtime Environment, see the Sun Microsystems Web site.
  • When accessing the machine from a computer using IPv6 communications, JAVA 2 Runtime Environment Standard Edition 1.5 or later is required.
  • You must use the user logon name (pre-Windows 2000) registered in Active Directory in order to then enter a user name for Domain Authentication.
  • You can use only alphanumeric characters, . (period), - (hyphen), _ (underscore), or % (percent) for a user name for Domain Authentication. You can log in only if you use valid characters.
  • When using Internet Explorer, it is necessary to enable the Active X plugin.
  • If there is a difference between the language set on the machine and the one set on the Active Directory, the sender's Full name is not displayed on the e-mail recipient's machine.
  • If there is more than a 30 minute difference between the time set on the computer with Active Directory, the time set on the machine, and the time set on the computer used for logging in, an error occurs when you log in using Domain Authentication. To be able to log in using Domain Authentication, it is necessary to match the current time on both computers and the machine.
  • When using Domain Authentication, make sure you register an administrator. If you do not register an administrator, some settings and management functions will not be available, depending on the application. The method of registering differs depending on your system environment.
  • When using iW Accounting Manager, the users registered as administrators in iW Accounting Manager will also be recognized as administrators in Domain Authentication. For instructions on registering an administrator, see the manual for iW Accounting Manager.
  • When not using iW Accounting Manager, the users belonging to the group "Canon Peripheral Admins" in Active Directory will be recognized as administrators in Domain Authentication. Follow the instructions in the manual for Active Directory to create a group called "Canon Peripheral Admins," and register the administrators.

  • Server Ports Used

The following server ports are used when using Domain Authentication with SSO-H:

Port Number Application
53 Communication with the DNS server
88 Domain Authentication with the KDC (Key Distribution Center)
389 LDAP communications with the directory service
(Default is 389, but it can be changed to a user-defined port at in the LDAP service properties.)