Konica Minolta AU-211P User Manual
Authentication unit
Hide thumbs
Also See for AU-211P:
- Network configuration manual (20 pages) ,
- User manual (65 pages) ,
- User manual (65 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for Konica Minolta AU-211P
Summary of Contents for Konica Minolta AU-211P
- Page 1 Authentication Unit AU-211P User’s Guide...
-
Page 2: Table Of Contents
Address Search (LDAP) Using PKI card ..................3-5 3.3.1 Overview .............................3-5 3.3.2 Related Settings..........................3-5 [Enabling LDAP] ..........................3-5 [Setting Up LDAP] ..........................3-6 3.3.3 LDAP Search Method .........................3-7 SMB TX using PKI card ........................3-8 3.4.1 Overview .............................3-8 3.4.2 Related Settings..........................3-9 [Client Setting]............................ 3-9 AU-211P... - Page 3 [Certificate Verification Setting]......................4-2 4.1.3 [Network].............................4-3 [FTP Setting] ............................4-3 [SMB Setting] ............................. 4-3 [LDAP Setting]............................ 4-3 [E-mail Setting]........................... 4-3 [SNMP Setting]........................... 4-3 [TCP Socket Setting].......................... 4-4 [WebDAV Settings]..........................4-4 4.1.4 [Security] .............................4-4 [Security Details] ..........................4-4 [Job Log Settings] ..........................4-4 AU-211P...
- Page 4 Appendix Product Specifications ........................5-2 Cleaning the Authentication Unit....................5-2 Troubleshooting ..........................5-2 AU-211P...
-
Page 5: Introduction
Introduction... - Page 6 This User's Guide provides descriptions of the operating procedures and precautions for using Authentica- tion Unit (IC Card Type) AU-211P. Carefully read this User's Guide before using this device. The actual screens that appear may be slightly different from the screen images used in this User's Guide.
-
Page 7: Getting Started
Getting Started... -
Page 8: Product Overview
MFP compatible with PKI card authentication system PKI card available for PIV and CAC User management using Active Directory (Kerberos authentication + PKINIT) NOTICE Do not disconnect the USB cable while using this unit. Doing so may cause this system to become unstable. AU-211P... -
Page 9: Part Names And Their Functions
Part Names and their Functions Part name Description Card inlet Used to insert the PKI card. LED lamp Turns green when you insert a PKI card into this unit. Blinks green during authentication. USB cable Used to connect this device to the MFP. AU-211P... -
Page 10: Pre-Setting
Enter the IPv6 global address when manually configuring the setting. [Prefix Length] Enter the prefix length of the IPv6 global address between 1 and 128 when manually configuring the setting. [Gateway Address] Enter the gateway address when manually configuring the setting. AU-211P... -
Page 11: [Dns Host]
Name1] to [DNS Search Do- (using up to 63 characters). Hyphen (-) and period (.) are available as sym- main Name3] bols. However, the name cannot be specified using only symbols, and also cannot be suffixed by a symbol. AU-211P... -
Page 12: Registering Active Directory For Authentication
(default: [24] hours). [Data Entry] Connect to the NTP server, and adjust the time. Tips Before adjusting the time, select [Utility] - [Administrator] - [Maintenance] - [Date/Time Setting] - [Manual Set- ting], and check that the time zone is set correctly. AU-211P... -
Page 13: Registering The Dns Server Associated With Active Directory
Specify the PIV transitional mode in the PIV transitional specifications. Select [Utility] - [Administrator] - [User Auth/Account Track] - [PKI Card Authentication], and configure the fol- lowing settings. Item Description [PIV Transitional Mode] Select PIV Transitional Mode from PIV or CAC. AU-211P... -
Page 14: Configuring Settings For Verifying The Active Directory Certificate
When specifying the host name instead of the address, select the [Please check to enter host name.] check box. Reference For details on how to use Web Connection, refer to the User’s Guide (Web Management Tool) supplied with the MFP. AU-211P... -
Page 15: [External Certificate Setting]
The authentication unit does not support ErP; therefore, set to the power saving mode. Select [Utility] - [Administrator] - [Maintenance] - [Timer Setting] - [Power Settings], and configure the follow- ing settings. Item Description [Power Key Setting] Select [Power Save] (default: [Power Save]). AU-211P... -
Page 16: Operation Settings
Select [Utility] - [Administrator] - [Network] - [OpenAPI Setting] - [OpenAPI Setting], and set [External Appli- cation Connection] to OFF (default: ON). However, when TPM is installed, there will be no problems if this option is turned ON. AU-211P 2-10... -
Page 17: How To Use The Authentication Unit
How to Use the Authentication Unit... -
Page 18: Login And Logout
Then, tap [OK]. % You can log in as the public user if Public User Access is enabled. % When logging in to the MFP as the administrator or User Box administrator, tap [ID & PW], and enter the password. AU-211P... -
Page 19: Logout
To issue the caution sound, select [Sound Setting] - [Sound Setting] and set [Warning Sound] to [On] in [Accessibility Setting] screen, and also set [Simple Caution Sound (Level 1)] to [Yes] in [Sound Setting] - [Caution Sound] in advance. AU-211P... -
Page 20: Functions Using The Pki Card Authentication System
The user can obtain the position of the user’s Home folder from Active Directory, and easily send data to the Home fold- er of the user’s computer. This function is effective when frequently sending scanned data to the user’s address. AU-211P... -
Page 21: Address Search (Ldap) Using Pki Card
[Enabling LDAP] Configure settings to use the LDAP server. Select [Utility] - [Administrator] - [Network] - [LDAP Setting] - [LDAP Setting], and configure the following set- tings. Item Description [Enabling LDAP] To perform LDAP search, select [ON] (default: [OFF]). AU-211P... -
Page 22: [Setting Up Ldap]
LDAP search (default: [OFF]). [Initial Setting for Search De- Specify the default LDAP search conditions for each item (default: [OR]). tails] • [Search Attributes Authentication]: This setting is not available. [Search Attribute]: This setting is not available. AU-211P... -
Page 23: Ldap Search Method
Enter the search word, and tap [Search]. % Perform authentication for the selected LDAP server using the Kerberos authentication ticket, and make a search. Reference For details on the LDAP search, refer to the User's Guide (Scan) supplied with the MFP. AU-211P... -
Page 24: Smb Tx Using Pki Card
Use the Kerberos authentication ticket to log in to the destination computer and save scanned data. Tips This function is not available when you log in to the MFP as a public user, administrator, administrative user, or User Box administrator. AU-211P... -
Page 25: Related Settings
SMB signature on the server side is disabled, it will not be possible to make a connection. Reference Configure the WINS server setting to fit your environment. For details, refer to the User’s Guide (Web Man- agement Tool) supplied with the MFP. AU-211P... -
Page 26: Smb Tx Method
For details on the SMB TX method, refer to the User's Guide (Scan) supplied with the MFP. This function allows you to set the operation to be performed when authentication has failed using a Kerberos authentication ticket. For details, refer to "[Client Setting] (p. 3-9)". AU-211P 3-10... -
Page 27: Smb Destination Search
When you are logging in to the MFP using a PKI card, log in to the searched computer using the Kerberos authentication ticket, and register or specify it as the destination. <SMB destination registration screen> <SMB destination specification screen in classic style (Direct Input)> AU-211P 3-11... -
Page 28: Scan To E-Mail (S/Mime) Using Pki Card
Scan to Me function, refer to "Scan To Me (p. 3-26)". Tapping, fabrication or spoofing PKI Card Encryption + Digital Signature Tips This function is not available when you log in to the MFP as a public user, administrator, administrative user, or User Box administrator. AU-211P 3-12... -
Page 29: Related Settings
OCSP (Online Certificate Status Protocol) service, and CRL (Certificate Revocation List). Reference For details on how to configure the settings required to send an e-mail, refer to the User’s Guide (Web Man- agement Tool) supplied with the MFP. AU-211P 3-13... -
Page 30: Encrypting An E-Mail And Adding A Digital Signature
When adding a digital signature using the PIV card, enter the PIN code when sending an e-mail. If the PIV card is locked because an incorrect PIN code has been entered, the e-mail sending job will be dis- carded. AU-211P 3-14... -
Page 31: Pdf Encryption And Signature Addition Using Pki Card
The optional i-Option LK-102 v3 or i-Option LK-110 v2 is required to use the PDF document encryp- tion function using the PKI card. This function is not available when you log in to the MFP as a public user, administrator, administrative user, or User Box administrator. AU-211P 3-15... -
Page 32: Encrypting A Pdf Document
Select [PDF] or [Compact PDF] on the scan/fax screen of classic style, set [PDF Detail Setting] - [Encryption] to [ON], and configure the following setting. In [Encryption Type], select [Digital ID], and tap the detail icon of [Select Digital ID]. To encrypt a document using the digital ID of the PKI card, tap [PKI Card]. AU-211P 3-16... -
Page 33: Adding A Signature To A Pdf Document
Select [PDF] or [Compact PDF] on the Scan/Fax screen of classic style., set [PDF Detail Setting] - [Digital Sig- nature] to [ON], and select the signature encryption level from [SHA1] or [SHA256]. Tips The PDF document encryption setting is required to use this function. For details, refer to "Encrypting a PDF Document (p. 3-16)". AU-211P 3-17... -
Page 34: Pki Card Print
Encrypt print data using the PKI card to send it from the printer driver to the MFP. Move to the MFP while holding the PKI card. Insert the PKI card into the MFP to perform Active Directory authentication. Decode print data using the PKI card, and print it. AU-211P 3-18... -
Page 35: Installing The Printer Driver
Windows Server 2012 R2 Standard Windows 10 Home * Windows 10 Pro * Windows 10 Enterprise * Windows 10 Education * Windows Server 2016 Standard Windows Server 2016 Datacenter * Available in 32-bit (x86) or 64-bit (x64) environment. AU-211P 3-19... -
Page 36: Installation Method
The PKI Encrypted Document User Box can contain up to 200 documents. [PKI Encryption Document Delete Time Setting] Tap [Utility] - [Administrator] - [System Settings] - [User Box Setting] - [PKI Encryption Document Delete Time Setting]. Specify the period from the document saving time to the automatic deletion time. AU-211P 3-20... -
Page 37: Pki Card Print Method
This section describes the printer driver setting to encrypt print data using the PKI card and send it to the MFP. Click [Print] in the menu of the application software. Select the printer used for printing. Click [Properties] (or [Preferences]). Click the [Basic] tab. Click [Authentication/Account Track]. AU-211P 3-21... - Page 38 Active Direction registered in No. 2, set the [Realm(Domain)] value to [2]. % PKI Card Print uses authentication information of the PKI card; therefore, it disables the authentica- tion information specified in [User Authentication]. Select [PKI Card Print] in [Output Method], and click [OK]. AU-211P 3-22...
-
Page 39: Mfp Printing
The documents stored in the PKI Encrypted Document User Box are deleted automatically after the specified period has lapsed. For details on how to specify the deletion time, "Specifying the Print Data Deletion Time (p. 3-20)". The printed data is deleted from the PKI Encrypted Document User Box after printing. AU-211P 3-23... - Page 40 PIN code, the system prints all the relevant user’s data and logs into the MFP. Tips When printing is performed simultaneously with authentication, data in the ID & Print User Box is also printed. For details on ID & Print, refer to the User's Guide (Print) supplied with the MFP. AU-211P 3-24...
- Page 41 Tap [User Box] - [System] - [PKI Encrypted Document]. A login user's print data list is displayed. Select the desired data, and tap [Print]. % To delete data, select the target data, and tap [Delete]. % Tap [Details] to view detailed information on the selected data. AU-211P 3-25...
-
Page 42: Scan To Me
Receive an e-mail. After you have encrypted an e-mail or added a digital signature when sending the e-mail, decrypt the e-mail and check the signature using the PKI card. Tips This function is not available when you log in to the MFP as a public user, administrator, administrative user, or User Box administrator. AU-211P 3-26... -
Page 43: Related Settings
Tap [Scan to Email] on the home screen. Tap [Me]. Configure Scan option settings as necessary. Use the Start key to start transmission. Tips For details on the scan condition settings, refer to the User's Guide (Scan) supplied with the MFP. AU-211P 3-27... -
Page 44: Scan To Home
For details on how to handle SMB TX using the PKI card and configure the setting, refer to "SMB TX using PKI card (p. 3-8)". Reference Configure the WINS server setting to fit your environment. For details, refer to the User’s Guide (Web Man- agement Tool) supplied with the MFP. AU-211P 3-28... -
Page 45: [Scan To Home Settings]
Tap [Scan/Fax] on the main menu of classic style. Tap [Home]. Configure Scan option settings as necessary. Use the Start key to start transmission. Tips For details on the scan condition settings, refer to the User's Guide (Scan) supplied with the MFP. AU-211P 3-29... -
Page 46: Added Or Changed Setting Information
Added or Changed Setting Information... -
Page 47: Administrator]
Description [PKI Card Authentications] To operate in the PIV Transitional specifications, select PIV Transitional Mode from PIV or CAC. [Certificate Verification Setting] Description Sets the method to verify a certificate. For details, refer to "[Certificate Verification Setting] (p. 2-8)". AU-211P... -
Page 48: Network]
[SNMP Setting] Item Description [SNMP v1/v2c Setting] The default of [Write Community Name] is OFF. [SNMP v3 (IP)] OFF is specified by default. Tips We recommend that this function is set to the disable state when this system is operated. AU-211P... -
Page 49: [Tcp Socket Setting]
Method] [Job Log Settings] Item Description [Job Log Usage Set.] The default setting of [Audit Log] is OFF. When setting to ON, we recom- mend that you install i-Option LK-115 v2 (TPM option) to ensure a more safe use. AU-211P... - Page 50 Appendix...
- Page 51 Product Specifications Appendix Product Specifications Item Specifications Product name Authentication unit (PKI-IC card type) AU-211P 70 mm (L) e 70 mm (W) e 10 mm (H) Dimensions Weight 60 g Power supply USB bus power Range of operating temper- 0 to 50°C...
- Page 52 http://konicaminolta.com AA2J-9635-00 2019. 6 © 2015...