SEH primos User Manual
  1. Manuals
  2. Brands
  3. SEH Manuals
  4. Print Server
  5. primos
  6. User manual

SEH primos User Manual

Hide thumbs Also See for primos:
Table of Contents

Advertisement

Quick Links

Download this manual
User Manual

Advertisement

Table of Contents
loading

Related Manuals for SEH primos

Summary of Contents for SEH primos

  • Page 1 User Manual...
  • Page 2 Version: 2.0 Legal Notices SEH Computertechnik GmbH has endeavored to ensure that the information in this documentation is correct. If you detect any inaccuracies please inform us at the address indicated above. SEH Computertechnik GmbH will not accept any liability for any error or omission. The information in this manual is subject to change without notification.

  • Page 3: Table Of Contents

    5.3 How to View the Job History ..........................30 5.4 How to Define the Printer Name That Is Displayed on the iOS Devices ..........32 5.5 How to Maintain or Test a Printer via primos ....................33 5.6 How to Encrypt Print Data Transmission ...................... 33 5.7 How to Control Who Can Print .........................
  • Page 4 6 Security ............................42 6.1 How to Define the Encryption Strength for SSL/TLS Connections............43 6.2 How to Control the Access to the primos Control Center ..............45 6.3 How to Manage User Profiles (Access Control)................... 46 6.4 How to Protect primos from Cross-Site Scripting..................48 6.5 How to Control the Access to primos (TCP Port Access Control)............

  • Page 5: General Information

    General Information General Information This chapter contains information concerning the device and the documentation as well as notes about your safety. You will learn how to benefit from your primos and how to operate the device properly. • ’primos’ 2 What Information Do •...

  • Page 6: Primos

    The iOS devices are connected to this Operation network via WLAN. Print jobs are sent from iOS apps with AirPrint support to primos via your network. primos forwards the print jobs to the network printers for printing.

  • Page 7: Documentation

    Wired TCP/IP network (LAN) with wireless access point (WLAN). Supported iOS Devices primos supports all iOS devices with AirPrint support. All iOS devices with iOS 4.2 or later come with AirPrint. The iOS devices are connected to the wired network via WLAN.
  • Page 8 User Manual General Information Symbols and A variety of symbols are used within this document. Their meaning is listed in the Conventions following table: Warning A warning contains important information that must be heeded. Non- observance may lead to malfunctions.

  • Page 9: Support And Service

    User Manual General Information 1.3 Support And Service Contact SEH Computertechnik GmbH offers extensive support. If you have any questions, please contact our hotline. Monday – Thursday 8:00 a.m. – 4:45 p.m. Friday 8:00 a.m. – 15:15 p.m. +49 (0)521 94226-44 USA: +1-610-943-3226 support@seh.de...

  • Page 10: Your Safety

    Improper Use All uses of the device that do not comply with the primos functionalities described in the documentation are regarded as improper uses. It is not allowed to make modifications to the hardware and software or to try to repair the device.

  • Page 11: Find Ip Address Of Primos

    IP address. After primos has been connected to the network, it Obtain its IP receives an IP address via DHCP. If this is not the case, primos seeks a ZeroConf IP address Address? from the ZeroConf address range (169.254.0.0/16).
  • Page 12 General Information Note The IP address can also be found via Bonjour. primos is advertised under the name 'primos@ICxxxxxx' (wherein ICxxxxxx is the default name 67). All devices with iOS and Mac OS X/OS X/macOS support Bonjour natively. On devices with other operating...

  • Page 13: Administration Methods

    What Is the primos can be configured and monitored via the primos Control Center. The primos primos Control Control Center is stored in primos and can be displayed by means of a browser software Center? (Microsoft Edge, Safari, Mozilla Firefox).
  • Page 14  primos has a valid IP address.  Your primos is displayed in the SEH primos App (12). 1. In the list, double-click on your primos.  Your standard browser opens and the primos Control Center is displayed. Structure of the primos Control...
  • Page 15 Product & Company. The Sitemap provides an overview of and direct access to all pages of the primos Control Center. All other menu items refer to the configuration of primos. They are described in the Online Help of the primos Control Center. To start the Online Help, click the icon.

  • Page 16: Administration Via Seh Primos App

    All devices found can be selected and administrated. Installation In order to use the SEH primos App, the program must be installed on a computer with a Windows or Mac OS X/OS X/macOS operating system. Different installation files are available, depending on the operating system.

  • Page 17: Network Settings

    • ’How to Configure Directory Services’ 17 3.1 How to Configure IPv4 Parameters You can define various IPv4 parameters for an ideal integration of primos into a TCP/IP network. By default, the IP address is assigned dynamically to primos via DHCP. However, you can manually assign a static IP address to primos.

  • Page 18: How To Configure Ipv6 Parameters

    User Manual Network Settings 3.2 How to Configure IPv6 Parameters You can integrate primos into an IPv6 network. What Are the IPv6 (Internet Protocol version 6) is the successor of the more common IPv4. Both Advantages of protocols are standards for the network layer of the OSI model and regulate the IPv6? addressing and routing of data packets via a network.
  • Page 19 Every 'n' represents the hexadecimal value of one of the eight 16 bit elements of the address. Router Defines the IPv6 unicast address of the router. primos sends its 'Router Solicitations' (RS) to this router. Prefix length Defines the length of the subnet prefix for the IPv6 address. The value 64 is preset.

  • Page 20: How To Configure The Dns

    • check the IP address assigned via ZeroConf (7). • announce its Bonjour services. Bonjour is always active in primos. You can configure the name that primos uses to announce its Bonjour services. By default, primos advertises under the name 'primos@ICxxxxxx' (wherein ICxxxxxx is the default name 67).

  • Page 21: How To Configure Directory Services

    Active Directory by making it member of a domain.  A DNS server is configured in primos 16. Requirements  primos was entered with a type A resource record (IPv4 address of the host) on the DNS server used.  A time server is configured in primos 20.
  • Page 22 Embedding primos into an LDAP directory  A DNS server is configured in primos 16. Requirements  primos was entered with a type A resource record (IPv4 address of the host) on the DNS server used.  A time server is configured in primos 20.
  • Page 23 User Manual Network Settings Parameters Description LDAP CA certificate Choose the root CA certificate of the certification authority that has issued the certificate of the domain controller (DC).  The CA certificate must already be installed on the device...

  • Page 24: Device Settings

     The descriptions are saved. 4.2 How to Configure the Device Time You can control the device time of primos via a time server (SNTP server) in the network. A time server synchronizes the time of devices within a network.

  • Page 25: How To Configure Local Users

    (17) or local users. You set up local users on primos. Each user needs a name and password. In addition, a user can be assigned to one or several user groups (22) to enter a large number of users more easily when using user authentication.

  • Page 26: How To Configure Local Groups

    The group then is entered instead of each single user. You set up local groups on primos. In the group menu you can assign users to the group. Alternatively you can select groups for a user in the user's menu.
  • Page 27 5. To confirm, click Save.  The local group is created. Change User Memberships 1. Start the primos Control Center. 2. Select DEVICE – Users. 3. Select the group to be edited by clicking the icon 4. In the Users area, select the users.

  • Page 28: Print

    This chapter explains how you set up primos for printing and how you configure enhanced settings for printing. In order to print from iOS devices via primos, you have to create a print queue for the respective printer in primos. For each queue you then define numerous settings (access control and much more).

  • Page 29: How To Configure Printers On Primos (Creating Queues)

    User Manual Print 5.1 How to Configure Printers on primos (Creating Queues) In order to print from iOS devices via primos, you have to create a print queue, queue for short, for the respective printer in primos. What Is a Queue? Queues are used to communicate with printers and transmit print jobs.
  • Page 30 Print Using the Smart Printer Setup If you open the primos Control Center START page and if no queues are created in primos, e.g. when you install primos for the first time, an automatic pop-up that allows you to start the Smart Printer Setup appears.
  • Page 31 Defines how printers are addressed in the network: - via Bonjour - via hostname or IP address (routable) Choose hostname/IP address if you want to move primos or the printers to a different network after setup. Name Freely definable queue name. The queue name and the AirPrint identifier together make up the printer name that is displayed in the printer dialog of the iOS devices.
  • Page 32 IPP / IPPS: In IPP (Internet Printing Protocol) the print data is transmitted via HTTP to the printer. The connection between primos and the printer can be encrypted via SSL/TLS (IPPS). Standard port IPP: 631. Standard port IPPS: 443.

  • Page 33: How To Manage Queues

    User Manual Print 5.2 How to Manage Queues After you have created queues for your network printer in primos, you can edit or delete those queues.  ’Edit Queue’ 29 What Do You Want to Do?  ’Delete Queue’ 30 Edit Queue 1.

  • Page 34: How To View The Job History

    (first-in, first-out) is applied. The recorded print jobs will be deleted when primos is reset. Note A time server (20) must be configured in primos so that the date and time can be displayed correctly. If no time server is configured, the time stamp corresponds to the default time.
  • Page 35  ’Filtering the Job History’ 31  ’Delete print jobs’ 31 Having a Look at the Job History 1. Start the primos Control Center. 2. Select PRINTING – Job history.  The job history is displayed. Filtering the Job History 1.

  • Page 36: How To Define The Printer Name That Is Displayed On The Ios Devices

    The queue name is defined individually when the queue is created (25) and cannot be changed afterwards. AirPrint The AirPrint identifier is a prefix that marks printers made available via primos on iOS Identifier devices. The AirPrint identifier is applied to all queues. It can be changed at any time. The default is 'air '.

  • Page 37: How To Maintain Or Test A Printer Via Primos

     The printer action is triggered. 5.6 How to Encrypt Print Data Transmission The print data is sent from the iOS device via primos to the printer. The print data stream can be divided into two ways: • Print data is sent from the iOS device to primos (By default print data is transmitted unencrypted.
  • Page 38 3. Select the desired queue by clicking the icon 4. Tick/clear Secure AirPrint. 5. Click Save to confirm.  The setting will be saved. Note To completely encrypt the print data transmission, we recommend to encrypt the transmission from primos to printer using an IPPS connection 25.

  • Page 39: How To Control Who Can Print

    - Deny list: Users/groups on the list cannot print. All other users/groups can print.  A queue has been created on primos 25. Requirements  primos is embedded into a directory service (17) in which users and/or groups are set up. Local users are set up (21) and, if required, grouped (22).

  • Page 40: How To Print From Ios Devices

    Simply and flexibly print content such as documents and pictures from iOS devices (iPhone, iPad, and so on). To do so, print jobs are sent from iOS apps with AirPrint support to primos via your network. primos forwards the print job to the printer for printing. Note If the print permissions have been restricted (35), a user name and password are...

  • Page 41: How To Print Across Subnets (Wide-Area Airprint)

    AirPrint uses the Bonjour protocol (16) to find printers and make them available in the network. However, Bonjour is limited to local network segments. You have to set up primos in such a way that searching for and finding printers is possible across network segments. Then you can print from the entire network.
  • Page 42 2. Rightclick on Conditional Forwarders and from the context menu choose New Conditional Forwarder. The dialog New Conditional Forwarder appears. 3. In the DNS Domain box, enter the primos subdomain. 4. In the area IP addresses of the master servers enter in the field IP Address the IPv4 address of primos.
  • Page 43 The primos subdomain can be defined as search domain automatically on all iOS devices using your DHCP server. In order to do so, the primos subdomain is entered on the DHCP server as option 119. As soon as an iOS sends a request to the DHCP server, it will automatically receive the primos subdomain as search domain in the answer.
  • Page 44  In primos Wide-Area AirPrint has been configured 38. Requirements  A DNS server is operated in your network.  On your DNS server a conditional forwarder to the primos subdomain has been set up 38.  A DHCP server is operated in your network.
  • Page 45 (Several search domains are to be separated comma.) 6. Let the key board fade out.  The primos subdomain has been configured as search domain on the iOS device. The iOS device will search for and find printers in the primos subdomain.

  • Page 46: Security

    • ’How to Manage User Profiles (Access Control)’ 46 • ’How to Protect primos from Cross-Site Scripting’ 48 • ’How to Control the Access to primos (TCP Port Access Control)’ 48 • ’How to Use Certificates Correctly’ 50 • ’How to Use Authentication Methods’ 55...

  • Page 47: How To Define The Encryption Strength For Ssl/Tls Connections

    Depending on their cipher strength, cipher suites are grouped to form an encryption level. Which cipher suites are supported by primos, i.e. are part of an encryption level, depends on the SSL/TLS protocol used.
  • Page 48 Do not use the encryption level 'Low' if you use up-to-date browser software and if only HTTPS is defined as the permitted connection type for the web access to the primos Control Center. As current browsers do not support cipher suites of 'Low', a connection can then not be established.

  • Page 49: How To Control The Access To The Primos Control Center

    Security 6.2 How to Control the Access to the primos Control Center The web access to the primos Control Center can be secured by selecting the permitted types of connection (HTTP/HTTPS). If HTTPS is exclusively chosen as the connection type, the administrative web access to the primos Control Center is protected by SSL/TLS.

  • Page 50: How To Manage User Profiles (Access Control)

    (Active Directory or LDAP) 17. Directory users can Directory Service be used to log into the primos Control Center. To do this, they must be defined on primos. The users defined can then authenticate themselves with their directory service user name and password to gain access to the primos Control Center.
  • Page 51 5. To confirm, click Save.  The setting will be saved. Configuring Directory Service User Login  primos is embedded into a directory service 17. Requirements  In the directory service users are defined. 1. Start the primos Control Center.

  • Page 52: How To Protect Primos From Cross-Site Scripting

    6.5 How to Control the Access to primos (TCP Port Access Control) TCP Port Access You can control the access to primos. To do so, all TCP ports on primos can be blocked. Control Network elements that are to have permission to access primos, can be defined as exceptions and excluded from locking.
  • Page 53 The port access control is activated until the device is restarted. 7. Check the port access and configurability of primos. Note If primos can no longer be reached using the primos Control Center, restart the device (64). 8. Clear Test mode.

  • Page 54: How To Use Certificates Correctly

    Purpose • to check the identity of primos in the network (56). • to authenticate the client if the connection to the primos Control Center is protected via HTTPS (SSL/TLS) (45). • to encrypt print data (IPPS and Secure AirPrint 33).
  • Page 55 3. Select the certificate via the icon  The certificate is displayed. Creating a Self-Signed Certificate Note If a self-signed certificate has already been created in primos, you must first delete the certificate (54). 1. Start the primos Control Center. 2. Select SECURITY – Certificates.
  • Page 56 As preparation for using a certificate which is issued by a certification authority for primos, a certificate request can be created in the primos. The request must be sent to the certification authority which creates an certificate on the basis of this request. The certificate must be in 'base64' format.
  • Page 57 PKCS#12 certificates are used to save private keys and their respective certificates and to protect them by means of a password. Note If a PKCS#12 or a requested certificate has already been installed in primos, you must first delete the certificate (54).  The certificate must be in 'base64' format.
  • Page 58 Security Installing a CA Certificate in primos In order to check the identity of the network communicating parties of primos, it is necessary to validate their certificates. For this, the root CA certificates of the certification authorities that have issued the certificates of said communicating parties are installed in primos.

  • Page 59: How To Use Authentication Methods

    EAP-MD5 describes a user-based authentication method via a RADIUS server. primos Operation must be defined as user (with user name and password) on a RADIUS server. The authentication method EAP-MD5 must then be enabled in primos and the user name and password need to be entered.
  • Page 60 1. Start the primos Control Center. 2. Select SECURITY – Authentication. 3. Select MD5 from the Authentication method list. 4. Enter the User name and Password that are used for the configuration of primos on the RADIUS server. 5. Click Save to confirm.
  • Page 61 6. From the list Inner authentication choose the method intended to secure the com- munication in the TLS channel. 7. Enter the User name and Password that are used for the configuration of primos on the RADIUS server. 8. Install a WPA add-on. (Optional) 9.
  • Page 62 7. From the list PEAP version choose the PEAP protocol version to be used. 8. From the list PEAP label choose the PEAP label version to be used. 9. Enter the User name and Password that are used for the configuration of primos on the RADIUS server.
  • Page 63 • A shared secret key that contains the preshared key between primos and the RADIUS server. • An opaque part that is provided to primos and presented to the RADIUS server when primos wishes to obtain access to network resources.
  • Page 64 User Manual Security the RADIUS server. 9. Install a WPA add-on. (Optional) 10. Click Save to confirm.  The settings are saved.

  • Page 65: Maintenance

    User Manual Maintenance Maintenance Various maintenance activities can be carried out for primos. This chapter gives a short overview. • ’How to Secure the Configuration Settings (Backup)’ 62 What Information Do • ’How to Reset primos to Its Default Settings (Reset)’ 62 You Need? •...

  • Page 66: How To Secure The Configuration Settings (Backup)

    You must reset the configuration settings, for example, if you have changed the location Purpose of primos and thus want to use it in a different network. Before this change of location, you should reset primos to the default settings to install primos in another network.

  • Page 67: How To Perform An Update

    Note If you do a reset, the IP address of primos may change and the connection to the primos Control Center may be terminated.  ’Resetting the Configuration Settings via the primos Control Center’ 63...

  • Page 68: How To Restart Primos

     The update is executed. This may take a few minutes. Afterwards primos will restart. 7.4 How to Restart primos primos will restart automatically after an update. If primos is in an undefined state it can also be rebooted manually.

  • Page 69: How To Shut Down Primos

    Contact details can be found in the chapter ’Support And Service’ 5. Service file The service file is a compressed file which contains diagnostic information. In case of error, save this file to you local client and send it to the SEH Support together with your request (e.g. via email). Logging Per default only some information is stored in the service file.
  • Page 70 Send the service file to the SEH support.  Configuring the SSH Access Note The SSH connection may only be established and used after consultation with the SEH support. Using SSH for purposes other than that (remote maintenance etc.) is forbidden. 1. Start the primos Control Center.

  • Page 71: Appendix

    • ’IP Address’ 68 • ’Subnet Mask’ 68 Default Name The primos default name is made up of the two letters 'IC' and the device number. The device number consists of the last six numbers of its hardware address. Example: IC0001ff The default name can be found in the primos Control Center.
  • Page 72 00:c0:eb:00:01:ff respectively 00.c0.eb.00.01.ff Host name The host name is an alias for an IP address. The host name uniquely identifies primos in the network and makes it easier to remember. IP Address The IP address is a unique address for every node in your network, i.e., an IP address may appear only once in your local network.

  • Page 73: Troubleshooting

    Warning primos is not operational in the BIOS mode. If a primos is in the BIOS mode, the device will be marked accordingly in the SEH primos App with an indicator. To switch primos from BIOS to normal mode you have to first assign a temporary IP address to primos and then load software onto it.
  • Page 74  primos is in the BIOS mode 69. The password is no longer available The access to the primos is controlled by means of user accounts. You will need a user name and a password to get access. You can use the local administrator account or directory service users (46).
  • Page 75 Appendix The printer does not print. In order to print from iOS devices via primos, you have to create a print queue for the respective printer in primos. For each queue you then define numerous settings ( print protocol, access control and much more). Check ...

  • Page 76: Index

    User Manual Appendix 8.3 Index DNS server 38 Documentation 3 Downloads 5 Access control 46 Active Directory 17 EAP (Extensible Authentication Protocol) 55 Administration 9 FAST 59 Administrator 46 MD5 55 AirPrint identifier 32 PEAP 58 Authentication TLS 56...
  • Page 77 Prefix 32 primos 2 Safety regulations 6 Shutdown 65 Search domain 37 Switching off 65 Secure AirPrint 33 primos Control Center 9 Secure LDAP 18 Default user profile 9 Security 6 Logout 11 SEH primos App 12 Security 9 Installation 12...
  • Page 78 User Manual Appendix Service functions 65 Service file 65 Session timeout 46 Shutdown 65 SNTP 20 Software 63 SSH access 65 SSL/TLS 43 SSL/TLS connection 43 Subdomain 37 Subnet mask 13 Support 5 Switching Off 65 TCP Port Access Control 48...

Table of Contents