Embedded Web Server Administrator's Guide
Page 3
... Authentication and Authorization ...5 Groups ...6 Access Controls...6 Security Templates...6 Configuring building blocks...7 Creating a password ...7 Creating a PIN...7 Setting up internal accounts ...8 Using LDAP ...9 Using LDAP+GSSAPI ...11...password or PIN to control function access...16 Using a security template to control function access ...16 Scenarios...18 Scenario: Printer in a public place...18 Scenario: Standalone or small office...18 Scenario: Network running Active Directory ...19 Managing certificates and other settings...21 Managing certificates...21 Setting certificate defaults...
... Authentication and Authorization ...5 Groups ...6 Access Controls...6 Security Templates...6 Configuring building blocks...7 Creating a password ...7 Creating a PIN...7 Setting up internal accounts ...8 Using LDAP ...9 Using LDAP+GSSAPI ...11...password or PIN to control function access...16 Using a security template to control function access ...16 Scenarios...18 Scenario: Printer in a public place...18 Scenario: Standalone or small office...18 Scenario: Network running Active Directory ...19 Managing certificates and other settings...21 Managing certificates...21 Setting certificate defaults...
Embedded Web Server Administrator's Guide
Page 6
Access Controls By default, all users the functions they are combined determines the type of security created:... blocks. In this scenario, it makes sense to similar functions. A Security Template is a profile constructed using a password, PIN, or security template. Access controls can be set of functions such as "Function Access Controls"), are used...to a common set using a building block, or certain building blocks paired with Groups Authentication and authorization Password Authorization only PIN Authorization only Each device can support up to 32 groups to be used in some ...
Access Controls By default, all users the functions they are combined determines the type of security created:... blocks. In this scenario, it makes sense to similar functions. A Security Template is a profile constructed using a password, PIN, or security template. Access controls can be set of functions such as "Function Access Controls"), are used...to a common set using a building block, or certain building blocks paired with Groups Authentication and authorization Password Authorization only PIN Authorization only Each device can support up to 32 groups to be used in some ...
Embedded Web Server Administrator's Guide
Page 7
... job. Note: The default PIN length is protected by a normal password, any administrator-level password will delete all passwords on each supported device. Each password must have a unique name consisting of 1-128 UTF-8 characters (example: "Copy Lockout Password"). 5 Type a password in the appropriate box,...consisting of 1-128 UTF-8 characters (example: "Copy Lockout PIN"). 5 Type a PIN in the Setup Name box. Administrator-level passwords override normal passwords. To create a PIN 1 From the Embedded Web Server Home screen, browse to Settings ª Security ª Edit Security ...
... job. Note: The default PIN length is protected by a normal password, any administrator-level password will delete all passwords on each supported device. Each password must have a unique name consisting of 1-128 UTF-8 characters (example: "Copy Lockout Password"). 5 Type a password in the appropriate box,...consisting of 1-128 UTF-8 characters (example: "Copy Lockout PIN"). 5 Type a PIN in the Setup Name box. Administrator-level passwords override normal passwords. To create a PIN 1 From the Embedded Web Server Home screen, browse to Settings ª Security ª Edit Security ...
Embedded Web Server Administrator's Guide
Page 9
... a new internal account, as well as cn (common name), ou (organizational unit), o (organization), c (country), or dc (domain)-separated by commas. The default LDAP port is 389. • Use SSL/TLS-From the drop-down menu select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS.... • Userid Attribute-Type either User ID or User ID and Password to securely end each particular LDAP Server Setup when creating security templates. • Server Address-Enter the IP Address or the Host Name of...
... a new internal account, as well as cn (common name), ou (organizational unit), o (organization), c (country), or dc (domain)-separated by commas. The default LDAP port is 389. • Use SSL/TLS-From the drop-down menu select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS.... • Userid Attribute-Type either User ID or User ID and Password to securely end each particular LDAP Server Setup when creating security templates. • Server Address-Enter the IP Address or the Host Name of...
Embedded Web Server Administrator's Guide
Page 14
... Saving Time (DST) is Microsoft's solution for enabling authentication without requiring the transmission of comparing the user's actual password, the NTLM server and the client generate and compare three encrypted strings based on an external server, users will ... can be used in clear text. Setting date and time Because Kerberos servers require that relies on the user's password. Printer clock settings can be updated manually, or set to use the "Install auth keys" link to browse ... (usually within 300 seconds), the printer clock must be registered to restore default values.
... Saving Time (DST) is Microsoft's solution for enabling authentication without requiring the transmission of comparing the user's actual password, the NTLM server and the client generate and compare three encrypted strings based on an external server, users will ... can be used in clear text. Setting date and time Because Kerberos servers require that relies on the user's password. Printer clock settings can be updated manually, or set to use the "Install auth keys" link to browse ... (usually within 300 seconds), the printer clock must be registered to restore default values.
Embedded Web Server Administrator's Guide
Page 15
... Home screen, browse to access security menus regardless of the type of "back door" measures such as a backup password. Note: In some organizations, security policies prohibit the use of security assigned. Specifying the default user domain for example, if there is not successful, the Manage NTLM Setup screen will display "Status....Not...
... Home screen, browse to access security menus regardless of the type of "back door" measures such as a backup password. Note: In some organizations, security policies prohibit the use of security assigned. Specifying the default user domain for example, if there is not successful, the Manage NTLM Setup screen will display "Status....Not...
Embedded Web Server Administrator's Guide
Page 16
... Web Server Home screen, browse to specific device functions using a password or PIN. Using a password or PIN to control function access Each Access Control (or Function Access Control), can be set to require No Security (the default), or to use any function controlled by selecting Log out on ...user may be logged in before being automatically logged off. • Remote Login Timeout-Specify how long a user may be assigned to restore default values. Embedded Web Server administrators should verify that function. 4 Click Submit to save changes, or Reset Form to each function you want to...
... Web Server Home screen, browse to specific device functions using a password or PIN. Using a password or PIN to control function access Each Access Control (or Function Access Control), can be set to require No Security (the default), or to use any function controlled by selecting Log out on ...user may be logged in before being automatically logged off. • Remote Login Timeout-Specify how long a user may be assigned to restore default values. Embedded Web Server administrators should verify that function. 4 Click Submit to save changes, or Reset Form to each function you want to...
Embedded Web Server Administrator's Guide
Page 26
... Under 802.1x Authentication: • Select the Active check box to enable 802.1x authentication. • Type the login name and password the printer will be the only choice listed. 3 Under Allowable Authentication Mechanisms, choose which authentication protocols the printer will wait for a .... Note: Server certificate validation is port 25. 4 If using an encrypted link. 8 If your network under Device Credentials. The default value is integral to TLS (Transport Layer Security), PEAP (Protected Extensible Authentication Protocol), and TTLS (Tunneled Transport Security Layer). •...
... Under 802.1x Authentication: • Select the Active check box to enable 802.1x authentication. • Type the login name and password the printer will be the only choice listed. 3 Under Allowable Authentication Mechanisms, choose which authentication protocols the printer will wait for a .... Note: Server certificate validation is port 25. 4 If using an encrypted link. 8 If your network under Device Credentials. The default value is integral to TLS (Transport Layer Security), PEAP (Protected Extensible Authentication Protocol), and TTLS (Tunneled Transport Security Layer). •...
Embedded Web Server Administrator's Guide
Page 27
...Under SNMP Version 1, 2c, select the Enabled check box. 3 To allow device monitoring only, type an SNMPv3 Read Only User name and Password in network management systems to monitor network-attached devices for conditions that trigger an alert message. 1 From the Embedded Web Server Home screen, ... as device monitoring, type an SNMPPv3 Read/Write User name and Password in the Embedded Web Server 27 The Embedded Web server allows administrators to configure settings for the SNMP Community identifier (the default community name is used for SNMP versions 1 through the secure tunnel...
...Under SNMP Version 1, 2c, select the Enabled check box. 3 To allow device monitoring only, type an SNMPv3 Read Only User name and Password in network management systems to monitor network-attached devices for conditions that trigger an alert message. 1 From the Embedded Web Server Home screen, ... as device monitoring, type an SNMPPv3 Read/Write User name and Password in the Embedded Web Server 27 The Embedded Web server allows administrators to configure settings for the SNMP Community identifier (the default community name is used for SNMP versions 1 through the secure tunnel...
Embedded Web Server Administrator's Guide
Page 28
...menus-use with caution), Access controls = "No security" (to remove security only from function access controls), or Reset factory security defaults (to return all security settings to default values). 3 Click Submit to save changes, or Reset Form to clear all fields. To regain access to the security menus, ...a service call will not be required to access the security menus. Warning-Potential Damage: If "No Effect" is chosen and the password (or other...
...menus-use with caution), Access controls = "No security" (to remove security only from function access controls), or Reset factory security defaults (to return all security settings to default values). 3 Click Submit to save changes, or Reset Form to clear all fields. To regain access to the security menus, ...a service call will not be required to access the security menus. Warning-Potential Damage: If "No Effect" is chosen and the password (or other...
Embedded Web Server Administrator's Guide
Page 40
... authenticating using Kerberos 13 using LDAP 9 using LDAP+GSSAPI 11 using NTLM authentication 14 Authentication understanding 5 Authorization understanding 5 B backup password creating 15 using 15 building blocks adding to security templates 16 internal accounts 8 Kerberos 5 13 LDAP 9 LDAP+GSSAPI 11 NTLM ...authentication 14 C certificates creating 21 deleting 21 setting defaults 22 viewing 21 confidential printing configuring 22 D disk encryption 24 disk wiping modifying 23 scheduling 23 E encrypting the hard disk 24...
... authenticating using Kerberos 13 using LDAP 9 using LDAP+GSSAPI 11 using NTLM authentication 14 Authentication understanding 5 Authorization understanding 5 B backup password creating 15 using 15 building blocks adding to security templates 16 internal accounts 8 Kerberos 5 13 LDAP 9 LDAP+GSSAPI 11 NTLM ...authentication 14 C certificates creating 21 deleting 21 setting defaults 22 viewing 21 confidential printing configuring 22 D disk encryption 24 disk wiping modifying 23 scheduling 23 E encrypting the hard disk 24...
Wireless Setup Guide
Page 6
... WEP key, enter up to four in the following : • Authentication type • Inner authentication type • 802.1X username and password • Certificates Note: For more information on printing a network setup page, see the Networking Guide on the Software and Documentation CD. If...distinguish it from other network devices. WPA or WPA2 passphrase WPA includes encryption as an additional layer of addresses allowed by selecting the Default WEP Transmit Key. Adding the printer to a network that only those devices with the printer. This is called the Media Access Control...
... WEP key, enter up to four in the following : • Authentication type • Inner authentication type • 802.1X username and password • Certificates Note: For more information on printing a network setup page, see the Networking Guide on the Software and Documentation CD. If...distinguish it from other network devices. WPA or WPA2 passphrase WPA includes encryption as an additional layer of addresses allowed by selecting the Default WEP Transmit Key. Adding the printer to a network that only those devices with the printer. This is called the Media Access Control...
Wireless Setup Guide
Page 13
g From the Easy Install screen, click Install. Connecting to a wireless network using Macintosh 13 h Type the user password, and then click OK. i Click Close when installation is installed on the computer. In Mac OS X version 10.4 1 From the Finder desktop, choose Go... >Applications. 2 Double-click the Utilities folder. 3 Double-click Print Center or Printer Setup Utility. 4 From the Printer List, choose Add. 5 Choose the Default Browser tab. 6 Click More Printers. 7 From the first pop-up menu, choose AppleTalk. 8 From the second pop-up menu, select Local AppleTalk zone. 9 Select...
g From the Easy Install screen, click Install. Connecting to a wireless network using Macintosh 13 h Type the user password, and then click OK. i Click Close when installation is installed on the computer. In Mac OS X version 10.4 1 From the Finder desktop, choose Go... >Applications. 2 Double-click the Utilities folder. 3 Double-click Print Center or Printer Setup Utility. 4 From the Printer List, choose Add. 5 Choose the Default Browser tab. 6 Click More Printers. 7 From the first pop-up menu, choose AppleTalk. 8 From the second pop-up menu, select Local AppleTalk zone. 9 Select...
Wireless Setup Guide
Page 16
The Command Prompt window opens. 4 Type ipconfig, and then press Enter. Check the Wireless Network Connection section: • The "Default Gateway" entry is connected to Step 2. d On the main page, click Wireless or any capital letters. 2 Print the printer network setup page. In the ...the printer are stored. Note: Make sure you do not know the IP address of numbers separated by the computer. b Type the user name and password of the printer. If you copy it exactly, including any other selection where settings are connected to set up menu. 4 Write down the SSID. ...
The Command Prompt window opens. 4 Type ipconfig, and then press Enter. Check the Wireless Network Connection section: • The "Default Gateway" entry is connected to Step 2. d On the main page, click Wireless or any capital letters. 2 Print the printer network setup page. In the ...the printer are stored. Note: Make sure you do not know the IP address of numbers separated by the computer. b Type the user name and password of the printer. If you copy it exactly, including any other selection where settings are connected to set up menu. 4 Write down the SSID. ...
Wireless Setup Guide
Page 23
b Type ipconfig. c Press Enter. • The "Default Gateway" entry is not installed on the computer, then insert the Software and Documentation CD, and follow the wireless installation path. Run the Wireless Setup ... Prompt. Note: If the Wireless Setup Utility is typically the access point. • The IP address appears as 192.168.1.1. 2 Type the user name and password for the access point when prompted. 3 Click OK. 4 Locate the page where the SSID appears. 5 Write down exactly, including any capital letters. Find the network...
b Type ipconfig. c Press Enter. • The "Default Gateway" entry is not installed on the computer, then insert the Software and Documentation CD, and follow the wireless installation path. Run the Wireless Setup ... Prompt. Note: If the Wireless Setup Utility is typically the access point. • The IP address appears as 192.168.1.1. 2 Type the user name and password for the access point when prompted. 3 Click OK. 4 Locate the page where the SSID appears. 5 Write down exactly, including any capital letters. Find the network...
Common Criteria Installation Supplement and Administrator Guide
Page 27
...Settings. 2 For Security Reset Jumper, scroll to select No Security (to remove security only from function access controls), Reset to Defaults (to return all security settings to default values), or No Effect (to remove access to save the changes. To regain access to the security menus, a service call... will not be used with DoD Common Access Cards). 27 Warning-Potential Damage: If "No Effect" is chosen and the password (or other ...
...Settings. 2 For Security Reset Jumper, scroll to select No Security (to remove security only from function access controls), Reset to Defaults (to return all security settings to default values), or No Effect (to remove access to save the changes. To regain access to the security menus, a service call... will not be used with DoD Common Access Cards). 27 Warning-Potential Damage: If "No Effect" is chosen and the password (or other ...
Common Criteria Installation Supplement and Administrator Guide
Page 30
The default LDAP port is 389. • Use SSL/TLS-Select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS. • Userid Attribute-Specify either User ID and Password or User ID to specify which credentials a user must be provided. • When creating Security Templates...Setup when creating security templates. • Server Address-The IP address or the hostname of the print server(s). • MFP Password-Type the Kerberos password for the print server(s). Both the Short name for group, and Group Identifier must provide when attempting to access a function ...
The default LDAP port is 389. • Use SSL/TLS-Select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS. • Userid Attribute-Specify either User ID and Password or User ID to specify which credentials a user must be provided. • When creating Security Templates...Setup when creating security templates. • Server Address-The IP address or the hostname of the print server(s). • MFP Password-Type the Kerberos password for the print server(s). Both the Short name for group, and Group Identifier must provide when attempting to access a function ...
Common Criteria Installation Supplement and Administrator Guide
Page 31
...; Use SSL/TLS-Select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS. • Userid Attribute-Specify either sAMAccountName (the default), uid, userid, user-defined, or cn (common name). • Search Base-The node in the LDAP server where user accounts reside. The...groups stored on the LDAP server, by semi-colons. • Search Timeout-Specify a value of the print server(s). • MFP Password-The Kerberos password for that class will also be searched. • Custom Object Classes (optional)-For each particular LDAP+GSSAPI Server Setup when creating security ...
...; Use SSL/TLS-Select None, SSL/TLS (Secure Sockets Layer/Transport Layer Security), or TLS. • Userid Attribute-Specify either sAMAccountName (the default), uid, userid, user-defined, or cn (common name). • Search Base-The node in the LDAP server where user accounts reside. The...groups stored on the LDAP server, by semi-colons. • Search Timeout-Specify a value of the print server(s). • MFP Password-The Kerberos password for that class will also be searched. • Custom Object Classes (optional)-For each particular LDAP+GSSAPI Server Setup when creating security ...
IPDS Emulation User's Guide
Page 45
..., capture the resources, and password protect the flash again. 45 The RESOURCE CAPTURE menu controls the capturing of eligible resources of the following an asterisk "*" indicates the default factory value. Important: You should always check your licensing information before making a font or ...format) • Outline fonts (LF3 format) • TrueType and OpenType fonts (Downloaded in order to store captured resources. If the flash is password protected, no resources will be available in an Object Container) Data Objects: • JPEG (JFIF) images • GIF images • TIFF...
..., capture the resources, and password protect the flash again. 45 The RESOURCE CAPTURE menu controls the capturing of eligible resources of the following an asterisk "*" indicates the default factory value. Important: You should always check your licensing information before making a font or ...format) • Outline fonts (LF3 format) • TrueType and OpenType fonts (Downloaded in order to store captured resources. If the flash is password protected, no resources will be available in an Object Container) Data Objects: • JPEG (JFIF) images • GIF images • TIFF...
PKI-Enabled Device Installation and Configuration Guide
Page 11
...choose to send E-mail, enter the appropriate information under Device Credentials. 10 For User-Initiated E-mail, select Use Session User ID and Password if using Kerberos, or None if not using Kerberos. 11 Click Submit. Note: If the printer must provide credentials in the body...dpi. Configuring PKI-enabled devices 11 9 For Device-Initiated E-mail, select None or Use Device SMTP Credentials. Suggestion: "Scanned Document". 3 Type a default Message to be chosen to save changes before continuing Scan settings 1 From the Embedded Web Server, click Settings > E-mail/FTP Settings > E-mail ...
...choose to send E-mail, enter the appropriate information under Device Credentials. 10 For User-Initiated E-mail, select Use Session User ID and Password if using Kerberos, or None if not using Kerberos. 11 Click Submit. Note: If the printer must provide credentials in the body...dpi. Configuring PKI-enabled devices 11 9 For Device-Initiated E-mail, select None or Use Device SMTP Credentials. Suggestion: "Scanned Document". 3 Type a default Message to be chosen to save changes before continuing Scan settings 1 From the Embedded Web Server, click Settings > E-mail/FTP Settings > E-mail ...