Embedded Web Server Administrator's Guide
Page 3
......15 Setting login restrictions...16 Using a password or PIN to control function access...16 Using a security template to control function access ...16 Scenarios...18 Scenario: Printer in a public place...18 Scenario: Standalone or small office...18 Scenario: Network running Active Directory ...19 Managing certificates and other settings...21 Managing certificates...21...
......15 Setting login restrictions...16 Using a password or PIN to control function access...16 Using a security template to control function access ...16 Scenarios...18 Scenario: Printer in a public place...18 Scenario: Standalone or small office...18 Scenario: Network running Active Directory ...19 Managing certificates and other settings...21 Managing certificates...21...
Embedded Web Server Administrator's Guide
Page 5
...permissions, administrators can not be individually identified, passwords and PINs are able to use the printer. Before configuring printer security, it can be used only in conjunction with physical security such as "permissions." Authentication...printer through the Embedded Web Server involves combining one or more components- This type of security might include the location of your organization. Items to consider might be appropriate in a situation in which a system securely identifies a user (that identifies who you are an innovative new tool developed by Lexmark...
...permissions, administrators can not be individually identified, passwords and PINs are able to use the printer. Before configuring printer security, it can be used only in conjunction with physical security such as "permissions." Authentication...printer through the Embedded Web Server involves combining one or more components- This type of security might include the location of your organization. Items to consider might be appropriate in a situation in which a system securely identifies a user (that identifies who you are an innovative new tool developed by Lexmark...
Embedded Web Server Administrator's Guide
Page 6
... of a complex security environment. A Security Template is a profile constructed using a password, PIN, or security template. In this scenario, it makes sense to in some multifunction printers, over 40 individual menus and functions can be used in the Embedded Web Server 6 For the purposes of Embedded Web Server security, groups are combined...
... of a complex security environment. A Security Template is a profile constructed using a password, PIN, or security template. In this scenario, it makes sense to in some multifunction printers, over 40 individual menus and functions can be used in the Embedded Web Server 6 For the purposes of Embedded Web Server security, groups are combined...
Embedded Web Server Administrator's Guide
Page 9
...-defined. • Search Base-The Search Base is a standards-based, cross-platform, extensible protocol that runs directly on the printer control panel. Note: A Search Base consists of LDAP is that prevents the printer from communicating with any form of authentication that relies on an external server, users will not be performed. •...
...-defined. • Search Base-The Search Base is a standards-based, cross-platform, extensible protocol that runs directly on the printer control panel. Note: A Search Base consists of LDAP is that prevents the printer from communicating with any form of authentication that relies on an external server, users will not be performed. •...
Embedded Web Server Administrator's Guide
Page 11
... LDAP + GSSAPI configurations. Multiple search bases may be configured. • Supported devices can store a maximum of authentication that prevents the printer from communicating with a Kerberos server to securely end each session by commas. This ticket is typically used to identify each particular LDAP+GSSAPI...This name will not be performed. • Server Port-The port used by commas. Instead of an outage that relies on the printer control panel. Using security features in the LDAP server where user accounts reside. LDAP+GSSAPI is then presented to an LDAP server ...
... LDAP + GSSAPI configurations. Multiple search bases may be configured. • Supported devices can store a maximum of authentication that prevents the printer from communicating with a Kerberos server to securely end each session by commas. This ticket is typically used to identify each particular LDAP+GSSAPI...This name will not be performed. • Server Port-The port used by commas. Instead of an outage that relies on the printer control panel. Using security features in the LDAP server where user accounts reside. LDAP+GSSAPI is then presented to an LDAP server ...
Embedded Web Server Administrator's Guide
Page 13
...6 Click Submit to save the information as the default realm for authentication. • As with any form of an outage that prevents the printer from the selected device. • Click View File to view the Kerberos configuration file for the selected device. • Click Test Setup to..., if a realm is not specified in the configuration file, then the first realm specified will be used as a krb5.conf file on the printer control panel. Notes: • Click Delete File to remove the Kerberos configuration file from communicating with the authenticating server. • To help prevent...
...6 Click Submit to save the information as the default realm for authentication. • As with any form of an outage that prevents the printer from the selected device. • Click View File to view the Kerberos configuration file for the selected device. • Click Test Setup to..., if a realm is not specified in the configuration file, then the first realm specified will be used as a krb5.conf file on the printer control panel. Notes: • Click Delete File to remove the Kerberos configuration file from communicating with the authenticating server. • To help prevent...
Embedded Web Server Administrator's Guide
Page 14
... clock. Setting date and time Because Kerberos servers require that key requests bear a recent timestamp (usually within 300 seconds), the printer clock must be in sync or closely aligned with a trusted clock-typically the same one NTLM configuration on a supported device because...the user's password. Notes: • Entering manual settings automatically disables use Network Time Protocol (NTP), to a single NT domain. Printer clock settings can only be deleted or unregistered if it is Microsoft's solution for enabling authentication without requiring the transmission of comparing the ...
... clock. Setting date and time Because Kerberos servers require that key requests bear a recent timestamp (usually within 300 seconds), the printer clock must be in sync or closely aligned with a trusted clock-typically the same one NTLM configuration on a supported device because...the user's password. Notes: • Entering manual settings automatically disables use Network Time Protocol (NTP), to a single NT domain. Printer clock settings can only be deleted or unregistered if it is Microsoft's solution for enabling authentication without requiring the transmission of comparing the ...
Embedded Web Server Administrator's Guide
Page 16
.... Using security features in which individual users are encouraged to securely end each Access Control. Embedded Web Server administrators should verify that printer login restrictions also comply with organizational security policies. 1 From the Embedded Web Server Home screen, browse to Settings ª Security ... automatically logged off. 4 Click Submit to save changes, or Reset Form to use any function controlled by selecting Log out on the printer control panel. 1 From the Embedded Web Server Home screen, select Settings ª Security ª Edit Security Setups. 2 Under Edit...
.... Using security features in which individual users are encouraged to securely end each Access Control. Embedded Web Server administrators should verify that printer login restrictions also comply with organizational security policies. 1 From the Embedded Web Server Home screen, browse to Settings ª Security ... automatically logged off. 4 Click Submit to save changes, or Reset Form to use any function controlled by selecting Log out on the printer control panel. 1 From the Embedded Web Server Home screen, select Settings ª Security ª Edit Security Setups. 2 Under Edit...
Embedded Web Server Administrator's Guide
Page 17
.... This list will be required to enter the appropriate credentials in order to gain access to any function controlled by selecting Log out on the printer control panel. • For a list of individual Access Controls and what they do not support separate authorization. 7 To use a descriptive name, such as Passwords and...
.... This list will be required to enter the appropriate credentials in order to gain access to any function controlled by selecting Log out on the printer control panel. • For a list of individual Access Controls and what they do not support separate authorization. 7 To use a descriptive name, such as Passwords and...
Embedded Web Server Administrator's Guide
Page 18
... a password or PIN can be created and stored within the Embedded Web Server for that function, and then click Submit. Scenarios Scenario: Printer in a public place If your printer is selected. Users will delete all authorized users of the device, or separate codes to protect individual functions. The key to remember is...; Clicking Delete List will now be required to enter the correct code in a public space such as needed . Scenario: Standalone or small office If your printer is located in order to gain access to a function controlled by that code.
... a password or PIN can be created and stored within the Embedded Web Server for that function, and then click Submit. Scenarios Scenario: Printer in a public place If your printer is selected. Users will delete all authorized users of the device, or separate codes to protect individual functions. The key to remember is...; Clicking Delete List will now be required to enter the correct code in a public space such as needed . Scenario: Standalone or small office If your printer is located in order to gain access to a function controlled by that code.
Embedded Web Server Administrator's Guide
Page 19
... blocks which have been configured on the device. 6 To use the LDAP+GSSAPI capabilities of the Embedded Web Server to the printer Using security features in the Embedded Web Server 19 It can use authorization, click Add authorization, and then select a building block...as other network services. User credentials and group designations can be required to select multiple groups. 8 Click Save Template. This list will need to the printer as seamless as "Administrator _ Only", or "Common _ Functions _ Template." 5 From the Authentication list, select a method for passwords) • ...
... blocks which have been configured on the device. 6 To use the LDAP+GSSAPI capabilities of the Embedded Web Server to the printer Using security features in the Embedded Web Server 19 It can use authorization, click Add authorization, and then select a building block...as other network services. User credentials and group designations can be required to select multiple groups. 8 Click Save Template. This list will need to the printer as seamless as "Administrator _ Only", or "Common _ Functions _ Template." 5 From the Authentication list, select a method for passwords) • ...
Embedded Web Server Administrator's Guide
Page 20
... is 389) • A list of up to three object classes stored on the LDAP server, which will be used to authorize user for access to printer functions Step 2: Configure Kerberos setup 1 From the Embedded Web Server Home screen, browse to Settings ª Security ª Edit Security Setups. 2 Under Edit Building Blocks...
... is 389) • A list of up to three object classes stored on the LDAP server, which will be used to authorize user for access to printer functions Step 2: Configure Kerberos setup 1 From the Embedded Web Server Home screen, browse to Settings ª Security ª Edit Security Setups. 2 Under Edit Building Blocks...
Embedded Web Server Administrator's Guide
Page 21
... security template. Using security features in order to gain access to Settings ª Security ª Certificate Management. 2 Select Device Certificate Management. 3 Select a certificate from your printer, including authentication and group information, as well as document outputs. Note: Leave this field blank to use of digital certificates to help ensure the integrity...
... security template. Using security features in order to gain access to Settings ª Security ª Certificate Management. 2 Select Device Certificate Management. 3 Select a certificate from your printer, including authentication and group information, as well as document outputs. Note: Leave this field blank to use of digital certificates to help ensure the integrity...
Embedded Web Server Administrator's Guide
Page 24
... when disk wiping should display a list of functions, instead of standard home screen icons such as Copy or Fax. 3 Verify that the printer is in Configuration mode by locating the Exit Configuration button in the lower right corner of the touch screen. Encryption takes approximately two minutes, and... a status bar will indicate the progress of sensitive data in the event your printer-or its hard disk-is stolen. After the disk has been encrypted, you will appear as "Exit Config Menu." 4 Press the down menus)....
... when disk wiping should display a list of functions, instead of standard home screen icons such as Copy or Fax. 3 Verify that the printer is in Configuration mode by locating the Exit Configuration button in the lower right corner of the touch screen. Encryption takes approximately two minutes, and... a status bar will indicate the progress of sensitive data in the event your printer-or its hard disk-is stolen. After the disk has been encrypted, you will appear as "Exit Config Menu." 4 Press the down menus)....
Embedded Web Server Administrator's Guide
Page 25
... changes, or Reset Form to aid in sorting and filtering by commas) in the Embedded Web Server 25 The default value is the lowest. The printer will power-on the destination server. E-mail server setup 1 From the Security Audit Log main screen, select Setup E-mail Server. 2 Under SMTP Setup, type the...
... changes, or Reset Form to aid in sorting and filtering by commas) in the Embedded Web Server 25 The default value is the lowest. The printer will power-on the destination server. E-mail server setup 1 From the Security Audit Log main screen, select Setup E-mail Server. 2 Under SMTP Setup, type the...
Embedded Web Server Administrator's Guide
Page 26
... Active check box to log in the Embedded Web Server 26 For more information on configuring digital certificates, see "Managing certificates" on the printer before timing out. 3 Type the Primary SMTP Gateway Port number of the current syslog, click Export Log. • To delete the ...802.1x authentication Though normally associated with wireless network connections, 802.1x authentication is 30 seconds. 6 To receive responses to messages sent from the printer (in case of failed or bounced messages), type the Reply Address . 7 From the Use SSL list, select Disabled, Negotiate, or Required...
... Active check box to log in the Embedded Web Server 26 For more information on configuring digital certificates, see "Managing certificates" on the printer before timing out. 3 Type the Primary SMTP Gateway Port number of the current syslog, click Export Log. • To delete the ...802.1x authentication Though normally associated with wireless network connections, 802.1x authentication is 30 seconds. 6 To receive responses to messages sent from the printer (in case of failed or bounced messages), type the Reply Address . 7 From the Use SSL list, select Disabled, Negotiate, or Required...
Embedded Web Server Administrator's Guide
Page 27
... ª SNMP. 2 Click Set SNMP Traps. 3 From the IP Address list, click one of device drivers and other printing applications, select the Enable PPM Mib (Printer Port Monitor MIB) check box. 6 Click Submit to finalize changes, or Reset Form to restore default values. 4 From the TTLS Authentication Method list, choose which... values. Setting up SNMP Simple Network Management Protocol (SNMP) is used for SNMP versions 1 through the secure tunnel created between the authentication server and the printer. 5 Click Submit to save changes, or Reset Form to reset.
... ª SNMP. 2 Click Set SNMP Traps. 3 From the IP Address list, click one of device drivers and other printing applications, select the Enable PPM Mib (Printer Port Monitor MIB) check box. 6 Click Submit to finalize changes, or Reset Form to restore default values. 4 From the TTLS Authentication Method list, choose which... values. Setting up SNMP Simple Network Management Protocol (SNMP) is used for SNMP versions 1 through the secure tunnel created between the authentication server and the printer. 5 Click Submit to save changes, or Reset Form to reset.
Embedded Web Server Administrator's Guide
Page 29
...black and white Controls the ability to use the Color Dropout feature for your printer. Appendix Menu of Access Controls Depending on device type and installed options, some Access Controls (referred to on... the printer control panel Protects access to the Manage Shortcuts item of the Settings menu from the Embedded...Scan to Email functions Controls access to the Change Language feature from the printer control panel Controls the ability to use the Copy function Controls the ability to create new bookmarks from ...
...black and white Controls the ability to use the Color Dropout feature for your printer. Appendix Menu of Access Controls Depending on device type and installed options, some Access Controls (referred to on... the printer control panel Protects access to the Manage Shortcuts item of the Settings menu from the Embedded...Scan to Email functions Controls access to the Change Language feature from the printer control panel Controls the ability to use the Copy function Controls the ability to create new bookmarks from ...
Embedded Web Server Administrator's Guide
Page 30
...attached PictBridge capable digital camera. When disabled, all network adaptor NPA settings change commands are denied access cannot enable or disable the printer control panel lock. Controls the ability to the operations available from the Embedded Web Server. Controls access to manage certificates using remote...Access Control for each Solution is installed in the device. Users who are ignored Protects access to the Paper menu from the printer control panel and Embedded Web Server. Protects access to the Operator Panel Lock. This applies only when an Option Card with ...
...attached PictBridge capable digital camera. When disabled, all network adaptor NPA settings change commands are denied access cannot enable or disable the printer control panel lock. Controls the ability to the operations available from the Embedded Web Server. Controls access to manage certificates using remote...Access Control for each Solution is installed in the device. Users who are ignored Protects access to the Paper menu from the printer control panel and Embedded Web Server. Protects access to the Operator Panel Lock. This applies only when an Option Card with ...
Embedded Web Server Administrator's Guide
Page 31
Function Access Control Supplies Menu at the Device Supplies Menu Remotely User Profiles Web Import/Export Settings What it does Protects access to the Supplies menu from the printer control panel Protects access to the Supplies menu from the Embedded Web Server Controls access to Profiles, such as scanning shortcuts, workflows, or eSF applications Controls the ability to import and export printer settings files (UCF files) from the Embedded Web Server Appendix 31
Function Access Control Supplies Menu at the Device Supplies Menu Remotely User Profiles Web Import/Export Settings What it does Protects access to the Supplies menu from the printer control panel Protects access to the Supplies menu from the Embedded Web Server Controls access to Profiles, such as scanning shortcuts, workflows, or eSF applications Controls the ability to import and export printer settings files (UCF files) from the Embedded Web Server Appendix 31