Hardware Thread, Ricoh Active Directory Authentication for scanning to folders in Technical; Hello all -
After searching and not turning up anything relevant I decided to post a question on here. My ...
27th February 2013, 12:19 AM #1
- Rep Power
Ricoh Active Directory Authentication for scanning to folders
Hello all -
After searching and not turning up anything relevant I decided to post a question on here. My situation is this: We are an AD shop. We have numerous Ricoh devices that I have never touched and, the way I understand it, users accounts are currently setup one-by-one in each device's local address book. Users can print and scan documents to their H: drives. Their ricoh mailbox account is setup with folder authentication with their AD username and password manually entered in the web console by a tech. The folder path is the UNC path to the person's H: drive. This works well, although cumbersome.
My problem is that we are going to be enforcing 90 day password changes starting next week and users will get failed authentications when trying to scan after their password changes. I understand that the Ricoh can work with AD and has LDAP authentication. My first question is, with Windows or LDAP authentication setup, how will the user be able to change their password in the address book? I'm assuming they do it right on the scanner?
Secondly, can LDAP or Windows Authentication pull the user's home directory attribute in their user account?
What I want is an easy way for the end users to be able to change their password on the ricoh, or even be prompted for their password when scanning a document to their h: drive. That said, do I even need to turn on LDAP authentication to get what I want? It would be great if new users could walk up, enter their ad username and password, and scan a doc right to their h: drive. Is this possible?
Thanks for your help in advance.
EDIT: I have also read that a way around the password change issue is to set the scanning up with a generic account who's password never changes and give it access to everyone's H: drive, thus eliminating the need for the each user to enter their username and pw. I don't prefer this method, but I was curious if anyone else has gone this route?
Last edited by caug; 27th February 2013 at 12:23 AM.
Reason: added additional info
IDG Tech News
27th February 2013, 09:02 AM #2
One way I can think of getting around this is
1. You have one AD account that scans to a seperate scans mapped drive / directory / unc path ( whatever you want to call it ) that has a folder / directory for each department and the users in each department only have access to there own departmental directory ie finanace cant open or get into the Sales directory or visa versa, thus using ACL's / NTFS Permissions etc
2. Use the same AD account to authenticate each of the pre programmed accounts in the copiers address book ( so Finanace / Sales / etc ) and make each pre programmed scans accounts UNC path point to the relevant sub directory so
3. With regards to changing password every 90 days - this can be done on or just before the 90 day period expires by yourself ( early in the morning or just before everyone goes home ) thus giving them another 90 days before it expires. Obviously the password change would have to be done both in A.D and on the MFD's in question, password changes for scan to folder can be done via the web gui on each MFD
If you want to use LDAP - only LDAP things I am aware of is doing scan to email and it pulls the users email addresses from A.D via LDAP, no authentication and the only draw back with this is that the mail servers tend to have a max limit on file attachments so obviously if there are large documents they are scanning then they may have to use scan to folder or another method ie scan to ftp etc to get this file in a digital format
Thanks to mac_shinobi from:
caug (28th February 2013)
27th February 2013, 09:06 AM #3
That's how we've done it here with a password protected account for confidential documents that scan to a folder only SLT and admin can see.
Originally Posted by mac_shinobi
Thanks to DocHouse from:
caug (28th February 2013)
28th February 2013, 03:09 AM #4
- Rep Power
Thanks you both for your inputs. After some more reading it seems that the single AD account is the only way to go.
It would be nice if the Ricoh could prompt for a user's credentials for authentication and let LDAP pull the user's h drive path and scan the doc there.
Thanks to caug from:
mac_shinobi (28th February 2013)
28th February 2013, 08:14 AM #5
This is how I used to do it on my Sharp devices. I found that when scanning to folders user would never empty them and you could soon have 2GB of scans. Best way I found was setup an LDAP query and do scan to email, not sure if the Richo devices can but again Sharp can, minimal admin required as it pulls from AD and then nothing to modify if user leaves/starts. Also as the user has to manage their mailbox it makes them sort it out once scanned.
Originally Posted by caug
28th February 2013, 09:27 PM #6
- Rep Power
Thanks, I'm aware that scanning to email is available but I think I'd rather them scan to their h drive. We currently have no policies on mailbox sizes and I'd rather have a couple GB of scans on my SAN than in Exchange databases.
By TheCrust in forum Virtual Learning Platforms
Last Post: 8th October 2012, 10:16 PM
By has in forum How do you do....it?
Last Post: 15th May 2012, 06:11 PM
Last Post: 22nd April 2012, 10:40 PM
By Little-Miss in forum Hardware
Last Post: 9th December 2010, 03:00 PM
By calapso in forum How do you do....it?
Last Post: 14th January 2009, 07:32 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread