Skip to main content

User authentication - RICOH

User authentication is a process for authorised users to validate that they are who they say they are, by some pre-arranged criteria.

Typically, user authentication is required to allow access to electronic devices, networks, or services. A common user authentication process is accessing bank accounts at an automatic teller machine (ATM). This requires us to enter a bank-issued security card, followed by a personal identification number (PIN) at the keypad.

Because user authentication is a part of daily life, the requirement for user authentication to access office automation equipment at work is a standard expectation.

User authentication methods

Supported Ricoh multifunction products (MFPs) provide four methods to control user access:

  • Windows authentication
  • LDAP authentication
  • Basic authentication
  • User codes.

 

Windows authentication

Users are required to log on to the device using their existing Windows network username and password. Only users with a valid username and password can access the device.

User access can be limited to any, or all of the MFP functions—print, scan, copy, and document server.

Print jobs can only be sent from PCs logged in with a valid username and password. The device uses the authenticated user’s identification details by default, for example, Scan to email messages are sent from the user’s email address. This means that the sender’s address cannot be falsified.

An administrator can set up groups with access to a particular set of functions, and then assign individuals to each group.

Windows authentication provides the following benefits:

  • Users only need to remember their Windows network username and password which they use every day to access their PCs
  • Existing IT infrastructure is used, so additional administration and maintenance is not required.

LDAP authentication

Users log on to the device with their username and password which is stored on the LDAP server.

Without a valid username and password, the device can’t be accessed.

When LDAP authentication is enabled, user credentials, specifically the username and email address registered on the LDAP server, can automatically be copied to the MFPs’ address book
when the user logs on. This enables users to select their Homefolder location as a destination when using Scan to folders.

LDAP authentication provides the following benefits:

  • There’s no additional password to remember—the user logs on with their existing username and password
  • The LDAP address book can be downloaded to the MFP, so there is no need to manually register individuals in the address book.
Kerberos authentication

Windows and LDAP authentication can be performed using Kerberos authentication and can be configured at the operation panel.

Kerberos provides strong authentication for client/server applications by using symmetric secret-key cryptography.

Note: Refer to the Encryption whitepaper on the Library page of the Sales Knowledge Centre for more information on secret-key cryptography.

A network client can prove its identity to a server, and vice versa, across an insecure network connection. After a client and server have used Kerberos to prove their identity, they can also
encrypt all of their communication to ensure privacy and data integrity as they go about their business.

Kerberos authentication is used in most networks—from basic networks with a single server, through to complex enterprise implementations where a trust relationship needs to be in place between multiple organisations.


Basic authentication

Basic authentication requires users to log on to the MFP using their username and password that have been manually registered on the MFP by an administrator. This is useful for customers who are using a network infrastructure that includes a centralised authentication server, for example, Windows, Novell, Macintosh, or LDAP.

Basic authentication provides similar features to Windows authentication—for example, customers can:

  • Restrict access to each MFP function
  • Limit access to stored files and personal data inthe address book.

Basic authentication is more advanced than user codes because it requires both a username and a password for each individual—rather than a single code that can be used by multiple users.

User codes

User codes are eight-digit codes that are used to control user access to MFP functions. For example, users may be given access to copy functions, but not fax functions:

UserCopyPrintScanFaxDocument
server
User code 1YesYesNoNoYes
User code 2NoNoYesYesYes
User code 3YesYesYesYesNo

Maintaining password security

Encrypting logon passwords and using IPsec and SSL simultaneously for user and administrator authentication, is recommended to protect passwords from being hacked.

Device requirements

The MFP requires either, standard printer functionality, or the optional printer unit, or printer/scanner unit to support Windows and LDAP authentication methods.

Labels:

Comments

Post a Comment

Popular posts from this blog

Scan to USB/SD - RICOH MFP Feature

Scan to USB/SD is a Ricoh scan function enabling users to scan documents directly to a USB memory device or an SD card. How does it work? From supported Ricoh multifunction products (MFPs) with USB/SD slots, users insert their USB/SD card, and follow the instructions on the operation panel to scan their document to the memory device.  When the user removes their USB/SD card from the MFP, they can access their scanned files immediately with their PC, laptop, or other mobile device. Which file formats are supported? Scan to USB/SD supports PDF/A, single-page TIFF, JPEG, PDF, and high compression PDFs, as well as multi page TIFF, PDF and high compression PDF file formats. Can the scan be enlarged or reduced? Ricoh MFPs with a GWNX controller allow users to automatically reduce or enlarge the size of their scan to a different supported paper size. For example, an A4 size document can be scanned to A5 paper size. This is ideal to save both storage space, and paper, if the document will be p
Post a Comment
Read more

Total Cost of Ownership (TCO)

When a customer buys a Ricoh device, the Total Cost of Ownership (TCO) includes the purchase price and the running costs over the lifetime of the product. The TCO is calculated in steps, using these costs and quantities: Cost of supplies and consumables Expected yield of supplies and consumables Document volumes Expected lifespan of the device Purchase price. Many different software tools are available, via the internet and from your sales manager, to help you calculate TCO. Four steps to calculate TCO There are basically four steps to calculate the TCO: Step 1:  Calculate Cost Per Page (CPP) Step 2:  Calculate average monthly running cost Step 3:  Calculate lifetime running cost Step 4:  Calculate TCO. You can use these steps to calculate the TCO of a Ricoh device and a competitor's device. The difference in TCO between different devices is an important part of the sales approach, when TCO is an advantage. This column contains the business overview. Step 1: Calculate Cost Per Page
Post a Comment
Read more