Embedded Web Server Administrator's Guide
Page 3
Contents Using security features in the Embedded Web Server 5 Understanding the basics...5 Authentication and Authorization ...5 Groups ...6 Access Controls...6 Security Templates...6 Configuring building blocks...7 Creating a password ...7 Creating a PIN...7 Setting up internal accounts ...8 Using LDAP ...9 Using LDAP+GSSAPI ...11 Configuring Kerberos 5 for use with LDAP+GSSAPI ...13 Using NTLM authentication ... the hard disk ...24 Configuring security audit log settings ...25 Configuring 802.1x authentication ...26 Setting up SNMP ...27 Enabling the security reset jumper ...28 Contents 3
Contents Using security features in the Embedded Web Server 5 Understanding the basics...5 Authentication and Authorization ...5 Groups ...6 Access Controls...6 Security Templates...6 Configuring building blocks...7 Creating a password ...7 Creating a PIN...7 Setting up internal accounts ...8 Using LDAP ...9 Using LDAP+GSSAPI ...11 Configuring Kerberos 5 for use with LDAP+GSSAPI ...13 Using NTLM authentication ... the hard disk ...24 Configuring security audit log settings ...25 Configuring 802.1x authentication ...26 Setting up SNMP ...27 Enabling the security reset jumper ...28 Contents 3
Embedded Web Server Administrator's Guide
Page 14
...'s password. Instead of the NTP Server. 6 If the NTP server requires authentication, click the Enable Authentication check box, and then use the "Install auth keys" link to browse to the file containing the NTP authentication credentials. 7 Click Submit to save changes, or Reset Form...Custom Time Zone Setup. 3 If Daylight Saving Time (DST) is Microsoft's solution for enabling authentication without requiring the transmission of a user's password across a network in clear text. Printer clock settings can only be registered to automatically sync with the KDC system clock. Notes: •...
...'s password. Instead of the NTP Server. 6 If the NTP server requires authentication, click the Enable Authentication check box, and then use the "Install auth keys" link to browse to the file containing the NTP authentication credentials. 7 Click Submit to save changes, or Reset Form...Custom Time Zone Setup. 3 If Daylight Saving Time (DST) is Microsoft's solution for enabling authentication without requiring the transmission of a user's password across a network in clear text. Printer clock settings can only be registered to automatically sync with the KDC system clock. Notes: •...
Embedded Web Server Administrator's Guide
Page 16
...Under Edit Building Blocks, select the building block (or blocks), appropriate for that function. 4 Click Submit to save changes, or Reset Form to securely end each session by a password or PIN. For more information on configuring a specific type of lockout. • Panel Login Timeout-Specify how long a user ... • Failure time frame-Specify the amount of time before being automatically logged off . 4 Click Submit to save changes, or Reset Form to protect, select a password or PIN from the drop-down list for your environment, and configure as workstations and servers. Using...
...Under Edit Building Blocks, select the building block (or blocks), appropriate for that function. 4 Click Submit to save changes, or Reset Form to securely end each session by a password or PIN. For more information on configuring a specific type of lockout. • Panel Login Timeout-Specify how long a user ... • Failure time frame-Specify the amount of time before being automatically logged off . 4 Click Submit to save changes, or Reset Form to protect, select a password or PIN from the drop-down list for your environment, and configure as workstations and servers. Using...
Embedded Web Server Administrator's Guide
Page 17
Note: Certain building blocks-such as Passwords and Pins-do , see "Menu of Access Controls" on the device. Hold down list next to the name of that have been configured on the device. 6 To use a descriptive name, such as necessary. 5 Click Modify to save changes, or Reset Form to cancel all changes. This...
Note: Certain building blocks-such as Passwords and Pins-do , see "Menu of Access Controls" on the device. Hold down list next to the name of that have been configured on the device. 6 To use a descriptive name, such as necessary. 5 Click Modify to save changes, or Reset Form to cancel all changes. This...
Embedded Web Server Administrator's Guide
Page 19
...following: 1 Kerberos configuration information • Character encoding (used for authenticating users. Note: Certain building blocks-such as PINs and Passwords-do not support separate authorization. 7 To use authorization, click Add authorization, and then select a building block from the Authorization ...Only", or "Common _ Functions _ Template." 5 From the Authentication list, select a method for passwords) • Location of that function. 4 Click Submit to save changes, or Reset Form to any function controlled by a security template. Hold down list next to the name of the...
...following: 1 Kerberos configuration information • Character encoding (used for authenticating users. Note: Certain building blocks-such as PINs and Passwords-do not support separate authorization. 7 To use authorization, click Add authorization, and then select a building block from the Authorization ...Only", or "Common _ Functions _ Template." 5 From the Authentication list, select a method for passwords) • Location of that function. 4 Click Submit to save changes, or Reset Form to any function controlled by a security template. Hold down list next to the name of the...
Embedded Web Server Administrator's Guide
Page 27
... Address list, click one of the blank IP address entries (shown as device monitoring, type an SNMPPv3 Read/Write User name and Password in network management systems to monitor network-attached devices for the SNMP Community identifier (the default community name is public). 5 To facilitate... the automatic installation of device drivers and other printing applications, select the Enable PPM Mib (Printer Port Monitor MIB) check box. 6 Click Submit to finalize changes, or Reset Form to restore default values. SNMP Version 3 1 From the Embedded Web Server Home screen, browse...
... Address list, click one of the blank IP address entries (shown as device monitoring, type an SNMPPv3 Read/Write User name and Password in network management systems to monitor network-attached devices for the SNMP Community identifier (the default community name is public). 5 To facilitate... the automatic installation of device drivers and other printing applications, select the Enable PPM Mib (Printer Port Monitor MIB) check box. 6 Click Submit to finalize changes, or Reset Form to restore default values. SNMP Version 3 1 From the Embedded Web Server Home screen, browse...
Embedded Web Server Administrator's Guide
Page 28
...RIP card (motherboard). Using security features in the Embedded Web Server 28 Warning-Potential Damage: If "No Effect" is chosen and the password (or other applicable credential) is a hardware jumper located on the motherboard. Administrators can use the Embedded Web Server to specify the ...this jumper. 1 From the Embedded Web Server Home screen, browse to Settings ª Security ª Miscellaneous Security Settings. 2 From the Security Reset Jumper list , select No Effect (to remove access to all security menus-use with caution), Access controls = "No security" (to remove security...
...RIP card (motherboard). Using security features in the Embedded Web Server 28 Warning-Potential Damage: If "No Effect" is chosen and the password (or other applicable credential) is a hardware jumper located on the motherboard. Administrators can use the Embedded Web Server to specify the ...this jumper. 1 From the Embedded Web Server Home screen, browse to Settings ª Security ª Miscellaneous Security Settings. 2 From the Security Reset Jumper list , select No Effect (to remove access to all security menus-use with caution), Access controls = "No security" (to remove security...
Embedded Web Server Administrator's Guide
Page 40
...6 authenticating using Kerberos 13 using LDAP 9 using LDAP+GSSAPI 11 using NTLM authentication 14 Authentication understanding 5 Authorization understanding 5 B backup password creating 15 using 15 building blocks adding to security templates 16 internal accounts 8 Kerberos 5 13 LDAP 9 LDAP+GSSAPI 11 NTLM authentication... accounts 8 Kerberos authentication 13 LDAP authentication 9 LDAP+GSSAPI authentication 11 login restrictions 16 NTLM authentication 14 password 7 PIN 7 reset jumper on motherboard 28 security audit log 25 security templates 16 SNMP 27 USB devices 23 security audit log configuring ...
...6 authenticating using Kerberos 13 using LDAP 9 using LDAP+GSSAPI 11 using NTLM authentication 14 Authentication understanding 5 Authorization understanding 5 B backup password creating 15 using 15 building blocks adding to security templates 16 internal accounts 8 Kerberos 5 13 LDAP 9 LDAP+GSSAPI 11 NTLM authentication... accounts 8 Kerberos authentication 13 LDAP authentication 9 LDAP+GSSAPI authentication 11 login restrictions 16 NTLM authentication 14 password 7 PIN 7 reset jumper on motherboard 28 security audit log 25 security templates 16 SNMP 27 USB devices 23 security audit log configuring ...