Ricoh Pro C720s Operating Instructions Manual
  1. Manuals
  2. Brands
  3. Ricoh Manuals
  4. Copier
  5. Pro C720s
  6. Operating instructions manual
Ricoh Pro C720s Operating Instructions Manual

Ricoh Pro C720s Operating Instructions Manual

Hide thumbs Also See for Pro C720s:
Table of Contents

Advertisement

Quick Links

Download this manual
Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information
in "About This Machine" before using the machine.
1
Getting Started
2
Authentication and its Application
3
Ensuring Information Security
4
Managing Access to the Machine
5
Enhanced Network Security
6
Specifying the Extended Security Functions
7
Troubleshooting
8
Appendix
Pro C720s

Operating Instructions

Security Reference

Advertisement

Table of Contents
loading

Related Manuals for Ricoh Pro C720s

Summary of Contents for Ricoh Pro C720s

  • Page 1: Operating Instructions

    Pro C720s Operating Instructions Security Reference Getting Started Authentication and its Application Ensuring Information Security Managing Access to the Machine Enhanced Network Security Specifying the Extended Security Functions Troubleshooting Appendix Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information...
  • Page 2 Introduction This manual contains detailed instructions and notes on the operation and use of this machine. For your safety and benefit, read this manual carefully before using the machine. Keep this manual in a handy place for quick reference. Important Contents of this manual are subject to change without prior notice.

  • Page 3: Manuals For This Machine

    Manuals for This Machine Refer to the manuals that are relevant to what you want to do with the machine. • Media differ according to manual. • The printed and electronic versions of a manual have the same contents. • Adobe Acrobat Reader/Adobe Reader must be installed in order to view the manuals as PDF files. •...
  • Page 4 Information Contains general notes on the machine, and information about the trademarks of product names used in the manuals. • In addition to the above, manuals are also provided for the Printer function.

  • Page 5: Table Of Contents

    TABLE OF CONTENTS Manuals for This Machine..........................1 How to Read This Manual..........................8 Symbols................................8 IP Address...............................8 1. Getting Started Before Using the Security Functions........................9 Setting Up the Machine...........................10 Enhanced Security............................12 Glossary................................13 Security Measures Provided by this Machine....................14 Using Authentication and Managing Users....................14 Ensuring Information Security........................14 Limiting and Controlling Access........................15 Enhanced Network Security........................16...
  • Page 6 Basic Authentication............................44 Specifying Basic Authentication........................44 Authentication Information Stored in the Address Book................46 Windows Authentication..........................53 Specifying Windows Authentication......................54 LDAP Authentication............................61 Specifying LDAP Authentication.........................62 Integration Server Authentication........................67 Specifying Integration Server Authentication....................67 If User Authentication is Specified........................74 User Code Authentication (Using the Control Panel)................74 Login (Using the Control Panel)........................75 Log Off (Using the Control Panel)......................76 Login (Using Web Image Monitor)......................77...
  • Page 7 Auto Erase Memory ..........................116 Erase All Memory............................120 4. Managing Access to the Machine Preventing Modification of Machine Settings....................125 Menu Protect..............................127 Menu Protect..............................127 Limiting Available Functions..........................130 Specifying Which Functions are Available.....................130 5. Enhanced Network Security Preventing Unauthorized Access........................133 Access Control............................133 Enabling/Disabling Protocols........................134 Specifying Network Security Level......................140 Encrypting Transmitted Passwords.......................144 Driver Encryption Key..........................144...
  • Page 8 Scanner Function............................187 Weekly Timer Code..........................187 Limiting Machine Operation to Customers Only..................192 Settings...............................192 Specifying Service Mode Lock Preparation....................192 Canceling Service Mode Lock.........................194 7. Troubleshooting Authentication Does Not Work Properly.....................197 A Message Appears..........................197 An Error Code Appears..........................199 Machine Cannot Be Operated........................213 8. Appendix Supervisor Operations..........................217 Logging on as the Supervisor........................217 Logging off as the Supervisor........................219...
  • Page 9 The Privilege for User Account Settings in the Address Book..............241 User Settings - Control Panel Settings......................244 Copier / Document Server Features......................245 Scanner Features............................251 System Settings...............................253 User Settings - Web Image Monitor Settings....................259 Device Settings...............................260 Scanner................................270 Interface................................272 Network................................273 Webpage...............................276 Functions That Require Options........................277 INDEX ................................279...

  • Page 10: How To Read This Manual

    How to Read This Manual Symbols This manual uses the following symbols: Indicates points to pay attention to when using the machine, and explanations of likely causes of paper misfeeds, damage to originals, or loss of data. Be sure to read these explanations. Indicates supplementary explanations of the machine's functions, and instructions on resolving user errors.

  • Page 11: Getting Started

    1. Getting Started This chapter describes the machine's security features and how to specify initial security settings. Before Using the Security Functions • If security settings are not made, there is a risk of damage resulting from malicious activity. For this reason, be sure to make the security settings shown in this manual.

  • Page 12: Setting Up The Machine

    1. Getting Started Setting Up the Machine This section explains how to enable encryption of transmitted data and configure the administrator account. If you want higher security, make the following setting before using the machine: Turn the machine on. Press the [User Tools] key. BJK001S Press [System Settings].
  • Page 13 Setting Up the Machine Connect the machine to the network. Start Web Image Monitor, and then log on to the machine as the administrator. For details about logging on to Web Image Monitor as an administrator, see “Using Web Image Monitor”.

  • Page 14: Enhanced Security

    1. Getting Started Enhanced Security This machine's security functions can be enhanced by managing the machine and its users using the improved authentication functions. By specifying access limits for the machine's functions and the documents and data stored in the machine, information leaks and unauthorized access can be prevented.

  • Page 15: Glossary

    Glossary Glossary Administrator There are four types of administrators according to administrative function: machine administrator, network administrator, file administrator, and user administrator. We recommend that only one person takes each administrator role. In this way, you can spread the workload and limit unauthorized operation by a single administrator. Basically, administrators make machine settings and manage the machine;...

  • Page 16: Security Measures Provided By This Machine

    1. Getting Started Security Measures Provided by this Machine Using Authentication and Managing Users Enabling Authentication To control administrators' and users' access to the machine, perform administrator authentication and user authentication using login user names and login passwords. To perform authentication, the authentication function must be enabled.

  • Page 17: Limiting And Controlling Access

    Security Measures Provided by this Machine Preventing Data Leaks Due to Unauthorized Transmission You can specify in the Address Book which users are allowed to send files using the scanner function. You can also limit the direct entry of destinations to prevent files from being sent to destinations not registered in the Address Book.

  • Page 18: Enhanced Network Security

    1. Getting Started Register the administrators so that users cannot change the administrator settings. For details about preventing modification of machine settings, see “Preventing Modification of Machine Settings”. Limiting Available Functions To prevent unauthorized operation, you can specify who is allowed to access each of the machine's functions.

  • Page 19: Authentication And Its Application

    2. Authentication and its Application This chapter describes how to register the administrator and specify the authentication methods. How to log on and log off once authentication is enabled is also described here. Administrators and Users When controlling access using the authentication method specified by an administrator, select the machine's administrator, enable the authentication function, and then use the machine.

  • Page 20: User

    2. Authentication and its Application If any of the users forget their password, the user administrator can delete it and create a new one, allowing the user to access the machine again. For instructions on registering the user administrator, see “Registering the Administrator”. Machine Administrator This is the administrator who mainly manages the machine's default settings.
  • Page 21 Administrators and Users For details about registering users in the address book, see “Administrator Tools”, General Settings Guide, or Web Image Monitor Help.

  • Page 22: The Management Function

    2. Authentication and its Application The Management Function The machine has an authentication function requiring a login user name and login password. By using the authentication function, you can specify access limits for individual users and groups of users. Using access limits, you can not only limit the machine's available functions but also protect the machine settings and files and data stored in the machine.

  • Page 23: About User Authentication

    The Management Function 1. User Administrator This administrator manages personal information in the address book. You can register/delete users in the address book or change users' personal information. 2. Machine Administrator This administrator manages the machine's default settings. You can specify a security setting to allow only the machine administrator to configure system settings such as tray paper settings.
  • Page 24 2. Authentication and its Application BBC004S 1. User A user performs normal operations on the machine, such as copying and printing. 2. Group A group performs normal operations on the machine, such as copying and printing. 3. Unauthorized User 4. Authentication Using a login user name and password, user authentication is performed.

  • Page 25: Enabling Authentication

    Enabling Authentication Enabling Authentication To control administrators' and users' access to the machine, perform administrator or user authentication using login user names and passwords. To perform authentication, the authentication function must be enabled. To specify authentication, you need to register administrators. For instructions on registering the administrator, see “Registering the Administrator”.
  • Page 26 2. Authentication and its Application • You can specify User Code Authentication without specifying administrator authentication. • p.25 "Administrator Authentication" • p.40 "User Authentication" • p.25 "Specifying Administrator Privileges" • p.28 "Registering the Administrator" • p.41 "User Code Authentication" • p.44 "Basic Authentication" •...

  • Page 27: Administrator Authentication

    Administrator Authentication Administrator Authentication Administrators are handled differently from the users registered in the address book. When registering an administrator, you cannot use a login user name already registered in the address book. Windows Authentication, LDAP Authentication and Integration Server Authentication are not performed for an administrator, so an administrator can log on even if the server is unreachable due to a network problem.
  • Page 28 2. Authentication and its Application Press the [User Tools] key. BJK001S Press [System Settings]. Press [Administrator Tools].
  • Page 29 Administrator Authentication Press [Administrator Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [User Management], [Machine Management], [Network Management], or [File Management] key to select which settings to manage. Set “Admin.

  • Page 30: Registering The Administrator

    2. Authentication and its Application Select the settings to manage from “Available Settings”. The selected settings will be unavailable to users. “Available Settings” varies depending on the administrator. For details about “Available Settings”, see “Limiting Available Functions”. To specify administrator authentication for more than one category, repeat steps 5 to 7. Press [OK].
  • Page 31 Administrator Authentication Press the [User Tools] key. BJK001S Press [System Settings]. Press [Administrator Tools].
  • Page 32 2. Authentication and its Application Press [Program / Change Administrator]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. In the line for the administrator whose authority you want to specify, press [Administrator 1], [Administrator 2], [Administrator 3] or [Administrator 4], and then press [Change].
  • Page 33 Administrator Authentication Press [Change] for the login user name. Enter the login user name, and then press [OK]. Press [Change] for the login password.
  • Page 34 2. Authentication and its Application Enter the login password, and then press [OK]. Follow the password policy to make the login password more secure. For details about the password policy and how to specify it, see “Specifying the Extended Security Functions”.

  • Page 35: Logging On Using Administrator Authentication

    Administrator Authentication • You can use up to 32 alphanumeric characters and symbols when registering login user names and login passwords. Keep in mind that passwords are case-sensitive. • User names cannot contain numbers only, a space, colon (:), or quotation mark ("), nor can they be left blank.
  • Page 36 2. Authentication and its Application Press the [Login/Logout] key. BJK002S The message, "Press [Login], then enter the login user name and login password." appears. Press [Login]. If you do not want to log in, press [Cancel]. Enter the login user name, and then press [OK]. When you log on to the machine for the first time as the administrator, enter “admin”.

  • Page 37: Logging Off Using Administrator Authentication

    Administrator Authentication Enter the login password, and then press [OK]. "Authenticating... Please wait." appears, followed by the screen for specifying the default. • If user authentication has already been specified, a screen for authentication appears. • To log on as an administrator, enter the administrator's login user name and login password. •...

  • Page 38: Changing The Administrator

    2. Authentication and its Application Press [Yes]. Changing the Administrator Change the administrator's login user name and login password. You can also assign administrator authority to the login user names [Administrator 1] to [Administrator 4]. To combine the authorities of multiple administrators, assign multiple administrators to a single administrator.
  • Page 39 Administrator Authentication Press [System Settings]. Press [Administrator Tools]. Press [Program / Change Administrator]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.

  • Page 40: Using Web Image Monitor

    2. Authentication and its Application In the line for the administrator you want to change, press [Administrator 1], [Administrator 2], [Administrator 3] or [Administrator 4], and then press [Change]. Press [Change] for the setting you want to change, and re-enter the setting. Press [OK].
  • Page 41 Administrator Authentication • When logging on as an administrator use the login name and password of an administrator set in the machine. The default login name is “admin” and the password is blank.

  • Page 42: User Authentication

    2. Authentication and its Application User Authentication There are five types of user authentication methods: User Code authentication, Basic authentication, Windows authentication, LDAP authentication, and Integration Server authentication. To use user authentication, select an authentication method on the control panel, and then make the required settings for the authentication.

  • Page 43: User Code Authentication

    User Code Authentication User Code Authentication This is an authentication method for limiting access to functions according to a user code. The same user code can be used by more than one user. By specifying user code authentication, you can limit the printer functions available under each user code.
  • Page 44 2. Authentication and its Application Press [System Settings]. Press [Administrator Tools]. Press [User Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
  • Page 45 User Code Authentication Select [User Code Auth.]. If you do not want to use user authentication management, select [Off]. Select which of the machine's functions you want to limit. The selected settings will be unavailable to users. For details about specifying available functions for individuals or groups, see “Limiting Available Functions”.

  • Page 46: Basic Authentication

    2. Authentication and its Application Basic Authentication Specify this authentication method when using the machine's address book to authenticate each user. Using Basic authentication, you can not only manage the machine's available functions but also limit access to stored files and to the personal data in the address book. Under Basic authentication, the administrator must specify the functions available to each user registered in the address book.
  • Page 47 Basic Authentication Press [Administrator Tools]. Press [User Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select [Basic Auth.]. If you do not want to use user authentication management, select [Off].

  • Page 48: Authentication Information Stored In The Address Book

    2. Authentication and its Application Select which of the machine's functions you want to permit. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. The selected functions are registered as the initial settings for “Available Functions”, in the address book.
  • Page 49 Basic Authentication User authentication can also be specified via Web Image Monitor. • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication" Specifying Login User Name and Login Password In [Address Book Management], specify the login user name and login password to be used for User Authentication Management.
  • Page 50 2. Authentication and its Application Select the user or group. Press [Auth. Info]. Press [Change] for “Login User Name”. Enter a login user name, and then press [OK].
  • Page 51 Basic Authentication Press [Change] for “Login Password”. Enter a login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK]. Press [Exit] twice. Press the [User Tools] key. Specifying Authentication Information to Log on The login user name and password specified in [Address Book Management] can be used as the login information for “SMTP Authentication”, “Folder Authentication”, and “LDAP Authentication”.
  • Page 52 2. Authentication and its Application Press the [User Tools] key. BJK001S Press [System Settings]. Press [Administrator Tools].
  • Page 53 Basic Authentication Press [Address Book Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select the user or group. Press [Auth. Info].
  • Page 54 2. Authentication and its Application Select [Use Auth. Info at Login] in “SMTP Authentication”. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. For folder authentication, select [Use Auth. Info at Login] in “Folder Authentication”. For LDAP authentication, select [Use Auth.

  • Page 55: Windows Authentication

    Windows Authentication Windows Authentication Specify this authentication when using the Windows domain controller to authenticate users who have their accounts on the directory server. Users cannot be authenticated if they do not have their accounts in the directory server. Under Windows authentication, you can specify the access limit for each group registered in the directory server.

  • Page 56: Specifying Windows Authentication

    2. Authentication and its Application • If the “Guest” account on the Windows server is enabled, even users not registered in the domain controller can be authenticated. When this account is enabled, users are registered in the address book and can use the functions available under [*Default Group]. Specifying Windows Authentication This can be specified by the machine administrator.
  • Page 57 Windows Authentication Press [Administrator Tools]. Press [User Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select [Windows Auth.]. If you do not want to use user authentication management, select [Off].
  • Page 58 2. Authentication and its Application Press [Change] for “Domain Name”, enter the name of the domain controller to be authenticated, and then press [OK]. Press [On] for “Use Secure Connection (SSL)”. If you are not using secure sockets layer (SSL) for authentication, press [Off]. If global groups have been registered under Windows server, you can limit the use of functions for each global group.
  • Page 59 Windows Authentication Under “Group”, press [Program / Change], and then press [* Not Programmed]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Under “Group Name”, press [Change], and then enter the group name. Press [OK].
  • Page 60 2. Authentication and its Application Press [OK] twice. Press the [User Tools] key. A confirmation message appears. If you click [Yes], you will be automatically logged out. • Under Windows Authentication, you can select whether or not to use secure sockets layer (SSL) authentication.
  • Page 61 Windows Authentication Enter the Certificate Authority name (optional) in “CA Identifying Information”, and then click [Next]. Leave “Data Storage Location” at its default, and then click [Next]. Internet Information Services and Certificate services are installed. Creating the Server Certificate After installing Internet Information Services (IIS) and Certificate services Windows components, create the Server Certificate as follows: Start Internet Services Manager.
  • Page 62 2. Authentication and its Application Click [Configuration], and then click [Device Certificate] under “Security”. The Device Certificate page appears. Check the radio button next to the number of the certificate you want to install. Click [Install]. Enter the contents of the device certificate. In the “Certificate Request”...

  • Page 63: Ldap Authentication

    LDAP Authentication LDAP Authentication Specify this authentication method when using the LDAP server to authenticate users who have their accounts on the LDAP server. Users cannot be authenticated if they do not have their accounts on the LDAP server. The address book stored in the LDAP server can be registered to the machine, enabling user authentication without first using the machine to register individual settings in the address book.

  • Page 64: Specifying Ldap Authentication

    2. Authentication and its Application You do not have to enter the password if the LDAP server supports “Anonymous Authentication”. • Under LDAP Authentication, if “Anonymous Authentication” in the LDAP server's settings is not set to Prohibit, users who do not have an LDAP server account might still be able to gain access. •...
  • Page 65 LDAP Authentication Press [System Settings]. Press [Administrator Tools]. Press [User Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
  • Page 66 2. Authentication and its Application Select [LDAP Auth.]. If you do not want to use user authentication management, select [Off]. Select the LDAP server to be used for LDAP authentication. Select which of the machine's functions you want to permit. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
  • Page 67 LDAP Authentication Press [Change] for “Login Name Attribute”. Enter the login name attribute, and then press [OK]. Use the Login Name Attribute as a search criterion to obtain information about an authenticated user. You can create a search filter based on the Login Name Attribute, select a user, and then retrieve the user information from the LDAP server so it is transferred to the machine's address book.
  • Page 68 2. Authentication and its Application Press [Change] for “Unique Attribute”. Enter the unique attribute and then press [OK]. Specify Unique Attribute on the machine to match the user information in the LDAP server with that in the machine. By doing this, if the Unique Attribute of a user registered in the LDAP server matches that of a user registered in the machine, the two instances are treated as referring to the same user.

  • Page 69: Integration Server Authentication

    Integration Server Authentication Integration Server Authentication To use Integration Server authentication with this machine, you need a server on which Authentication Manager or another application that supports authentication is installed. For external authentication, the Integration Server authentication collectively authenticates users accessing the server over the network, providing a server-independent, centralized user authentication system that is safe and convenient.
  • Page 70 2. Authentication and its Application Press [System Settings]. Press [Administrator Tools]. Press [User Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select [Integration Svr. Auth.]. If you do not want to use User Authentication Management, select [Off].
  • Page 71 Integration Server Authentication Press [Change] for “Server Name”. Specify the name of the server for external authentication. Enter the server name, and then press [OK]. Enter the IPv4 address or host name. In “Authentication Type”, select the authentication system for external authentication. Select an available authentication system.
  • Page 72 2. Authentication and its Application Press [Change] for “Domain Name”. Enter the domain name, and then press [OK]. You cannot specify a domain name under an authentication system that does not support domain login.
  • Page 73 Integration Server Authentication Press [Obtain URL]. The machine obtains the URL of the server specified in “Server Name”. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. If “Server Name” or the setting for enabling SSL is changed after obtaining the URL, the URL is “Not Obtained”.
  • Page 74 2. Authentication and its Application Under “Group Name”, press [Change], and then enter the group name. Press [OK]. Select which of the machine's functions you want to permit. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Authentication will be applied to the selected functions.
  • Page 75 Integration Server Authentication If the setting to be specified does not appear, press [ Next] to scroll down to other settings. To not use secure sockets layer (SSL) for authentication, press [Off]. Press the [User Tools] key. A confirmation message appears. If you click [Yes], you will be automatically logged out.

  • Page 76: If User Authentication Is Specified

    2. Authentication and its Application If User Authentication is Specified If user authentication (User Code Authentication, Basic Authentication, Windows Authentication, LDAP Authentication, or Integration Server Authentication) is set, the authentication screen is displayed. Unless a valid user name and password are entered, operations are not possible with the machine. Log on to operate the machine, and log off when you are finished operations.

  • Page 77: Login (Using The Control Panel)

    If User Authentication is Specified Login (Using the Control Panel) Use the following procedure to log in when Basic Authentication, Windows Authentication, LDAP Authentication, or Integration Server Authentication is enabled. Press [User Tools] key. BJK001S Press the [Login/Logout] key. BJK002S Press [Login].

  • Page 78: Log Off (Using The Control Panel)

    2. Authentication and its Application Enter the login user name, and then press [OK]. Enter the login password, and then press [OK]. The message, "Authenticating... Please wait." appears. Log Off (Using the Control Panel) Follow the procedure below to log off when Basic Authentication, Windows Authentication, Authentication, LDAP Authentication, or Integration Server Authentication is set.

  • Page 79: Login (Using Web Image Monitor)

    If User Authentication is Specified Press [Yes]. The message, "Logging out... Please wait." appears. • You can log off using the following procedures also. • Press the [Power] key. • Press the [Energy Saver] key. Login (Using Web Image Monitor) This section explains how to log on to the machine via Web Image Monitor.
  • Page 80 2. Authentication and its Application When using user authentication management, the machine automatically logs you off if you do not use the control panel within a given time. This feature is called “Auto Logout”. Specify how long the machine is to wait before performing Auto Logout.
  • Page 81 If User Authentication is Specified Press [Auto Logout Timer]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select [On]. If you do not want to specify [Auto Logout Timer], select [Off]. Enter “60”...
  • Page 82 2. Authentication and its Application • If a paper jam occurs or a print cartridge runs out of ink, the machine might not be able to perform the Auto Log function. • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication"...

  • Page 83: Authentication Using An External Device

    Authentication Using an External Device Authentication Using an External Device To authenticate using an external device, see the device manual. For details, contact your sales representative.
  • Page 84 2. Authentication and its Application...

  • Page 85: Ensuring Information Security

    3. Ensuring Information Security This chapter describes how to protect data that is stored on the machine and transmitted information from unauthorized viewing and modification. Specifying Access Permission for Stored Files This section describes Specifying Access Permission for Stored Files. You can specify who is allowed to access stored scan files and files stored in the Document Server.

  • Page 86: Assigning Users And Access Permission For Stored Files

    3. Ensuring Information Security • Even if User Authentication is not set, passwords for stored files can be set. Assigning Users and Access Permission for Stored Files This can be specified by the file creator (owner) or file administrator. Specify the users and their access permissions for each stored file. By making this setting, only users granted access permission can access stored files.
  • Page 87 Specifying Access Permission for Stored Files Press [Change Access Priv.]. Press [Program/Change/Delete]. Press [New Program]. Select the users or groups you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit].

  • Page 88: Specifying Access Privileges For Files Stored Using The Scanner Function

    3. Ensuring Information Security Select the user who you want to assign access permission to, and then select the permission. Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control]. Press [Exit]. Press [OK]. • p.33 "Logging on Using Administrator Authentication" •...
  • Page 89 Specifying Access Permission for Stored Files Press [Access Privileges]. Press [New Program]. Select the users or groups you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit].
  • Page 90 3. Ensuring Information Security Press [Select Stored File]. Select the file. Press [Manage / Delete File]. Press [Change Access Priv.].
  • Page 91 Specifying Access Permission for Stored Files Press [Program/Change/Delete]. Press [New Program]. Select the users or groups you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit]. Select the user who you want to assign access permission to, and then select the permission.

  • Page 92: Assigning The User And The Access Permission For The User's Stored Files

    3. Ensuring Information Security Press [Exit]. Assigning the User and the Access Permission for the User's Stored Files This can be specified by the file creator (owner) or user administrator. Specify the users and their access permission to files stored by a particular user. Only those users granted access permission can access stored files.
  • Page 93 Specifying Access Permission for Stored Files Press [Administrator Tools]. Press [Address Book Management]. Select the user or group.
  • Page 94 3. Ensuring Information Security Press [Protection]. Under “Protect File(s)”, press [Program/Change/Delete] for “Permissions for Users/ Groups”. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [New Program].

  • Page 95: Specifying Passwords For Stored Files

    Specifying Access Permission for Stored Files Select the users or groups to register. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit]. Select the user who you want to assign access permission to, and then select the permission. Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].
  • Page 96 3. Ensuring Information Security Select the file. Press [Edit File]. Press [Change Password].

  • Page 97: Unlocking Files

    Specifying Access Permission for Stored Files Enter the password using the number keys. You can use 4 to 8 numbers as the password for the stored file. Press [OK]. Confirm the password by re-entering it using the number keys. Press [OK]. icon appears next to a stored file protected by password.
  • Page 98 3. Ensuring Information Security Select the file. icon appears next to a file locked by the Enhance File Protection function. Press [Edit File]. Press [Unlock Files]. Press [Yes]. icon changes to the icon. Press [OK]. • p.181 "Specifying the Extended Security Functions" •...
  • Page 99 Specifying Access Permission for Stored Files • p.35 "Logging off Using Administrator Authentication"...

  • Page 100: Preventing Data Leaks Due To Unauthorized Transmission

    3. Ensuring Information Security Preventing Data Leaks Due to Unauthorized Transmission This section describes Preventing Data Leaks Due to Unauthorized Transmission. If user authentication is specified, the user who has logged on will be designated as the sender to prevent data from being sent by an unauthorized person masquerading as the user.
  • Page 101 Preventing Data Leaks Due to Unauthorized Transmission Press the [User Tools] key. BJK001S Press [System Settings]. Press [Administrator Tools].
  • Page 102 3. Ensuring Information Security Press [Extended Security]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [On] for “Restrict Use of Destinations”. If “Restrict Use of Destinations” is set to [On], “Restrict Adding of User Destinations” does not appear. Press [OK].

  • Page 103: Using S/Mime To Protect E-Mail Transmission

    Using S/MIME to Protect E-mail Transmission Using S/MIME to Protect E-mail Transmission By registering a user certificate in the Address Book, you can send e-mail that is encrypted with a public key which prevents its content from being altered during transmission. You can also prevent sender impersonation (spoofing) by installing a device certificate on the machine, and attaching an electronic signature created with a private key.
  • Page 104 3. Ensuring Information Security 4. Using the shared key, encrypt the e-mail message. 5. The shared key is encrypted using the user's public key. 6. The encrypted e-mail is sent. 7. The receiver decrypts the shared key using a secret key that corresponds to the public key. 8.

  • Page 105: Attaching An Electronic Signature

    Using S/MIME to Protect E-mail Transmission Specifying the Encryption Algorithm This can be specified by the network administrator. Open a Web browser. Enter “http://(the machine's IP address or host name)/” in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is “192.168.001.010”, you must enter it as “192.168.1.10”...
  • Page 106 3. Ensuring Information Security Configuration flow (self-signed certificate) 1. Creating and installing the device certificate. Create and install the device certificate using Web Image Monitor. 2. Make certificate settings. Make settings for the certificate to be used for S/MIME using Web Image Monitor. 3.
  • Page 107 Using S/MIME to Protect E-mail Transmission Check the radio button next to the number of the certificate you want to create. Click [Create]. Make the necessary settings. Click [OK]. The setting is changed. Click [OK]. A security warning dialog box appears. Check the details, and then click [OK].
  • Page 108 3. Ensuring Information Security Click [OK]. "Requesting" appears for Certificate Status in the “Certificates” area. Click [Logout]. Apply to the certificate authority for the device certificate. The application procedure depends on the certificate authority. For details, contact the certificate authority. For application details, click the Web Image Monitor Details icon and use the information shown in “Certificate Details”.
  • Page 109 Using S/MIME to Protect E-mail Transmission Enter the details of the device certificate. In the Certificate Request box, enter the details of the device certificate received from the certificate authority. Click [OK]. "Installed" appears under “Certificate Status” to show that a device certificate for the machine has been installed.
  • Page 110 3. Ensuring Information Security Enter “http://(the machine's IP address or host name)/” in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is “192.168.001.010”, you must enter it as “192.168.1.10” to connect to the machine. The top page of Web Image Monitor appears.

  • Page 111: Protecting The Address Book

    Protecting the Address Book Protecting the Address Book If user authentication is specified, the user who has logged on will be designated as the sender to prevent data from being sent by an unauthorized person masquerading as the user. To protect the data from unauthorized reading, you can also encrypt the data in the address book. Address Book Access Permission This can be specified by the registered user.
  • Page 112 3. Ensuring Information Security Press [Administrator Tools]. Press [Address Book Management]. Select the user or group.
  • Page 113 Protecting the Address Book Press [Protection]. Press [Program/Change/Delete] for “Permissions for Users/Groups”, under “Protect Destination”. Press [New Program]. Select the users or groups to register. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit].

  • Page 114: Encrypting Data In The Address Book

    3. Ensuring Information Security Select the user who you want to assign access permission to, and then select the permission. Select the permission, from [Read-only], [Edit], [Edit / Delete], or [Full Control]. Press [Exit]. Press [OK]. Press [Exit]. Press the [User Tools] key. •...
  • Page 115 Protecting the Address Book Press the [User Tools] key. BJK001S Press [System Settings]. Press [Administrator Tools].
  • Page 116 3. Ensuring Information Security Press [Extended Security]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [On] for “Encrypt Address Book”. Press [Change] for “Encryption Key”. Enter the encryption key, and then press [OK]. Enter the encryption key using up to 32 alphanumeric characters.
  • Page 117 Protecting the Address Book The time it takes to encrypt the data in the address book depends on the number of registered users. The machine cannot be used during encryption. Normally, once encryption is complete, "Encryption / Decryption is successfully complete. Press [Exit]."...

  • Page 118: Deleting Data On The Hard Disk

    3. Ensuring Information Security Deleting Data on the Hard Disk This can be specified by the machine administrator. To use this function, the optional DataOverwriteSecurity Unit must be installed. The machine's hard disk stores all document data from the copier, printer, and scanner functions. It also stores the data of users' document server and code counters, and the Address Book.

  • Page 119: Methods Of Overwriting

    Deleting Data on the Hard Disk • If the Data Overwrite icon is not displayed, first check if Auto Erase Memory has been set to [Off]. If the icon is not displayed even though Auto Erase Memory is [On], contact your service representative. Methods of Overwriting You can select a method of overwriting from the following: [NSA]...
  • Page 120 3. Ensuring Information Security Press [Auto Erase Memory Setting]. Press [On]. Select the method of overwriting. If you select [NSA] or [DoD], proceed to step 10. If you select [Random Numbers], proceed to step 8. For details about the methods of overwriting, see “Methods of Overwriting”. Press [Change].

  • Page 121: Canceling Auto Erase Memory

    Deleting Data on the Hard Disk Press [OK]. Auto Erase Memory is set. • If the main power switch is turned to [Off] before Auto Erase Memory is completed, overwriting will stop and data will be left on the hard disk. •...

  • Page 122: Erase All Memory

    3. Ensuring Information Security • Copy jobs • Printer • Print jobs Scanner • Scanned files sent by e-mail • Files sent by Scan to Folder • Documents sent using DeskTopBinder Professional, or Web Image Monitor Data Not Overwritten by Auto Erase Memory Documents stored by the user in the Document Server using the Copier, Printer or Scanner functions •...
  • Page 123 Deleting Data on the Hard Disk • While the Erase All Memory function is in progress, you cannot use the machine-except to pause the “Erase All Memory” function momentarily. If you select Random Numbers as the overwrite method and specify three overwrites, the machine will need about 5 hours to erase its entire memory. Using Erase All Memory This can be specified by the machine administrator.
  • Page 124 3. Ensuring Information Security If you select [NSA] or [DoD], proceed to step 10. If you select [Random Numbers], proceed to step 8. For details about the methods of overwriting, see “Methods of Overwriting”. Press [Change]. Enter the number of times that you want to overwrite using the number keys, and then press [ ].

  • Page 125: Suspending Erase All Memory

    Deleting Data on the Hard Disk • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication" • p.117 "Methods of Overwriting" Suspending Erase All Memory The overwriting process can be suspended temporarily. • Erase All Memory cannot be canceled. Press [Suspend] while Erase All Memory is in progress.
  • Page 126 3. Ensuring Information Security...

  • Page 127: Managing Access To The Machine

    4. Managing Access to the Machine This chapter describes how to prevent unauthorized access to and modification of the machine's settings. Preventing Modification of Machine Settings This section describes Preventing Modification of Machine Settings. The administrator type determines which machine settings can be modified. Users cannot change the administrator settings.
  • Page 128 4. Managing Access to the Machine • p.17 "Administrators and Users" • p.25 "Administrator Authentication" • p.237 "User Administrator Settings" • p.224 "Machine Administrator Settings" • p.231 "Network Administrator Settings" • p.235 "File Administrator Settings" • p.244 "User Settings - Control Panel Settings" •...

  • Page 129: Menu Protect

    Menu Protect Menu Protect The administrator can also limit users' access permission to the machine's settings. This is done by locking the machine's system settings menu. This function is also effective when management is not based on user authentication. For a list of settings that users can specify according to the Menu Protect level, see “User Settings - Control Panel Settings”, or “User Settings - Web Image Monitor Settings”.
  • Page 130 4. Managing Access to the Machine Press [Copier / Document Server Features]. Press [Administrator Tools]. Press [Menu Protect]. Select the menu protect level, and then press [OK]. Press the [User Tools] key. Scanner Functions To specify [Menu Protect] in [Scanner Features], set [Machine Management] to [On] in [Administrator Authentication Management] in [Administrator Tools] in [System Settings].
  • Page 131 Menu Protect Press [Scanner Features]. Press [Initial Settings]. Press [Menu Protect]. Select the menu protect level, and then press [OK]. Press the [User Tools] key.

  • Page 132: Limiting Available Functions

    4. Managing Access to the Machine Limiting Available Functions To prevent unauthorized operation, you can specify who is allowed to access each of the machine's functions. Available Functions Specify the available functions from the copier, Document Server, and Scanner functions. •...
  • Page 133 Limiting Available Functions Press [System Settings]. Press [Administrator Tools]. Press [Address Book Management].
  • Page 134 4. Managing Access to the Machine Select the user. Press [Auth. Info]. In “Available Functions”, select the functions you want to specify. For details about limiting the available printer functions, see “User Code Authentication”. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [OK].

  • Page 135: Enhanced Network Security

    5. Enhanced Network Security This chapter describes how to increase security over the network using the machine's functions. Preventing Unauthorized Access You can limit IP addresses, disable ports and protocols, or use Web Image Monitor to specify the network security level to prevent unauthorized access over the network and protect the address book, stored files, and default settings.

  • Page 136: Enabling/Disabling Protocols

    5. Enhanced Network Security Click [Logout]. Enabling/Disabling Protocols This can be specified by the network administrator. Specify whether to enable or disable the function for each protocol. By making this setting, you can specify which protocols are available and so prevent unauthorized access over the network. Network settings can be specified on the control panel, or using Web Image Monitor or telnet.
  • Page 137 Preventing Unauthorized Access Protocol Port Setting Method Disabled Condition Functions that require sftp cannot be used. You can restrict personal information • Web Image Monitor sshd/sftpd TCP:22 from being displayed by • telnet making settings on the control panel using “Restrict Display of User Information”.*1 Commands using telnet...
  • Page 138 5. Enhanced Network Security Protocol Port Setting Method Disabled Condition SMB printing functions via TCP/IP, as well as UDP:137 • telnet NetBIOS designated UDP:138 functions on the WINS server cannot be used. Functions that require SNMPv1, v2 cannot be used. Using the control panel, •...
  • Page 139 Preventing Unauthorized Access Protocol Port Setting Method Disabled Condition Device discovery using • Web Image Monitor SSDP UDP:1900 UPnP from Windows • telnet cannot be used. TCP:7443 @Remote cannot be @Remote • telnet used. TCP:7444 You can attempt to TCP:10021 •...
  • Page 140 5. Enhanced Network Security Press [System Settings]. Press [Interface Settings]. Press [Effective Protocol].
  • Page 141 Preventing Unauthorized Access Press [Inactive] for the protocol you want to disable. Press [OK]. Press the [User Tools] key. • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication" Making Settings Using Web Image Monitor Open a Web browser. Enter “http://(the machine's IP address or host name)/”...

  • Page 142: Specifying Network Security Level

    5. Enhanced Network Security Specifying Network Security Level This can be specified by the network administrator. This setting lets you change the security level to limit unauthorized access. You can make network security level settings on the control panel, as well as Web Image Monitor.
  • Page 143 Preventing Unauthorized Access Press [Administrator Tools]. Press [Network Security Level]. If the setting you want to specify does not appear, press [ Next] to scroll down to other settings. Select the network security level. Select [Level 0], [Level 1], or [Level 2]. Press [OK].
  • Page 144 5. Enhanced Network Security • p.35 "Logging off Using Administrator Authentication" Making Settings Using Web Image Monitor Open a Web browser. Enter “http://(the machine's IP address or host name)/” in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is “192.168.001.010”, you must enter it as “192.168.1.10”...
  • Page 145 Preventing Unauthorized Access Function Level 0 Level 1 Level 2 RSH/RCP Available Available Unavailable SNMP Available Available Available SNMP v1v2> Setting Available Unavailable Unavailable SNMP v1v2> Browse Available Available Unavailable SNMP v3 Available Available Available SNMP v3> SNMP Encryption Automatic Automatic Ciphertext Only TELNET...

  • Page 146: Encrypting Transmitted Passwords

    5. Enhanced Network Security Encrypting Transmitted Passwords Prevent login passwords from being revealed by encrypting them for transmission. Also, encrypt the login password for administrator authentication and user authentication. Driver Encryption Key Encrypt the password transmitted when specifying user authentication. To encrypt the login password, specify the driver encryption key on the machine and on the printer driver installed in the user's computer.
  • Page 147 Encrypting Transmitted Passwords Press [System Settings]. Press [Administrator Tools]. Press [Extended Security]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
  • Page 148 5. Enhanced Network Security For “Driver Encryption Key”, press [Change]. “Driver Encryption Key” is one of the extended security functions. For details about this and other security functions, see “Specifying the Extended Security Functions”. Enter the driver encryption key, and then press [OK]. Enter the driver encryption key using up to 32 alphanumeric characters.

  • Page 149: Protection Using Encryption

    Protection Using Encryption Protection Using Encryption This machine uses the SSL, SNMPv3, and IPsec protocols to protect the data that it transmits. These protocols encrypt the data, preventing it from being intercepted, analyzed, or tampered with. SSL (Secure Sockets Layer) Encryption This can be specified by the network administrator.
  • Page 150 5. Enhanced Network Security 2. The device certificate and public key are sent from the machine to the user's computer. 3. Create a shared key from the user's computer, and then encrypt it using the public key. 4. The encrypted shared key is sent to the machine. 5.
  • Page 151 Protection Using Encryption Click [Login]. The network administrator can log on. Enter the login user name and login password. Click [Configuration], and then click [Device Certificate] under “Security”. Check the radio button next to the number of the certificate you want to create. Click [Create].
  • Page 152 5. Enhanced Network Security Click [Request]. Make the necessary settings. Click [OK]. "Requesting" appears for “Certificate Status” in the “Certificates” area. Click [Logout]. Apply to the certificate authority for the device certificate. The application procedure depends on the certificate authority. For details, contact the certificate authority.
  • Page 153 Protection Using Encryption Enter the contents of the device certificate. In the “Certificate Request” box, enter the contents of the device certificate received from the certificate authority. Click [OK]. "Installed" appears under “Certificate Status” to show that a device certificate for the machine has been installed.

  • Page 154: User Settings For Ssl (Secure Sockets Layer)

    5. Enhanced Network Security User Settings for SSL (Secure Sockets Layer) If you have installed a device certificate and enabled SSL (Secure Sockets Layer), you need to install the certificate on the user's computer. The network administrator must explain the procedure for installing the certificate to users. If a warning dialog box appears while accessing the machine using Web Image Monitor, start the Certificate Import Wizard and install a certificate.
  • Page 155 Protection Using Encryption Setting the SSL / TLS Encryption Mode This can be specified by the network administrator. After installing the device certificate, specify the SSL/TLS encrypted communication mode. By making this setting, you can change the security level. For details about logging on and logging off with administrator authentication, see “Logging on Using Administrator Authentication”, “Logging off Using Administrator Authentication”.

  • Page 156: Snmpv3 Encryption

    5. Enhanced Network Security Press [Permit SSL / TLS Communication]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select the encrypted communication mode. Select [Ciphertext Only], [Ciphertext Priority], or [Ciphertext / Cleartext] as the encrypted communication mode.
  • Page 157 Protection Using Encryption By making this setting, you can protect data from being tampered with. For details about logging on and logging off with administrator authentication, see “Logging on Using Administrator Authentication”, “Logging off Using Administrator Authentication”. Press the [User Tools] key. BJK001S Press [System Settings].
  • Page 158 5. Enhanced Network Security Press [Permit SNMPv3 Communication]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [Encryption Only]. Press [OK]. Press the [User Tools] key. • To use Web Image Monitor for encrypting setting configuration data, you must first specify [Permit SNMPv3 Communication] on the machine, and then configure the network administrator's [Encryption Password] setting and specify the encryption key in Web Image Monitor.

  • Page 159: Transmission Using Ipsec

    Transmission Using IPsec Transmission Using IPsec This can be specified by the network administrator. For communication security, this machine supports IPsec. IPsec transmits secure data packets at the IP protocol level using the shared key encryption method, where both the sender and receiver retain the same key.

  • Page 160: Encryption Key Auto Exchange Settings And Encryption Key Manual Settings

    5. Enhanced Network Security • For successful authentication, the sender and receiver must specify the same authentication algorithm and authentication key. If you use the encryption key auto exchange method, the authentication algorithm and authentication key are specified automatically. AH Protocol The AH protocol provides header authentication only.

  • Page 161: Ipsec Settings

    Transmission Using IPsec Settings 1-4 and Default Setting Using either the manual or auto exchange method, you can configure four separate sets of SA details (such as different shared keys and IPsec algorithms). In the default settings of these sets, you can include settings that the fields of sets 1 to 4 cannot contain.
  • Page 162 5. Enhanced Network Security Security Level Security Level Features Select this level if you want to authenticate the transmission partner and prevent unauthorized data tampering, but not perform data packet encryption. Authentication Only Since the data is sent in cleartext, data packets are vulnerable to eavesdropping attacks.
  • Page 163 Transmission Using IPsec Authentication and Low Level Authentication and High Setting Authentication Only Encryption Level Encryption Phase 1 Encryptio 3DES 3DES Algorithm Phase 1 Diffie- Hellman Group Phase 2 Security Protocol Phase 2 Authentic HMAC-MD5-96/ HMAC-MD5-96/HMAC- HMAC-SHA1-96 ation HMAC-SHA1-96 SHA1-96 Algorithm Phase 2 Encryptio...
  • Page 164 5. Enhanced Network Security Setting Description Setting Value • Inactive • IPv4 Specify the address type for Address Type which IPsec transmission is • IPv6 used. • IPv4/IPv6 (Default Settings only) The machine's IPv4 or IPv6 address. Specify the machine's address. If you are using multiple If you are not setting an address Local Address...
  • Page 165 Transmission Using IPsec Setting Description Setting Value Specify whether to only transmit using IPsec, or to allow • Use When Possible cleartext transmission when IPsec Requirement Level • Always Require IPsec cannot be established. (auto setting) • PSK • Certificate If you specify PSK, you must Specify the method for then set the PSK text (using...
  • Page 166 5. Enhanced Network Security Setting Description Setting Value Specify the security protocol to be used in Phase 2. To apply both encryption and • ESP Phase 2 authentication to sent data, • AH Security Protocol specify ESP or AH + ESP. To •...
  • Page 167 Transmission Using IPsec Encryption Key Manual Settings Items Setting Description Setting Value • Inactive • IPv4 Specify the address type for Address Type which IPsec transmission is • IPv6 used. • IPv4/IPv6 (Default Settings only) The machine's IPv4 or IPv6 address.
  • Page 168 5. Enhanced Network Security Setting Description Setting Value Specify the same value as your Any number between 256 and SPI (Input) transmission partner's SPI 4095 output value. To apply both encryption and • EPS authentication to sent data, Security Protocol specify ESP or AH + ESP.

  • Page 169: Encryption Key Auto Exchange Settings Configuration Flow

    Transmission Using IPsec Setting Description Setting Value Specify a value within the ranges shown below, according to the encryption algorithm. hexadecimal value 0-9, a-f, A-F • DES, set 16 digits • 3DES, set 48 digits • AES-128, set 32 digits •...
  • Page 170 5. Enhanced Network Security BBD004S • To use a certificate to authenticate the transmission partner in encryption key auto exchange settings, a device certificate must be installed. • After configuring IPsec, you can use “Ping” command to check if the connection is established correctly.
  • Page 171 Transmission Using IPsec Click [Edit] under “Encryption Key Auto Exchange Settings”. Make encryption key auto exchange settings in [Settings 1]. If you want to make multiple settings, select the settings number and add settings. Click [OK]. Select [Active] for “IPsec”. Set “Exclude HTTPS Communication”...
  • Page 172 5. Enhanced Network Security Click [OK]. Click [Logout]. Specifying IPsec Settings on the Computer Specify exactly the same settings for IPsec SA settings on your computer as are specified by the machine's security level on the machine. Setting methods differ according to the computer's operating system. The example procedure shown here uses Windows XP when the Authentication and Low Level Encryption Security level is selected.
  • Page 173 Transmission Using IPsec If you select “Certificate” for authentication method in Encryption Key Auto Exchange Settings on the machine, specify the device certificate. If you select PSK, enter the same PSK text specified on the machine with the pre-shared key. Click [Add] in the IP Filter List.

  • Page 174: Encryption Key Manual Settings Configuration Flow

    5. Enhanced Network Security • If you specify the “Authentication and High Level Encryption” security level in encryption key auto exchange settings, also select the “Master key perfect forward secrecy (PFS)” check box in the Security Filter Properties screen (which appears in step 29). If using PFS in Windows XP, the PFS group number used in phase 2 is automatically negotiated in phase 1 from the Diffie-Hellman group number (set in step 11).

  • Page 175: Telnet Setting Commands

    Transmission Using IPsec Open a Web browser. Enter “http://(the machine's IP address or host name)/” in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is “192.168.001.010”, you must enter it as “192.168.1.10” to connect to the machine. The top page of Web Image Monitor appears.
  • Page 176 5. Enhanced Network Security Displays the following IPsec settings information: • IPsec shared settings values • Encryption key manual settings, SA setting 1-4 values • Encryption key manual settings, default setting values • Encryption key auto exchange settings, IKE setting 1-4 values •...
  • Page 177 Transmission Using IPsec • To display the settings 1-4, specify the number [1-4]. • To display the default setting, specify [default]. • Not specifying any value displays all of the settings. Disable settings msh> ipsec manual {1|2|3|4|default} disable • To disable the settings 1-4, specify the setting number [1-4]. •...
  • Page 178 5. Enhanced Network Security • Not specifying an encapsulation mode displays the current setting. Tunnel end point setting msh> ipsec manual {1|2|3|4|default} tunneladdar beginning IP address ending IP address • Enter the separate setting number [1-4] or [default] and specify the tunnel end point beginning and ending IP address.
  • Page 179 Transmission Using IPsec • To display the settings 1-4, specify the number [1-4]. • To display the default setting, specify [default]. • Not specifying any value displays all of the settings. Disable settings msh> ipsec manual {1|2|3|4|default} disable • To disable the settings 1-4, specify the number [1-4]. •...
  • Page 180 5. Enhanced Network Security • If you specify [require], data will not be transmitted when IPsec cannot be used. If you specify [use], data will be sent normally when IPsec cannot be used. When IPsec can be used, IPsec transmission is performed. •...
  • Page 181 Transmission Using IPsec • Not specifying the hash algorithm displays the current setting. ISAKMP SA (phase 1) encryption algorithm setting msh> ipsec ike {1|2|3|4|default} ph1 encrypt {des|3des} • Enter the separate setting number [1-4] or [default] and specify the ISAKMP SA (phase 1) encryption algorithm.
  • Page 182 5. Enhanced Network Security IPsec SA (phase 2) PFS setting msh> ipsec ike {1|2|3|4|default} ph2 pfs {none|1|2|14} • Enter the separate setting number [1-4] or [default] and specify the IPsec SA (phase 2) Diffie- Hellman group number. • Specify the group number to be used. •...

  • Page 183: Specifying The Extended Security Functions

    6. Specifying the Extended Security Functions This chapter describes the machine's extended security features and how to specify them. Specifying the Extended Security Functions In addition to providing basic security through user authentication and administrator specified access limits on the machine, security can also be increased by encrypting transmitted data and data in the address book.
  • Page 184 6. Specifying the Extended Security Functions Press the [User Tools] key. BJK001S Press [System Settings]. Press [Administrator Tools].

  • Page 185: Settings

    Specifying the Extended Security Functions Press [Extended Security]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press the setting you want to change, and change the setting. Press [OK]. Press the [User Tools] key. Settings Default settings are shown in bold type.
  • Page 186 6. Specifying the Extended Security Functions Restrict Use of Destinations This can be specified by the user administrator. The available scanner destinations are limited to the destinations registered in the Address Book. A user cannot directly enter the destinations for transmission. If you specify the setting to receive e-mails via SMTP, you cannot use [Restrict Use of Destinations].
  • Page 187 Specifying the Extended Security Functions • On • Off Settings by SNMP v1 and v2 This can be specified by the network administrator. When the machine is accessed using the SNMPv1, v2 protocol, authentication cannot be performed, allowing machine administrator settings such as the paper setting to be changed.
  • Page 188 6. Specifying the Extended Security Functions This setting lets you specify [Complexity Setting] and [Minimum Character No.] for the password. By making this setting, you can limit the available passwords to only those that meet the conditions specified in [Complexity Setting] and [Minimum Character No.]. If you select [Level 1], specify the password using a combination of two types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.

  • Page 189: Other Security Functions

    Other Security Functions Other Security Functions This section explains settings for preventing information leaks, and functions that you can restrict to further increase security. Scanner Function Print & Delete Scanner Journal To prevent personal information in the transmission/delivery history being printed automatically, set user authentication and the journal will specify [Do not Print: Disable Send] automatically.
  • Page 190 6. Specifying the Extended Security Functions Press [System Settings]. Press [Timer Settings]. Press [Weekly Timer Code].
  • Page 191 Other Security Functions Press [On]. Using the number keys, enter the weekly timer code. The weekly timer code must be one to eight digits long. Press [OK]. Press the [User Tools] key. • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication" Canceling Weekly Timer Code This can be specified by the machine administrator.
  • Page 192 6. Specifying the Extended Security Functions Press the [User Tools] key. BJK001S Press [System Settings]. Press [Timer Settings].
  • Page 193 Other Security Functions Press [Weekly Timer Code]. Press [Off] and then [OK]. Press the [User Tools] key. • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication"...

  • Page 194: Limiting Machine Operation To Customers Only

    6. Specifying the Extended Security Functions Limiting Machine Operation to Customers Only The machine can be set so that operation is impossible without administrator authentication. The machine can be set to prohibit operation without administrator authentication and also prohibit remote registration in the address book by a service representative.
  • Page 195 Limiting Machine Operation to Customers Only Press [System Settings]. Press [Administrator Tools]. Press [Service Mode Lock]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.

  • Page 196: Canceling Service Mode Lock

    6. Specifying the Extended Security Functions Press [On], and then press [OK]. A confirmation message appears. Press [Yes]. Press the [User Tools] key. • p.33 "Logging on Using Administrator Authentication" • p.35 "Logging off Using Administrator Authentication" Canceling Service Mode Lock For a service representative to carry out inspection or repair in service mode, the machine administrator must log on to the machine and cancel the service mode lock.
  • Page 197 Limiting Machine Operation to Customers Only Press [System Settings]. Press [Administrator Tools]. Press [Service Mode Lock]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [Off], and then press [OK]. Press the [User Tools] key.
  • Page 198 6. Specifying the Extended Security Functions...

  • Page 199: Troubleshooting

    7. Troubleshooting This chapter describes what to do if the machine does not function properly. Authentication Does Not Work Properly This section explains what to do if a user cannot operate the machine because of a problem related to user authentication.
  • Page 200 7. Troubleshooting Messages Cause Solutions "Failed to obtain URL." The machine cannot connect to Make sure the server's settings, the server or cannot establish such as the IP address and host communication. name, are specified correctly on the machine. Make sure the host name of the UA Server is specified correctly.

  • Page 201: An Error Code Appears

    Authentication Does Not Work Properly Messages Cause Solutions "Administrator Authentication for User administrator privileges To specify Basic Authentication, User Management must be set to have not been enabled in Windows Authentication, LDAP on before this selection can be Administrator Authentication Authentication, or Integration made."...
  • Page 202 7. Troubleshooting 1. error code An error code appears. Basic Authentication Error Code Cause Solution Make sure no other user is A TWAIN operation occurred B0103-000 logged on to the machine, and during authentication. then try again. 1. A password error occurred. Make sure the password is entered correctly.
  • Page 203 Authentication Does Not Work Properly Error Code Cause Solution Recreate the account if the account name contains any of An authentication error these prohibited characters. occurred because the user B0206-003 name contains a space, colon If the account name was (:), or quotation mark (").
  • Page 204 7. Troubleshooting Error Code Cause Solution A login user name was not Specify the DeskTopBinder specified but a DeskTopBinder W0105-000 Professional login user name Professional operation was correctly. performed. The user attempted Only the administrator has authentication from an login privileges on this screen. application on the “System W0206-002 Settings”...
  • Page 205 Authentication Does Not Work Properly Error Code Cause Solution Make sure that the user is 2. A login name or password registered on the server. W0406-104 error occurred. Use a registered login user name and password. Make sure that the Windows 3.
  • Page 206 7. Troubleshooting Error Code Cause Solution Specify the IP address in the domain name and confirm that authentication is successful. If authentication is unsuccessful: 1. Make sure that Restrict LM/ NTLM is not set in either “Domain Controller Security Policy” or “Domain Security Policy”.
  • Page 207 Authentication Does Not Work Properly Error Code Cause Solution The user group cannot be obtained if the UserPrincipleName 1. The UserPrincipleName (user@domainname.xxx.com) (user@domainname.xxx.com) W0400-105 form is used. form is being used for the login Use “sAMAccountName user name. (user)” to log in, because this account allows you to obtain the user group.
  • Page 208 7. Troubleshooting Error Code Cause Solution 1. The SSL settings on the Make sure the SSL settings on W0400-202 authentication server and the the authentication server and machine do not match. the machine match. If a user enters sAMAccountName as the login 2.
  • Page 209 Authentication Does Not Work Properly Error Code Cause Solution Authentication failed because no more users can be Ask the user administrator to W0612-005 registered. (The number of delete unused user accounts in users registered in the address the address book. book has reached capacity.) An authentication error occurred because the address...
  • Page 210 7. Troubleshooting Error Code Cause Solution A user attempted Only the administrator has authentication from an login privileges on this screen. application on the “System L0206-002 Settings” screen, where only Log in as a general user from the administrator has the application's login screen.
  • Page 211 Authentication Does Not Work Properly Error Code Cause Solution 1. Make sure that a connection test is successful with the current LDAP server configuration. If connection is not successful, there might be an error in the network settings. Check the domain name or DNS settings in “Interface 1.
  • Page 212 7. Troubleshooting Error Code Cause Solution Recreate the account if the An authentication error account name contains any of occurred because the user these prohibited characters. L0406-003 name contains a space, colon If the account name was (:), or quotation mark ("). entered incorrectly, enter it correctly and log in again.
  • Page 213 Authentication Does Not Work Properly Integration Server Authentication Error Code Cause Solution Make sure no other user is A TWAIN operation occurred I0103-000 logged on to the machine, and during authentication. then try again. 1. A password error occurred. Make sure the password is entered correctly.
  • Page 214 7. Troubleshooting Error Code Cause Solution An authentication error occurred because the address Wait a few minutes and then try I0207-001 book is being used at another again. location. Recreate the account if the An authentication error account name contains any of occurred because the user these prohibited characters.

  • Page 215: Machine Cannot Be Operated

    Authentication Does Not Work Properly Error Code Cause Solution The authentication server login 1. Delete the old, duplicated name is the same as a user name or change the login name already registered on the name. I0511-000 machine. (Names are 2.
  • Page 216 7. Troubleshooting Condition Cause Solution Cannot authenticate using the Authentication is taking time Make sure the LDAP server TWAIN driver. because of operating conditions. setting is correct. Make sure the network settings are correct. Cannot authenticate using the Authentication is not possible Wait until editing of the Address TWAIN driver.
  • Page 217 Authentication Does Not Work Properly Condition Cause Solution User authentication is enabled, User authentication may have Re-enable user authentication, yet destinations specified using been disabled while [All Users] is and then enable [All Users] for the machine do not appear. not specified.
  • Page 218 7. Troubleshooting...

  • Page 219: Appendix

    8. Appendix Supervisor Operations The supervisor can delete an administrator's password and specify a new one. If any of the administrators forget their passwords or if any of the administrators change, the supervisor can assign a new password. If logged on using the supervisor's user name and password, you cannot use normal functions or specify defaults.
  • Page 220 8. Appendix Press the [Login/Logout] key. BJK002S Press [Login]. Enter a login user name, and then press [OK]. When you assign the administrator for the first time, enter “supervisor”.

  • Page 221: Logging Off As The Supervisor

    Supervisor Operations Enter a login password, and then press [OK]. If a login password has not been specified, press [OK] without entering the password. The message, "Authenticating... Please wait." appears. Logging off as the Supervisor If administrator authentication has been specified, be sure to log off after completing settings. This section describes how to log off after completing settings.
  • Page 222 8. Appendix Press the [User Tools] key. BJK001S Press the [Login/Logout] key. BJK002S Log on as the supervisor. You can log on in the same way as an administrator. Press [System Settings].
  • Page 223 Supervisor Operations Press [Administrator Tools]. Press [Program / Change Administrator]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Under “Supervisor”, press [Change]. Press [Change] for the login user name. Enter the login user name, and then press [OK]. Press [Change] for the login password.

  • Page 224: Resetting An Administrator's Password

    8. Appendix Press the [User Tools] key. • p.25 "Specifying Administrator Privileges" • p.217 "Supervisor Operations" Resetting an Administrator's Password This section describes how to reset the administrators' passwords. For details about logging on and logging off as the supervisor, see “Supervisor Operations”. Press the [User Tools] key.
  • Page 225 Supervisor Operations Press [Change] for the administrator you wish to reset. Press [Change] for the login password. Enter the login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK] twice. You will be automatically logged off.

  • Page 226: Machine Administrator Settings

    8. Appendix Machine Administrator Settings The machine administrator settings that can be specified are as follows: System Settings The following settings can be specified. General Features All the settings can be specified. Tray Paper Settings All the settings can be specified. Timer Settings All the settings can be specified.
  • Page 227 Machine Administrator Settings SMB User Name / SMB Password FTP User Name / FTP Password NCP User Name / NCP Password • Program / Change / Delete E-mail Message Administrator Tools The following settings can be specified. • Address Book Management Search Switch Title •...

  • Page 228: Copier / Document Server Features

    8. Appendix Server Name Search Base Port Number Use Secure Connection (SSL) Authentication Search Conditions Search Options • LDAP Search • AOF (Always On) • Service Mode Lock • Auto Erase Memory Setting *1 • Erase All Memory *1 *1 The DataOverwriteSecurity Unit option must be installed. Copier / Document Server Features The following settings can be specified.

  • Page 229: Scanner Features

    Machine Administrator Settings Scanner Features The following settings can be specified. General Settings The following settings can be specified. • Switch Title • Update Delivery Server Destination List • Search Destination • TWAIN Standby Time • Destination List Display Priority 1 •...
  • Page 230 8. Appendix Print Priority Function Reset Timer Permit Firmware Update Display IP Address on Device Display Panel Output Tray Paper Tray Priority Front Cover Sheet Tray Back Cover Sheet Tray Slip Sheet Tray Designation Sheet 1 Tray Designation Sheet 2 Tray Designation Sheet 3 Tray Designation Sheet 4 Tray Designation Sheet 5 Tray...
  • Page 231 Machine Administrator Settings • User Authentication Management All the settings can be specified. • Administrator Authentication Management Machine Administrator Authentication Available Settings for Machine Administrator • Program/Change Administrator You can specify the following administrator settings as the machine administrator. Login User Name Login Password Encryption Password •...
  • Page 232 8. Appendix Interface Settings • USB Network • SNMPv3 RC Gate All the settings can be specified. Webpage • Webpage Download Help File Extended Feature Settings All the settings can be specified.

  • Page 233: Network Administrator Settings

    Network Administrator Settings Network Administrator Settings The network administrator settings that can be specified are as follows: System Settings The following settings can be specified. Interface Settings If DHCP is set to On, the settings that are automatically obtained via DHCP cannot be specified. •...

  • Page 234: Scanner Features

    8. Appendix You can specify the user name and change the full-control user's authority. • Extended Security Driver Encryption Key Restrict Use of Simple Encryption Settings by SNMP V1 and V2 • Network Security Level Scanner Features The following settings can be specified. Send Settings •...
  • Page 235 Network Administrator Settings Login Password Encryption Password Scanner • Send Settings Max E-mail Size Divide and Send E-mail Network • IPv4 All the settings can be specified. • IPv6 All the settings can be specified. • NetWare All the settings can be specified. •...
  • Page 236 8. Appendix All the settings can be specified. • S/MIME All the settings can be specified. Webpage • Webpage Webpage Language Set URL Target of Link Page Set Help URL Target UPnP Setting Download Help File...

  • Page 237: File Administrator Settings

    File Administrator Settings File Administrator Settings The file administrator settings that can be specified are as follows: System Settings The following settings can be specified. Administrator Tools • Address Book Management Search Switch Title • Address Book: Program / Change / Delete Group Search Switch Title •...
  • Page 238 8. Appendix • Program/Change Administrator You can specify the following administrator settings for the file administrator. Login User Name Login Password Change Encryption Password Webpage • Webpage Download Help File...

  • Page 239: User Administrator Settings

    User Administrator Settings User Administrator Settings The user administrator settings that can be specified are as follows: System Settings The following settings can be specified. Administrator Tools • Address Book Management All the settings can be specified. • Address Book: Program / Change / Delete Group All the settings can be specified.

  • Page 240: Settings Via Web Image Monitor

    8. Appendix Settings via Web Image Monitor The following settings can be specified. Address Book All the settings can be specified. Device Settings • Auto E-mail Notification Groups to notify. • Administrator Authentication Management User Administrator Authentication Available Settings for User Administrator •...

  • Page 241: Document Server File Permissions

    Document Server File Permissions Document Server File Permissions The authorities for using the files stored in Document Server are as follows. The authority designations in the list indicate users with the following authorities. • Read-only This is a user assigned "Read-only" authority. •...
  • Page 242 8. Appendix Full File Settings Read-only Edit Edit / Delete Owner Control Admin. Unlocking Files *1 This setting can be specified by the owner.

  • Page 243: The Privilege For User Account Settings In The Address Book

    The Privilege for User Account Settings in the Address Book The Privilege for User Account Settings in the Address Book The authorities for using the Address Book are as follows: The authority designations in the list indicate users with the following authorities. •...
  • Page 244 8. Appendix Read- Edit / Edit Full Registere User only Delete Settings Control d User Admin. (User) (User) (User) Login User Name Login Password SMTP Authentication Folder Authentication LDAP Authentication Available Functions *1 You can only enter the password. Tab Name: Protection Read- Edit / Edit...
  • Page 245 The Privilege for User Account Settings in the Address Book Tab Name: Folder Read- Edit / Edit Full Register only Delete Settings User Admin. Control ed User (User) (User) (User) SMB/FTP/NCP SMB: Path FTP: Port No. FTP: Server Name FTP: Path NCP: Path NCP: Connection Type...

  • Page 246: User Settings - Control Panel Settings

    8. Appendix User Settings - Control Panel Settings This section displays the user settings that can be specified on the machine when user authentication is specified. Settings that can be specified by the user vary according to the menu protect level and available settings specifications.

  • Page 247: Copier / Document Server Features

    Copier / Document Server Features Copier / Document Server Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. •...
  • Page 248 8. Appendix Settings Level 1 Level 2 Switch Original Counter Display Custmize Function: Copier Custmize Function: Document Server Storage Original Type Display Max. Copy Quantity Auto Tray Switching Job End Call Reproduction Ratio Settings Level 1 Level 2 Shortcut Reduce/Enlarge Reproduction Ratio Reduce/Enlarge Ratio Priority Ratio for Create Margin...
  • Page 249 Copier / Document Server Features Settings Level 1 Level 2 Orientation: Booklet, Magazine Copy on Designating Page in Combine Copy Back Cover Double Copies Position Erase Border Width Erase Original Shadow in Combine Image Repeat Separation Line Double Copies Separation Line Separation Line in Combine Copy Order in Combine Stamp...
  • Page 250 8. Appendix User Stamp Settings Level 1 Level 2 Program / Delete Stamp Stamp Format: 1-5 Stamp Color: 1-5 Date Stamp Settings Level 1 Level 2 Format Font Size Superimpose Stamp Color Stamp Setting *1 The print position can be adjusted but not specified. Page Numbering Settings Level 1...
  • Page 251 Copier / Document Server Features Settings Level 1 Level 2 Stamp Position: P.1, P.2... Stamp Position: 1, 2... Stamp Position: 1-1, 1-2... Superimpose Stamp Color Page Numbering Initial Letter *1 This function can be adjusted but not specified. Stamp Text Settings Level 1 Level 2...
  • Page 252 8. Appendix Settings Level 1 Level 2 Punch Type Fold Type / Stacker Output Tray Finisher: Staple Position Finisher: Punch Type Simplified Screen: Finisher Types Adjust Colour Image Settings Level 1 Level 2 Background Density of ADS (Full Color / Two- color) Color Sensitivity A.C.S Sensitivity...

  • Page 253: Scanner Features

    Scanner Features Scanner Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available.
  • Page 254 8. Appendix Send Settings Settings Level 1 Level 2 Compression (Black & White) Compression (Gray Scale / Full Color) High Compression PDF Level Insert Additional E-mail Info No. of Digits for Single Page Files Stored File E-mail Method...

  • Page 255: System Settings

    System Settings System Settings When administrator authentication has been specified, the settings available to the user depend on whether or not “Available Settings” has been specified. • Abbreviations in the table heads A = Authorized user when Available Settings have not been specified. B = Authorized user when Available Settings have been specified.
  • Page 256 8. Appendix Settings System Status / Job List Display Time Key Repeat Paper Tray Priority: Copier Paper Tray Priority: Printer Status Indicator ADF Original Table Elevation ADF Feed Speed Output Tray Setting *1 the optional Z-folding unit must be installed. Tray Paper Settings Settings Paper Size: Tray 2-7...
  • Page 257 System Settings Settings System Auto Reset Timer Copier / Document Server Auto Reset Timer Scanner Auto Reset Timer Set Date Set Time Auto Logout Timer Weekly Timer Code Weekly Timer: (Monday-Sunday) Interface Settings Settings Print List Network Settings Machine IPv4 Address IPv4 Gateway Address IPv6 Stateless Address Autoconfiguration DNS Configuration...
  • Page 258 8. Appendix Settings SMB Computer Name SMB Work Group Ethernet Speed Ping Command Permit SNMPv3 Communication Permit SSL / TLS Communication Host Name Machine Name *1 If you select [Auto-Obtain (DHCP)], you can only read the setting. File Transfer Settings Delivery Option SMTP Server SMTP Authentication...
  • Page 259 System Settings Settings Auto Specify Sender Name Scanner Resend Interval Time Number of Scanner Resends *1 Only the Main Delivery Server IP Address and Sub Delivery Server IP Address can be viewed. *2 You can only specify the password. Administrator Tools Settings Address Book Management Address Book: Program / Change / Delete...
  • Page 260 8. Appendix Settings Service Test Call Notify Machine Status Extended Features AOF(Always On) Service Mode Lock Auto Erase Memory Setting Erase All Memory *1 Only the password can be specified. *2 The DataOverwriteSecurity Unit option must be installed.

  • Page 261: User Settings - Web Image Monitor Settings

    User Settings - Web Image Monitor Settings User Settings - Web Image Monitor Settings This section displays the user settings that can be specified on Web Image Monitor when user authentication is specified. Settings that can be specified by the user vary according to the menu protect level and available settings specifications.

  • Page 262: Device Settings

    8. Appendix Device Settings When administrator authentication has been specified, the settings available to the user depend on whether or not “Available Settings” has been specified. • Abbreviations in the table heads A = Authorized user when Available functions have not been specified. B = Authorized user when Available functions have been specified.
  • Page 263 Device Settings Settings Slip Sheet Tray : Tray to set Slip Sheet Tray : Display Time Designation Sheet 1-9 Tray : Tray to set Designation Sheet 1-9 Tray : Apply Duplex Designation Sheet 1-9 Tray : Display Time Separation Sheet Tray : Tray to set Separation Sheet Tray : Display Time Paper Settings...
  • Page 264 8. Appendix Settings Tray3 : Apply Duplex Tray4 : Paper Size Tray4 : Custom Paper Size Tray4 : Paper Type Tray4 : Paper Thickness Tray4 : Apply Auto Paper Select Tray4 : Apply Duplex Tray5 : Paper Size Tray5 : Custom Paper Size Tray5 : Paper Type Tray5 : Paper Thickness Tray5 : Apply Auto Paper Select...
  • Page 265 Device Settings Settings Interposer Upper Tray: Paper Size Interposer Upper Tray: Custom Paper Size Interposer Lower Tray: Paper Size Interposer Lower Tray: Custom Paper Size Date/Time Settings Set Date Set Time SNTP Server Address SNTP Polling Interval Time Zone Timer Settings Auto Off Timer Energy Saver Timer...
  • Page 266 8. Appendix E-mail Settings Administrator E-mail Address Reception Protocol E-mail Reception Interval Max. Reception E-mail Size E-mail Storage in Server SMTP Server Name SMTP Port No. SMTP Authentication SMTP Auth. E-mail Address SMTP Auth. User Name SMTP Auth. Password SMTP Auth. Encryption POP before SMTP POP E-mail Address POP User Name...
  • Page 267 Device Settings Settings E-mail Notification Password Auto E-mail Notification Settings Notification Message Groups to Notify : Address List Call Service Out of Toner Paper Misfeed Cover Open Out of Paper Almost Out of Paper Paper Tray Error Output Tray Full Unit Connection Error Replacement Required: PCU Waste Toner Bottle is Full...
  • Page 268 8. Appendix Settings Hole Punch Receptacle is Full Replacement Required Soon: Cleaning Web File Storage Memory Full Soon Replacement Required: Cleaning Web Waste Staple Receptacle is Full Replacement Required Soon: Transfer Unit Log Error Replacement Required: Charger Replacement Required Soon: Charger Replacement Required: Cleaning Unit for Photoconductor Unit Replacement Required Soon: Cleaning Unit for...
  • Page 269 Device Settings On-demand E-mail Notification Settings Notification Subject Notification Message Restriction to System Config. Info. Restriction to Network Config. Info. Restriction to Supply Info. Restriction to Device Status Info. Receivable E-mail Address/Domain Name E-mail Language File Transfer Settings SMB User Name SMB Password FTP User Name FTP Password...
  • Page 270 8. Appendix Settings Windows Authentication - Domain Name Windows Authentication - Group Settings for Windows Authentication LDAP Authentication - LDAP Authentication LDAP Authentication - Login Name Attribute LDAP Authentication - Unique Attribute LDAP Authentication - Available Functions Integration Server Authentication - SSL Integration Server Authentication - Integration Server Name Integration Server Authentication - Authentication...
  • Page 271 Device Settings LDAP Server Settings LDAP Search Program/Change/Delete...

  • Page 272: Scanner

    8. Appendix Scanner If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available. R (Read) = Reading only.
  • Page 273 Scanner Settings Level 1 Level 2 Max. E-mail Size Divide & Send E-mail Insert Additional E-mail Info No. of Digits for Single Page Files Stored File E-mail Method High Compression PDF Level Default Settings for Normal Screens on Device Settings Level 1 Level 2 Store File...

  • Page 274: Interface

    8. Appendix Interface When administrator authentication has been specified, the settings available to the user depend on whether or not “Available Settings” has been specified. • Abbreviations in the table heads A = Authorized user when Available functions have not been specified. B = Authorized user when Available functions have been specified.

  • Page 275: Network

    Network Network When administrator authentication has been specified, the settings available to the user depend on whether or not “Available Settings” has been specified. • Abbreviations in the table heads A = Authorized user when Available functions have not been specified. B = Authorized user when Available functions have been specified.
  • Page 276 8. Appendix Settings sftp IPv6 Settings IPv6 Host Name Domain Name Link Local Address Stateless Address Manual Configuration Address DCHPv6-lite DDNS Default Gateway Address DNS Server RSH/RCP sftp NetWare Settings NetWare Print Server Name Logon Mode File Server Name NDS Tree NDS Context Name...
  • Page 277 Network Settings Operation Mode Remote Printer No. Job Timeout Frame Type Print Server Protocol NCP Delivery Protocol Settings Protocol Workgroup Name Computer Name Comment Share Name Notify Print Completion...

  • Page 278: Webpage

    8. Appendix Webpage When administrator authentication has been specified, the settings available to the user depend on whether or not “Available Settings” has been specified. • Abbreviations in the table heads A = Authorized user when Available functions have not been specified. B = Authorized user when Available functions have been specified.

  • Page 279: Functions That Require Options

    Functions That Require Options Functions That Require Options The following functions require certain options and additional functions. • Hard Disk overwrite erase function DataOverwriteSecurity Unit...
  • Page 280 8. Appendix...

  • Page 281: Index

    INDEX Encryption Key Auto Exchange Security Level..................Access Control............. Encryption Key Auto Exchange Setting Items..................Access Permission..........Encryption Auto Exchange Settings Address Book Access Permission....... Configuration Flow..........Address Book Privileges........Encryption Key Manual Settings Configuration Administrator............Flow..............Administrator Authentication....13, 20, 25 Encryption Key Manual Settings Items....
  • Page 282 Symbols..............System Settings............ Network............... Network Administrator.......... Network Administrator Settings......Transmitted Passwords........Network Security Level........Type of Administrator.......... Types of Data that Can or Cannot Be Overwritten................Operational Issues..........Operational Requirements Windows Authentication............User..............13, 18 Overwrite Icon............. User Administrator........17, 241 Owner..............
  • Page 283 In accordance with IEC 60417, this machine uses the following symbols for the main power switch: means POWER ON. means STAND BY. Trademarks EFI, Fiery and Fiery Driven are registered trademarks of Electronics for Imaging, Inc. in the U.S. Patent and Trademark Office and/or certain other foreign jurisdictions.
  • Page 284 D016-6937...

Table of Contents