+ Post New Thread
Results 1 to 6 of 6
Hardware Thread, Ricoh Active Directory Authentication for scanning to folders in Technical; Hello all - After searching and not turning up anything relevant I decided to post a question on here. My ...
  1. #1

    Join Date
    Feb 2013
    Posts
    3
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Ricoh Active Directory Authentication for scanning to folders

    Hello all -

    After searching and not turning up anything relevant I decided to post a question on here. My situation is this: We are an AD shop. We have numerous Ricoh devices that I have never touched and, the way I understand it, users accounts are currently setup one-by-one in each device's local address book. Users can print and scan documents to their H: drives. Their ricoh mailbox account is setup with folder authentication with their AD username and password manually entered in the web console by a tech. The folder path is the UNC path to the person's H: drive. This works well, although cumbersome.

    My problem is that we are going to be enforcing 90 day password changes starting next week and users will get failed authentications when trying to scan after their password changes. I understand that the Ricoh can work with AD and has LDAP authentication. My first question is, with Windows or LDAP authentication setup, how will the user be able to change their password in the address book? I'm assuming they do it right on the scanner?

    Secondly, can LDAP or Windows Authentication pull the user's home directory attribute in their user account?

    What I want is an easy way for the end users to be able to change their password on the ricoh, or even be prompted for their password when scanning a document to their h: drive. That said, do I even need to turn on LDAP authentication to get what I want? It would be great if new users could walk up, enter their ad username and password, and scan a doc right to their h: drive. Is this possible?

    Thanks for your help in advance.

    EDIT: I have also read that a way around the password change issue is to set the scanning up with a generic account who's password never changes and give it access to everyone's H: drive, thus eliminating the need for the each user to enter their username and pw. I don't prefer this method, but I was curious if anyone else has gone this route?
    Last edited by caug; 26th February 2013 at 11:23 PM. Reason: added additional info

  2. #2

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,785
    Thank Post
    3,292
    Thanked 1,054 Times in 975 Posts
    Rep Power
    365
    One way I can think of getting around this is

    1. You have one AD account that scans to a seperate scans mapped drive / directory / unc path ( whatever you want to call it ) that has a folder / directory for each department and the users in each department only have access to there own departmental directory ie finanace cant open or get into the Sales directory or visa versa, thus using ACL's / NTFS Permissions etc

    2. Use the same AD account to authenticate each of the pre programmed accounts in the copiers address book ( so Finanace / Sales / etc ) and make each pre programmed scans accounts UNC path point to the relevant sub directory so

    Finanace :

    \\Server\Scans$\Finanace

    Sales

    \\Server\Scans$\Sales

    3. With regards to changing password every 90 days - this can be done on or just before the 90 day period expires by yourself ( early in the morning or just before everyone goes home ) thus giving them another 90 days before it expires. Obviously the password change would have to be done both in A.D and on the MFD's in question, password changes for scan to folder can be done via the web gui on each MFD

    If you want to use LDAP - only LDAP things I am aware of is doing scan to email and it pulls the users email addresses from A.D via LDAP, no authentication and the only draw back with this is that the mail servers tend to have a max limit on file attachments so obviously if there are large documents they are scanning then they may have to use scan to folder or another method ie scan to ftp etc to get this file in a digital format

  3. Thanks to mac_shinobi from:

    caug (28th February 2013)

  4. #3
    DocHouse's Avatar
    Join Date
    Jul 2011
    Location
    brum
    Posts
    734
    Thank Post
    156
    Thanked 84 Times in 76 Posts
    Rep Power
    47
    Quote Originally Posted by mac_shinobi View Post
    One way I can think of getting around this is

    1. You have one AD account that scans to a seperate scans mapped drive / directory / unc path ( whatever you want to call it ) that has a folder / directory for each department and the users in each department only have access to there own departmental directory ie finanace cant open or get into the Sales directory or visa versa, thus using ACL's / NTFS Permissions etc

    2. Use the same AD account to authenticate each of the pre programmed accounts in the copiers address book ( so Finanace / Sales / etc ) and make each pre programmed scans accounts UNC path point to the relevant sub directory so

    Finanace :

    \\Server\Scans$\Finanace

    Sales

    \\Server\Scans$\Sales

    3. With regards to changing password every 90 days - this can be done on or just before the 90 day period expires by yourself ( early in the morning or just before everyone goes home ) thus giving them another 90 days before it expires. Obviously the password change would have to be done both in A.D and on the MFD's in question, password changes for scan to folder can be done via the web gui on each MFD

    If you want to use LDAP - only LDAP things I am aware of is doing scan to email and it pulls the users email addresses from A.D via LDAP, no authentication and the only draw back with this is that the mail servers tend to have a max limit on file attachments so obviously if there are large documents they are scanning then they may have to use scan to folder or another method ie scan to ftp etc to get this file in a digital format
    That's how we've done it here with a password protected account for confidential documents that scan to a folder only SLT and admin can see.

  5. Thanks to DocHouse from:

    caug (28th February 2013)

  6. #4

    Join Date
    Feb 2013
    Posts
    3
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks you both for your inputs. After some more reading it seems that the single AD account is the only way to go.

    It would be nice if the Ricoh could prompt for a user's credentials for authentication and let LDAP pull the user's h drive path and scan the doc there.

    Thanks again

  7. Thanks to caug from:

    mac_shinobi (28th February 2013)

  8. #5

    Join Date
    Oct 2008
    Location
    Lincolnshire
    Posts
    2,222
    Thank Post
    13
    Thanked 229 Times in 218 Posts
    Rep Power
    68
    Quote Originally Posted by caug View Post
    Hello all -
    EDIT: I have also read that a way around the password change issue is to set the scanning up with a generic account who's password never changes and give it access to everyone's H: drive, thus eliminating the need for the each user to enter their username and pw. I don't prefer this method, but I was curious if anyone else has gone this route?
    This is how I used to do it on my Sharp devices. I found that when scanning to folders user would never empty them and you could soon have 2GB of scans. Best way I found was setup an LDAP query and do scan to email, not sure if the Richo devices can but again Sharp can, minimal admin required as it pulls from AD and then nothing to modify if user leaves/starts. Also as the user has to manage their mailbox it makes them sort it out once scanned.

  9. #6

    Join Date
    Feb 2013
    Posts
    3
    Thank Post
    2
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks, I'm aware that scanning to email is available but I think I'd rather them scan to their h drive. We currently have no policies on mailbox sizes and I'd rather have a couple GB of scans on my SAN than in Exchange databases.

SHARE:
+ Post New Thread

Similar Threads

  1. Frog query - for those using Active Directory authentication
    By TheCrust in forum Virtual Learning Platforms
    Replies: 6
    Last Post: 8th October 2012, 09:16 PM
  2. Ricoh Gestetner MPC 3500 Scan to folder Issue
    By has in forum How do you do....it?
    Replies: 0
    Last Post: 15th May 2012, 05:11 PM
  3. Replies: 24
    Last Post: 22nd April 2012, 09:40 PM
  4. Ricoh Aficio MP 6000 stopped scanning to folder
    By Little-Miss in forum Hardware
    Replies: 3
    Last Post: 9th December 2010, 02:00 PM
  5. Active Directory-Script for Creating Bulk Users
    By calapso in forum How do you do....it?
    Replies: 8
    Last Post: 14th January 2009, 06:32 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •