How to Enable Group Level Authentication

You can enable and configure authentication for devices in a group.

A group uses the authentication settings if you do not enable authentication for the group.
  1. If necessary, double-click the Fuji Xerox AIP component in a workflow to open the Fuji Xerox AIP dialog box.
  2. On the Groups tab, click on the group and then click Edit on the menu bar.
  3. Click the Authentication tab and select the Requires Authentication check box.
  4. If you want to use the same authentication settings that were configured for the component, select the Use Global Authentication Settings box, and then skip to step 7.
  5. In Authentication Type box, select the authentication method you want to use:
    Authentication Type Description
    None Authentication is disabled.
    Windows This prompts the user for a Windows user name, domain and password.

    Under Windows, enter the default domain in the Domain box. Do not use the fully qualified Domain Name Server (DNS) domain name. Do not use top level domain qualifiers such as .com, .net or .org. For example, if the user is listed as mydomain/user1 or, then in a User Principal Name (UPN) format, the domain should be “mydomain” and NOT “”.

    Note: If the device is configured to use an Authentication Server with authentication type SMB, then the credentials provided will be used by Workflow server. If the authentication type of the device is something other than SMB, then in addition to Workflow server login screen, the device’s authentication screen is also displayed.
    Custom Script The administrator has full control over the prompts that will be presented to the user as well as how the prompts are validated. LDAP may be used for authentication of lookup data.

    Under Custom Script, in the Script File Path box, enter the full path to the script file.

    • To specify an existing script, click the browse button (...).
    • To create a script, click the Edit Script Code button to open a script editor window with basic script code.

      For details on the script editor window and the object model used to authenticate users, click Help in the script editor to refer to the Fuji Xerox AIP Script documentation.

    Click the Prompts button to configure the prompts that will be used to collect user information. For more information about the Authentication Prompts settings, see Authentication Prompts Dialog Box.

  6. To look up the email address and other attributes about the authenticated user, select the Use an LDAP Search to retrieve additional user information check box and click Configure to specify the LDAP Lookup Settings.
    For information about the LDAP Lookup Settings options, see LDAP Lookup Settings Dialog Box.
    Note: When Windows authentication is selected as the Authentication Type, the email address is retrieved automatically as part of the authentication, so an LDAP search is not required if only the email address is needed.
  7. Optional: To query the device for credentials, select the Query device authentication session for credentials check box.
  8. Click the General tab.
  9. For Temporary Repository, select one of the following:
    • Internal FTP — This option will use internal FTP settings.
    • External FTP — This option will use external FTP settings that were configured for creating optional temporary repositories by the Local FTP settings on the Preferences tab of the Fuji Xerox AIP configuration dialog box.
    • Internal HTTP(S) — The internal web server will be used to receive scanned documents. Select the SSL option to use the SSL protocol when transmitting scanned documents to the AutoStore server.
    Use one of the FTP options if you anticipate scanning documents with more than 200 pages. The maximum number of pages that can be scanned with HTTP or HTTPS is 200.
  10. In the Associated MFP Addresses list, add or remove devices to which you want to apply the new settings.
  11. When you are finished editing the group, click the OK button.