1. Field of the Invention
The present invention relates to an image processing apparatus, an control method for the image processing apparatus, a program for implementing the control method, and a storage medium storing the program, and more particularly, the present invention relates to an image processing apparatus and an image processing method that includes a first operation mode for every user and a second operation mode for authenticated users and can manage a plurality of users, a program for implementing the control method, and a storage medium storing the program.
2. Description of the Related Art
Conventionally, a plurality of users who use a plurality of personal computers (hereinafter, referred to as “PCs”) connected to a network have shared an image processing apparatus (a network resource) such as a scanner, a FAX, a printer, a copying machine or the like. In such a system, general users can easily share the image processing apparatus.
In order to ensure the security in an office, a technique has been proposed to perform user management for an image processing apparatus and to perform the user authentication to identify a current operator of the image processing apparatus.
In recent years, further enhancement of the security is emphasized. For this purpose, a technique has been proposed to manage operating environment setting of an image processing apparatus for each authenticated user (for example, see Japanese Laid-Open Patent Publication (Kokai) No. 2001-306204 and Japanese Laid-Open Patent Publication (Kokai) No. 10-149061).
However, when a kind of image processing apparatus that can be naturally shared is upgraded to a device embedded with security functions such as the above described user management and user authentication, or when an image processing apparatus already embedded with the security functions is newly purchased and introduced to an office, an administrator of the image processing apparatus needs to perform necessary setting over numerous items with efforts, hence the administrator must perform heavy labor.
Since a user cannot use an image processing apparatus until setting for all users is completed, users who share the image processing apparatus feel inconvenience. This is because a user generally gives priority to convenience rather than high security and feels a waste of time even for the setting.
Further, the inconvenience as described above causes prevention of the new introduction of the image processing apparatus embedded with the security functions to an office.
A shared network scanner connected to a network includes a PULL type scanner for which a PC performs scan setting to set the reading resolution or the size of an original to be read and causes the scanner to scan the original fed to the scanner, and a PUSH type scanner for which the scanner performs the scan setting and the scanning.
Some PUSH type scanners that can store only a scan parameter always return to default scan setting whenever each user starts using such a scanner. Alternatively, a user may have to perform his/her own scan setting again each time he/she uses the scanners since the scanners store scan setting changed by another user.
An image processing apparatus having plurality of functions such as sending e-mail, saving file or printing takes security measures to prevent leakage of confidential information. That is, in such a device, it is preferred that setting can be changed for each user to restrict a user to only use functions available to the user and to permit the user to perform minimum operations necessary for his/her work. Thus, in order to reduce a labor to set scan parameters again as above and prevent the leakage of confidential information, it is required to manage setting information for individual user.
Meanwhile, in an image processing apparatus for managing setting information for each user, an administrator needs to register a new user in the device to permit the user to use the device. In order to strictly control the security, the administrator restricts the use of functions of the device for each user. For example, techniques have been disclosed for an administrator to perform user authentication and manage operating environment setting for each user (for example, see Japanese Laid-Open Patent Publication (Kokai) No. 10-149061 and Japanese Laid-Open Patent Publication (Kokai) No. 2001-306204).
A method of separately managing setting information for each user includes a method for an administrator to previously register all users who possibly use an image processing apparatus, and previously store the setting information for each user in a storage device or a memory in the image processing apparatus.
Instead of setting functional restrictions for each user, the functional restrictions can be provided for each image processing apparatus so that the identical functional restrictions are set for all users who use an image processing apparatus.
However, the image processing apparatus for managing the setting information for each user often applies the same setting to users who do the same work or belong to the same division. In this case, if initial setting information such as default scan parameters of the device cannot be changed, an administrator must perform setting based on the default initial setting information for each time of registration in spite of that the same setting information is set for many users. As described, if there are many users to be registered, a great burden is put on an administrator.
Additionally, the method of previously storing the setting information for each user in the storage device in the above described image processing apparatus has the following problems.
For example, there is a system in which an authentication server and a plurality of image processing apparatuses are connected to one another via a network, ten thousands of users are registered in a storage device in the authentication server (e.g., in Microsoft Active Directory), and the users who use the image processing apparatus are authenticated using user IDs and passwords. The image processing apparatus can restrict functions for each user, and all the users are permitted to use the image processing apparatus with functional restrictions depending on their work. Suppose that the number of users who use one image processing apparatus is about ten and that the system employs a method of registering all the users who possibly use the device in the image processing apparatus, and previously storing setting information for each registered users in the image processing apparatus. Then, user information of the ten thousands of users registered in the authentication server and ten thousand user setting information must be stored in a memory in the image processing apparatus.
But actually, an image processing apparatus cannot be provided with a high-capacity memory or the like for storing the user information and user setting information of ten thousands of users. Additionally, much of the stored user setting information is user setting information of users who do not use the device, hence storing areas of the memory or the like are wasted.
In the image processing apparatus described in the above that sets the identical functional restrictions for all users who use an image processing apparatus, it is not possible to change functional restriction setting only for a certain authenticated user. Using such an image processing apparatus, it might impossible to give the right of use only to a certain user and a user cannot use functions if the user desires so.