JP5297334B2 - MFP control system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a multi-function peripheral control system that ensures proper authentication management even in recovery from a network failure or the like, when an authentication server connected to a network is used for authentication for a multi-function peripheral. <P>SOLUTION: When a multi-function peripheral cannot be connected to an authentication server, alternative authentication means provided in the multi-function peripheral is used for authentication. When the authentication server is used in place of the alternative authentication means, the authentication server authenticates again a user who has executed a standby job, while standby jobs rejected are deleted. Further, restriction information about authenticated user is obtained from the authentication server and used as restriction information for the alternative authentication means. <P>COPYRIGHT: (C)2011,JPO&amp;INPIT

Description

  The present invention relates to a multifunction machine control system in which a multifunction machine having multiple functions and an authentication server that performs authentication processing and totalization management of jobs executed by the multifunction machine are connected to a network.

  In general, in an environment where a user can select any one of a plurality of image forming apparatuses and perform copying, printing, facsimile transmission, etc., authentication, authority limitation, output number limitation, accounting management for each user For example, a plurality of image forming apparatuses and an authentication server are connected to a network, and the above management is centrally managed by the authentication server.

  However, if the authentication server cannot be authenticated due to a down or network failure, the user cannot use the image forming apparatus.

  For this reason, in the authentication system of Patent Document 1, if the authentication server cannot be authenticated due to a network failure or the like by providing the image forming apparatus with the second authentication unit, the second authentication unit performs authentication. Thus, the image forming apparatus can be used.

By the way, when charging processing is performed by the charging server, the image forming apparatus transmits total information to the charging server at the timing when the job is completed.
However, it is conceivable that the total information will be missed only by transmitting the total information at the end timing. Therefore, the job start notification is also transmitted to strictly manage the total of jobs. This is because when the end notification of a job that has received a start notification is not acquired even after a certain period of time, the image forming apparatus is inquired about the status of the job, and when the job is completed, the total information is acquired and corrected. ing.

  Also, in an image forming system such as that disclosed in Patent Document 2, if the billing server is temporarily unable to receive tabulation information from the image forming apparatus, the tabulation information is stored inside the image forming apparatus and connected to the billing server. When restarting, the total information of the image forming apparatus is reflected in the total information of the accounting server.

JP 2006-92018 A JP 2009-170994 A

In the case of an authentication system such as Patent Document 1, when a network failure or the like is restored, the second authentication unit is switched to the authentication server.
However, it has been authenticated by the second authentication means and has not yet been executed, for example

(1) Scan reading has been completed, but the job is set to send after a certain period of time (transmission reservation job)
(2) Jobs waiting for printing to start although print data has been transmitted to the image forming apparatus due to successive print reservations (jobs waiting to be executed in the job queue)

Such a job is operated based on the output sheet number limit set at that time after the authentication by the second authentication unit and the confirmation of the authority limit are completed.
In this case, there is no problem when the output number limit information managed by the second authentication unit and the output number limit information managed by the authentication server are the same.
However, if the output number limit information on the authentication server side is reduced while operating while switching to the second authentication means, the operation is performed according to the output number limit information set by the second authentication means. Is not desirable.

  In the case of a job that has been authenticated by the second authenticating means and has not yet been executed, the start notification is not transmitted to the authentication server, and only the end notification is transmitted. If the end notification for such a job is missed, the counting result will be different from the actual usage status, which is not preferable for an authentication server that operates by appropriately processing both the start notification and the end notification. Is the action.

  The present invention has been made in consideration of the above situation, and when performing authentication management and aggregation management of a multifunction machine by an authentication server connected to the network, strict authentication is possible even when a network failure is recovered. The purpose is to provide a multifunction device control system that can perform management and appropriate tabulation management.

In order to solve the above problems, the present invention has a user information management database that stores authentication information and restriction information corresponding to each user, and performs user authentication processing with reference to the user information management database. The authentication server and one or more multifunction devices managed by the authentication server, the multifunction device having a user information management table storing authentication information and restriction information corresponding to each user, and the authentication When connection with the server is possible, user information is sent to the authentication server to perform authentication processing. When connection with the authentication server is not possible, the user authentication information is referred to the user information management table of the multifunction peripheral and the alternative authentication is performed with the multifunction peripheral. To the MFP control system that transmits the job processing result subjected to the alternative authentication process to the authentication server when the connection to the authentication server is restored. When the authentication server becomes connectable, the MFP transmits user information to the authentication server for the job being executed and the job in the standby state, and the authentication server re-authenticates the user information. And job deletion means for deleting a job that has been rejected by re-authentication.
Further, the multifunction device may include a deletion job notification unit that notifies that the disabled job has been deleted.

  Further, when re-authentication of the user information is permitted, the authentication server transmits the restriction information of the user in the user information management database to the multifunction peripheral, and the multifunction peripheral manages the user information management based on the received restriction information. An updating means for updating the table may be provided.

  In the above-described multifunction peripheral control system, the multifunction peripheral includes a transmission unit configured to transmit, to the authentication server, a notification of a start time of the job started during alternative authentication for the job being executed that is permitted by the re-authentication. I have.

  According to the present invention, even when the user information, the function restriction information, and the output number restriction information registered in the authentication server are updated while being separated from the authentication server and performing alternative authentication, the connection of the authentication server is possible. At the time of recovery, the authentication server again authenticates the job being executed and waiting, and the job that could not be authenticated is deleted, so that strict authentication management can be performed.

  In addition, if the authentication server monitors and summarizes both job start and end notifications, it authenticates job start notifications that have already started through alternative authentication when the authentication server connection is restored. Since it is sent to the server, it is possible to prevent the aggregation information from being missed.

  In addition, when a job that was permitted in alternative authentication is deleted because it is not permitted in re-authentication when the connection of the authentication server is restored, the reason for the deletion is notified to the administrator or user by display or e-mail after the deletion. By doing so, it becomes possible to understand that the job being executed cannot be continued.

1 is a block diagram illustrating a schematic configuration of a multifunction machine control system according to an embodiment of the present invention. FIG. 5A is a data structure example of a user information management table of a multi-function peripheral and a user information management database of an authentication server. It is an example of a message when deleting a job. It is a flowchart which shows the process sequence when switching from alternative authentication to external authentication.

In the MFP control system according to the present invention, when the user is not connected to the authentication server, the user related to the user authenticated in the MFP is re-authenticated by the authentication server that has recovered the connection, and the user cannot be re-authenticated. At times, strict authentication management is performed by deleting a job related to the user.
Furthermore, when the connection is restored, the job queued time (hereinafter referred to as the job start time) is sent to the authentication server for jobs that are in the middle of being executed while not connected to the authentication server. By doing so, the authentication server receives the start time of the job, monitors the end of the job, and reliably performs tabulation management of the job for counting the number of output sheets and billing.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

<Schematic configuration of MFP control system>
FIG. 1 is a block diagram showing a schematic configuration of a multifunction machine control system according to an embodiment of the present invention. In the figure, the multifunction device control system executes, for example, one or more multifunction devices 100 that can use a plurality of functions such as a copy function, a scanner function, a facsimile function, and a printer function, and a user who uses the multifunction device 100. Authentication processing 200 (user authentication, authority restriction management, output number restriction management) and an authentication server 200 that performs tabular management of usage status for each user are connected via a network.

<Configuration of MFP>
In FIG. 1, the multifunction peripheral 100 includes an operation unit 101, an image reading unit 102, an image forming unit 103, a communication unit 104, a device control unit 105, and a storage unit 106, and is controlled by the device control unit 105.

  The operation unit 101 includes a plurality of operation keys for receiving user operation inputs, an LCD (Liquid Crystal Display) integrated with a touch panel, and the like. Is displayed on this LCD.

  The image reading unit 102 irradiates an original with an image irradiation lamp and receives reflected light with a CCD (Charge Coupled Device) sensor, thereby reading an image from the original and image data corresponding to the read image. Is output.

  The image forming unit 103 receives image data read by the image reading unit 102, image data transmitted from a client PC (personal computer) or the like via a LAN (Local Area Network) via the communication unit 104, or a facsimile device or the like. Print on paper using image data.

  The communication unit 104 uses a network interface or the like to control transmission / reception of various data with the authentication server 200, the client PC, the facsimile apparatus, and the like connected via the LAN.

The device control unit 105 includes a CPU (Central Processing Unit), a RAM (Random Access Memory), a ROM (Read Only Memory), and the like. The device control unit 105 reads various control programs and setting information from the storage unit 106 and includes the MFP 100. Implement various functions.
The device control unit 105 of this embodiment includes an authentication unit 105a, a job monitoring unit 105c, and an authentication server monitoring unit 105d (re-authentication unit, job deletion unit, user information management table update unit).

  The storage unit 106 stores various control programs of the MFP 100, fixed information used in the various control programs, setting information set by the user when using the MFP 100, or the execution state of the MFP 100. Store state information and the like. The storage unit 106 stores a user information management table 106a, a job queue 106b, a user usage history table 106c, and image data processed by the image reading unit 102 and the image forming unit 103. Also used for.

  The user information management table 106a is a data item illustrated in FIG. 2A for each user, and includes a user ID, authentication information (login name, password), authority restriction information for each job type, and outputable number restriction information. It has become. This user information management table 106a is used when the MFP 100 authenticates itself when the authentication server 200 cannot be connected due to a network failure or the like.

User ID: An identifier (ID) for identifying the user in the multifunction device is stored.
Login name: The login name for authenticating the user is stored.
Password: A password for authenticating the user is stored.
Authority and number of printable sheets: The authority of the user and the number of sheets that can be output are stored for each function of the multifunction peripheral. When there is no authority to use the function, “prohibited” is stored for the corresponding function, and when there is an authority to use, the number of sheets that can be output with the authority is stored.

  The job queue 106b includes the following data items for each job. The job queue 106b is a job designated by the user in the multifunction device 100 or a job received from a client PC or facsimile device connected to the network by the multifunction device 100. Among them, information regarding unexecuted jobs is stored.

Job ID: An identifier (ID) consisting of a unique child attached to a job executed in the multifunction device 100 is stored.
Login name: The login name of the user related to the job is stored.
Password: The password of the user related to the job is stored.
Job type: Stores job types corresponding to various functions (copy function, scan function, facsimile function, printer function, etc.) of the multifunction peripheral.
Job contents: Job execution contents are stored. For example, in the case of a copy function, setting information such as image data to be copied, the number of copies and output size, and in the case of a scanning function, setting information such as scanned image data and an output destination file name is executed. Is remembered as
Start time: The date and time when the job entered the job queue is stored.

  The user usage history table 106c stores information from the start of execution to the end of execution with the following data items for each job. However, when it is transmitted to the authentication server 200, it is deleted.

Job ID: Stores the job ID of the job.
Login name: The login name of the user related to the job is stored.
Password: The password of the user related to the job is stored.
Job type: Stores the type of the job.
Start time: The date and time when the job entered the job queue is stored.
End time: The date and time when the job ends is stored.
Number of output sheets: The number of sheets output by the job is stored.

  Hereinafter, processing contents of the processing units 105a to 105d configuring the device control unit 105 will be described in detail.

The authentication server monitoring unit 105d monitors whether or not it can be connected to the authentication server 200 that manages the multifunction peripheral 100 at a predetermined time interval, and authenticates the “pause signal” when the authentication server 200 cannot be connected. Are transmitted to the unit 105a and the job monitoring unit 105c, and a “connection signal” is transmitted in the connected state.
When the connection to the authentication server 200 is restored, a “connection signal” is transmitted to the authentication unit 105a, and a “recovery signal” is transmitted to the job monitoring unit 105c.

While receiving the “connection signal” from the authentication server monitoring unit 105d, the authentication unit 105a performs an authentication process (also referred to as external authentication) on the authentication server 200.
First, a user authentication request including a login name and a password input to a job designated by the operation unit 101 or a job received from a client PC or facsimile apparatus is transmitted to the authentication server 200.

When “authentication not permitted” is returned from the authentication server 200, a message indicating that the authentication could not be performed (see FIG. 3) is displayed on the operation unit 101, prompting another login.
On the other hand, when “authentication permission” is returned from the authentication server 200, a restriction confirmation request including (login name, password, job type) attached to the job is transmitted to the authentication server 200, and the job type is set to the user. Check whether it is against the restriction information that is set.
Here, the restrictions set by the user are the execution authority and the limit on the number of outputtable sheets set for each job type.

When a notification indicating that the restriction information is not violated is received from the authentication server 200, the job designated by the user is registered in the job queue 106b. The job queue 106b stores a login name, password, job type, job contents, and date and time (job start time) when entering the job queue in association with a job ID for identifying a job.
Further, when the “connection signal” is received from the authentication server monitoring unit 105d, the job start information (login name, password, job ID, and start time) is transmitted to the authentication server 200.

  When a notification that the restriction information is violated is received from the authentication server 200, a message (see FIG. 3) indicating that the restriction is violated is displayed on the operation unit 101.

  While the authentication unit 105a receives the “pause signal”, the MFP 100 itself refers to the user information management table 106a and performs authentication processing (also referred to as alternative authentication) in the same procedure as the external authentication described above. I do.

  Next, the job monitoring unit 105c extracts the job contents (job ID, job type, job contents, start time) stored in the job queue 106b, causes the MFP 100 to execute the job contents, and (job ID). , Login name, password, job type, and start time) are stored in the user usage history table 106c.

When the execution of the job is completed, the end time and the number of output sheets are stored in the user usage history table 106c of the completed job. Thus, (job ID, login name, password, job type, start time, end time, number of output sheets) is stored in the user usage history for the completed job.
Further, when the job monitoring unit 105c receives the “connection signal” from the authentication server monitoring unit 105d, the job monitoring unit 105c transmits the user usage history of the completed job to the authentication server 200, and a reception confirmation signal is returned from the authentication server 200. The user usage history of this job is deleted from the user usage history table 106c.

  Next, when the job monitoring unit 105c receives the “recovery signal” from the authentication server monitoring unit 105d and determines that the connection with the authentication server 200 has been restored, the user usage stored in the user usage history table 106c. For each job for which an end time is set in the history, end information including a user use history (login name, password, job ID, start time, end time, and number of output sheets) is transmitted to the authentication server 200 and used for the user. Delete history.

  Next, the job monitoring unit 105c activates the re-authentication unit, and performs the following re-authentication processing on (A) the job being executed and (B) the unexecuted job waiting for execution. This is because, for example, the user information management DB 204a of the authentication server 200 is updated during alternative authentication, and the authority or the like that allows the user to be deleted or used may be changed.

(A) Job being executed:
When there is a user usage history for which no end time is set in the user usage history table 106c, re-authentication processing is performed for user information relating to each job for which no end time is set.
The re-authentication unit transmits user information including the login name and password of the user related to the corresponding job from the user usage history table 106 c to the authentication server 200.

When “authentication not permitted” is returned from the authentication server 200, the job deletion unit deletes the user usage history of the job from the user usage history table 106c. In this job deletion unit, when deleting, for example, a message as shown in FIG. 3A is displayed on the operation unit 101 to notify the user.
Note that a message having the same content displayed on the operation unit 101 may be notified to the user or the administrator by transmitting an e-mail to the user or the administrator of the multifunction peripheral 100.
As a result, as soon as the alternative authentication is switched to the external authentication, the reason why the job processing cannot be continued can be understood.

  On the other hand, when re-authentication of the authentication server 200 is permitted, the authority restriction information and the outputable number restriction information relating to the user in the authentication server 200 are returned, so that the user information management table updating unit updates the authority restriction relating to the user. The user information management table 106a is updated by replacing the information with the outputable number limit information.

Next, the job monitoring unit 105c refers to the updated user information management table 106a, and if the job monitoring unit 105c violates the user authority limit or the outputable number limit corresponding to the job type, the job deletion unit 105c The user usage history of the job is deleted from the user usage history table 106c. At the time of deletion, for example, a message as shown in FIGS. 3B and 3C is displayed on the operation unit 101 in accordance with the restriction condition to notify the user.
On the other hand, when the user's authority restriction and outputable sheet number restriction corresponding to the type of the job are satisfied, the user's (login name, password, job ID, and start time) stored in the user usage history table 106c is displayed. It transmits to the authentication server 200.

(B) An unexecuted job waiting for execution:
When there is an unexecuted job waiting for execution in the job queue 106b, re-authentication processing similar to that for the job being executed is performed on the user information related to each job stored in the job queue 106b.
However, the difference from the job being executed is that the job is not deleted from the user usage history table 106c but is deleted from the job queue 106b.

  Next, a processing procedure when switching from alternative authentication to external authentication will be described based on the flowchart of FIG.

  When the multifunction device 100 operates with alternative authentication (step S11), the authentication server monitoring unit 105d of the multifunction device 100 checks whether it can connect to the authentication server 200 at a predetermined interval, and if the connection can be restored. (YES in step S12), a “recovery signal” is transmitted to the job monitoring unit 105c, a “connection signal” is transmitted to the user confirmation unit 105a, and the process proceeds to step S13.

  Next, for a job with an end time set out of the user usage history stored in the user usage history table 106c, the user usage history (login name, password, job ID, start time, end time and output of the job). Number of copies) is transmitted to the authentication server 200, and the user usage history of the job is deleted from the user usage history table 106c (step S13).

  When there is no job being executed in the user usage history table 106c, and when there is no unexecuted job waiting for execution in the job queue 106b (NO in step S14), the user confirmation unit 105a is executed (step S23).

Next, when there is a job being executed in the user usage history table 106c, or when there is an unexecuted job waiting for execution in the job queue 106b (YES in step S14), the end time of the user usage history table 106c is set. One job is taken out from each job that has not been set or from each job stored in the job queue 106b (step S15).
When there is no job to be taken out (YES in step S16), the monitoring process of the job monitoring unit 105c is continued (step S24).

  When there is a job to be extracted (NO in step S16), the user information (login name, password) of the user related to the job is transmitted to the authentication server 200, and the re-authentication result and the restriction information related to the user are acquired (step) S17).

If the re-authentication result is not permitted (NO in step S18), the process proceeds to step S22.
On the other hand, if the re-authentication result is permission (YES in step S18), the user information management table 106a of the user is updated by rewriting the returned restriction information (step S19).

  Next, referring to the updated user information management table 106a, when there is a restriction corresponding to the job type related to the job (NO in step S20), a job deletion message is displayed on the operation unit 101, The job is deleted from the user usage history table 106c or the job queue 106b (step S22), and the process returns to step S15.

  On the other hand, when there is no restriction corresponding to the job type related to the job (YES in step S20), the (login name, password, job ID and start time) of the job is transmitted to the authentication server 200 (step S21). The process returns to step S15.

<Configuration of authentication server>
In FIG. 1, the authentication server 200 includes a communication unit 201, a multifunction device management unit 202, an authentication unit 203, and a storage unit 204, and is controlled by the multifunction device management unit 202.

The communication unit 201 uses a network interface or the like to control transmission / reception of various data with one or more multifunction peripherals 100 and PCs connected via a LAN.
The authentication unit 203 refers to the user information management DB 204a to determine whether or not a user who has requested authentication from the multifunction device 100 can use the multifunction device 100.
The multifunction machine management unit 202 includes a CPU, a RAM, a ROM, and the like, reads various control programs and setting information from the storage unit 204, and realizes various functions provided in the authentication server 200.

  The storage unit 204 stores various control programs of the authentication server 200, fixed information used in the various control programs, or information on the execution state of the authentication server 200. The storage unit 204 also includes a user information management DB (database) 204a and a job start time table 204c for performing user authentication and total management from each MFP 100 connected to the network.

  The user information management DB 204a is a data item as illustrated in FIG. 2B for each user. Similar to the user information management table 106a, the user ID, authentication information (login name, password), and authority restriction for each job type Information, output limit number information and total information are stored.

  The job start time table 204c stores information related to jobs that have been started. The job start time table 204c includes the following data items for each job. When the end time is received from the multifunction device 100, the job start time table 204c is aggregated. Deleted.

MFP ID: The identifier (ID) of the MFP that has started execution of the job is stored. Information related to the MFP 100 connected to the authentication server 200 via the network (for example, function information, processing speed, network address, etc. possessed by the MFP) is associated with this MFP ID in a separately held table. And it is memorized.
Login name: The login name of the user related to the job is stored.
Password: The password of the user related to the job is stored.
Job ID: The identifier (ID) of the job is stored.
Start time: The date and time when the job is started is stored.

  Hereinafter, the monitoring process in the MFP management unit 202 will be described.

(1) Monitoring of user authentication requests from multifunction devices:
The multi-function peripheral management unit 202 receives a user authentication request from the multi-function peripheral 100 via the communication unit 201, and executes user authentication by the authentication unit 203. In this user authentication request, the login name and password of the user are specified.
If the login name and password specified in the user authentication request are correspondingly stored in the user information management DB 204a, the authentication unit 203 returns authentication permission, and otherwise returns authentication impossible.

(2) Monitoring restriction confirmation requests from multifunction devices:
The multifunction device management unit 202 receives a restriction confirmation request from the multifunction device 100 via the communication unit 201 and confirms the restriction on the job type specified by the authentication unit 203. In this restriction confirmation request, the user's login name, password, and job type representing the function that the user wants to process are specified.

The authentication unit 203 refers to the user information management DB 204a, acquires job type restriction information for the user specified by the login name and password specified in the restriction confirmation request, and returns no restriction if there is no restriction, Otherwise, reply with restrictions.
For example, if the authority restriction for the job type is “prohibited”, the restriction is made.
In addition, when the job type is accompanied by printing, even if the authority restriction is not “prohibited”, there is a restriction when the number of outputtable sheets is zero.
Other than these, there are no restrictions.

(3) Monitoring of a user re-authentication request from the MFP:
When the MFP management unit 202 receives a user re-authentication request from the MFP 100 via the communication unit 201, the authentication unit 203 performs re-authentication of the user. In this user re-authentication request, the user's login name and password are specified.

The authentication unit 203 refers to the user information management DB 204a to determine whether (login name, password) is stored correspondingly. If not stored, the authentication unit 203 re-authenticates to the requested MFP 100. Reply disapproval.
On the other hand, if it is stored, re-authentication permission and restriction information related to the user (in this example, authority restriction information and outputable sheet number restriction information) are returned to the requested multifunction peripheral 100.

(4) Monitoring of reception of user usage history from the MFP:
When the multifunction device management unit 202 receives from the multifunction device 100 the usage history of the user that has been executed during alternative authentication by the multifunction device 100, the multifunction device management unit 202 totals the number of output sheets and charges based on the received user usage history, and accumulates the totaled information. Then, the user information management DB 204a of the user is updated.
The user's usage history received includes (login name, password, job ID, start time, end time, and number of output sheets).

(5) Monitoring of reception of job start time and end time from the MFP:
When the multifunction device management unit 202 receives job start information from the multifunction device 100, the multifunction device management unit 202 identifies the multifunction device ID of the transmitted multifunction device 100 and stores it in the job start time table 204c so as not to overlap. This job start information includes (login name, password, job ID, and start time).

When job end information is received from the multifunction device 100, the multifunction device ID of the transmitted multifunction device 100 is specified. Here, the job end information includes (login name, password, job ID, end time, and number of output sheets).
Next, with reference to the job start time table 204c, a job start time having the same (multifunction machine ID, login name, password, job ID) is searched, the searched job start time, the received end time, and the number of output sheets The user information management DB 204a is updated by summing up the number of output sheets and billing based on the information and accumulating the total information, deleting the job start time related to this job from the job start time table 204c, and returning a reception completion signal.

  By configuring the embodiment as described above, when the user information, the function restriction information, and the output number restriction information registered in the authentication server are updated while being separated from the authentication server and performing alternative authentication However, when the connection of the authentication server is restored, the authentication server re-authenticates the jobs being executed and waiting, and deletes jobs that could not be authenticated, making it possible to perform strict authentication management. .

  In addition, if the authentication server monitors and summarizes both job start and end notifications, it authenticates job start notifications that have already started through alternative authentication when the authentication server connection is restored. Since it is sent to the server, it is possible to prevent the aggregation information from being missed.

  Also, when the authentication server connection is restored, if a job that was permitted by alternative authentication is deleted because it is not permitted by re-authentication, the reason for the deletion is notified to the administrator or user by display or e-mail after the deletion. Therefore, it is possible to have the user understand why the job being executed or waiting cannot be continued.

  In addition, the present invention is not limited to the above-described embodiment, and various modifications and corrections can be made without departing from the scope of the present invention.

DESCRIPTION OF SYMBOLS 100 ... Multifunction machine 101 ... Operation part 102 ... Image reading part 103 ... Image forming part 104 ... Communication part 105 ... Equipment control part 105a ... Authentication part 105c ... Job monitoring part 105d ... Authentication server monitoring part (Re-authentication unit, job deletion unit, user information management table update unit), 106 ... storage unit, 106a ... user information management table, 106b ... job queue, 106c ... user usage history table,
DESCRIPTION OF SYMBOLS 200 ... Authentication server 201 ... Communication part 202 ... Multifunction machine management part 203 ... Authentication part 204 ... Storage part 204a ... User information management DB (database), 204c ... Job start time table.

Claims (8)

Corresponding to each user, there is a user information management database that stores authentication information and restriction information, an authentication server that performs user authentication processing with reference to the user information management database, and 1 managed by the authentication server Consisting of more than one multifunction device,
The MFP has a user information management table that stores authentication information and restriction information corresponding to each user. When the MFP can be connected to the authentication server, the MFP transmits user information to the authentication server to perform authentication processing. When the authentication server cannot be connected, the user information management table of the multifunction device is referred to, the substitute authentication is performed in the multifunction device, and the job that has undergone the substitution authentication processing when the connection to the authentication server is restored In the MFP control system that transmits the processing result to the authentication server,
When the authentication server becomes connectable, the multi-function device transmits user information to the authentication server for a job being executed and a job in a standby state, and re-authenticates the user information by the authentication server, A multifunction device control system comprising job deletion means for deleting a job that is not permitted by re-authentication. The authentication server, when re-authentication of the user information is permitted, transmits the restriction information of the user in the user information management database to a multifunction device,
The multifunction device control system according to claim 1, wherein the multifunction device includes update means for updating the user information management table with the received restriction information.   The multifunction device control system according to claim 1, wherein the multifunction device includes a deletion job notification unit that notifies that the disabled job is deleted. The MFP includes a transmission unit configured to transmit, to the authentication server, a notification of a start time of the job started during alternative authentication for a job being executed that is permitted by the re-authentication. The multifunction device control system according to 1, 2, or 3. User information management table that stores authentication information and restriction information corresponding to each user, and user authentication processing with reference to a user information management database that stores authentication information and restriction information corresponding to each user When it is possible to connect to the authentication server, the user information is transmitted to the authentication server for authentication processing. When the user cannot connect to the authentication server, the user information management table of the MFP is referred to the MFP. In the MFP that transmits the job processing result of the alternative authentication process to the authentication server when the authentication is performed and the connection with the authentication server is restored,
When the authentication server becomes connectable, user information is transmitted to the authentication server for the job being executed and the job in the standby state, the user information is re-authenticated by the authentication server, and re-authentication is not permitted. A multifunction device comprising job deletion means for deleting a job that has become a job.   6. The update apparatus according to claim 5, further comprising update means for receiving restriction information of the user transmitted when the user information is re-authenticated by the authentication server, and updating the user information management table with the received restriction information. The multifunction device described.   The multifunction device according to claim 5, further comprising a deletion job notification unit that notifies that the disabled job is deleted.   8. A transmission unit configured to transmit, to the authentication server, a notification of a start time of the job started during alternative authentication for the job being executed that is permitted by the re-authentication. A multi-function machine described in 1.

Images