Aficio Pro C550EX Manual
  1. Manuals
  2. Brands
  3. Aficio Manuals
  4. Printer
  5. Pro C550EX
  6. Manual

Aficio Pro C550EX Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information
in "About This Machine" before using the machine.
Getting Started
1
Authentication and its Application
2
Ensuring Information Security
3
Managing Access to the Machine
4
Enhanced Network Security
5
Specifying the Extended Security Functions
6
Troubleshooting
7
Appendix
8
Operating Instructions
Security Reference

Advertisement

Table of Contents
loading

Related Manuals for Aficio Pro C550EX

Summary of Contents for Aficio Pro C550EX

  • Page 1 Operating Instructions Security Reference Getting Started Authentication and its Application Ensuring Information Security Managing Access to the Machine Enhanced Network Security Specifying the Extended Security Functions Troubleshooting Appendix Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information in "About This Machine"...
  • Page 2 Introduction This manual contains detailed instructions and notes on the operation and use of this machine. For your safety and benefit, read this manual carefully before using the machine. Keep this manual in a handy place for quick reference. Important Contents of this manual are subject to change without prior notice.

  • Page 3: Manuals For This Machine

    Manuals for This Machine Refer to the manuals that are relevant to what you want to do with the machine. • Media differ according to manual. • The printed and electronic versions of a manual have the same contents. • Adobe Acrobat Reader/Adobe Reader must be installed in order to view the manuals as PDF files. •...
  • Page 4 Information Contains general notes on the machine, and information about the trademarks of product names used in the manuals. • Manuals provided are specific to machine types. • In addition to the above, manuals are also provided for the Printer functions. •...

  • Page 5: Table Of Contents

    TABLE OF CONTENTS Manuals for This Machine..........................1 How to Read This Manual..........................8 Symbols................................8 IP Address...............................8 1. Getting Started Enhanced Security..............................9 Glossary................................9 Setting Up the Machine..........................10 Security Measures Provided by this Machine....................13 Using Authentication and Managing Users....................13 Ensuring Information Security........................13 Limiting and Controlling Access........................14 Enhanced Network Security........................15 2.
  • Page 6 Specifying Basic Authentication........................41 Authentication Information Stored in the Address Book................43 Specifying Login User Name and Login Password...................43 Windows Authentication..........................48 Specifying Windows Authentication......................49 LDAP Authentication............................54 Specifying LDAP Authentication.........................55 If User Authentication is Specified........................58 User Code Authentication (Using the Control Panel)................58 Login (Using the Control Panel)........................58 Log Off (Using the Control Panel)......................60 Login (Using Web Image Monitor)......................61 Log Off (Using Web Image Monitor)......................61...
  • Page 7 Limiting Available Functions..........................99 Specifying Which Functions are Available....................99 5. Enhanced Network Security Preventing Unauthorized Access........................103 Access Control............................103 Enabling/Disabling Protocols........................104 Specifying Network Security Level......................108 Encrypting Transmitted Passwords.......................112 Protection Using Encryption..........................113 SSL (Secure Sockets Layer) Encryption....................113 User Settings for SSL (Secure Sockets Layer)..................118 Setting the SSL / TLS Encryption Mode....................118 SNMPv3 Encryption..........................120 Transmission Using IPsec..........................123...
  • Page 8 A Message Appears..........................161 An Error Code Appears..........................162 Machine Cannot Be Operated........................176 8. Appendix Supervisor Operations..........................179 Logging on as the Supervisor........................179 Logging off as the Supervisor........................181 Changing the Supervisor..........................181 Resetting an Administrator's Password....................183 Machine Administrator Settings........................185 System Settings............................185 Maintenance..............................187 Copier / Document Server Features.......................187 Settings via Web Image Monitor......................188 Network Administrator Settings........................190 System Settings............................190...
  • Page 9 INDEX ................................229...

  • Page 10: How To Read This Manual

    How to Read This Manual Symbols This manual uses the following symbols: Indicates important safety notes. Ignoring these notes could result in serious injury or death. Be sure to read these notes. They can be found in the "Safety Information" section of About This Machine. Indicates important safety notes.

  • Page 11: Enhanced Security

    1. Getting Started This chapter describes the machine's security features and how to specify initial security settings. Enhanced Security This machine's security functions can be enhanced by managing the machine and its users using the improved authentication functions. By specifying access limits for the machine's functions and the documents and data stored in the machine, information leaks and unauthorized access can be prevented.

  • Page 12: Setting Up The Machine

    1. Getting Started Basically, administrators make machine settings and manage the machine; but they cannot perform normal operations, such as copying. User A user performs normal operations on the machine, such as copying. File Creator (Owner) This is a user who can store files in the machine and authorize other users to view, edit, or delete those files.
  • Page 13 Enhanced Security Press [System Settings]. Press [Interface Settings]. Specify the IPv4 Address. For details on how to specify the IPv4 address, see "Interface Settings", General Settings Guide. Connect the machine to the network. Start Web Image Monitor, and then log on to the machine as the administrator. For details about logging on to Web Image Monitor as an administrator, see "Using Web Image Monitor".
  • Page 14 1. Getting Started • p.36 "Using Web Image Monitor" • p.113 "Protection Using Encryption" • p.28 "Registering the Administrator"...

  • Page 15: Security Measures Provided By This Machine

    Security Measures Provided by this Machine Security Measures Provided by this Machine Using Authentication and Managing Users Enabling Authentication To control administrators' and users' access to the machine, perform administrator authentication and user authentication using login user names and login passwords. To perform authentication, the authentication function must be enabled.

  • Page 16: Limiting And Controlling Access

    1. Getting Started To protect the data from unauthorized reading, you can also encrypt the data in the Address Book. For details about protecting registered information in the Address Book, see "Protecting the Address Book". Encrypting Data on the Hard Disk Encrypt data stored on the hard disk to prevent information leakage.

  • Page 17: Enhanced Network Security

    Security Measures Provided by this Machine Enhanced Network Security Preventing Unauthorized Access You can limit IP addresses or disable ports to prevent unauthorized access over the network and protect the Address Book, stored files, and default settings. For details about preventing unauthorized access, see "Preventing Unauthorized Access".
  • Page 18 1. Getting Started...

  • Page 19: Authentication And Its Application

    2. Authentication and its Application This chapter describes how to register the administrator and specify the authentication methods. How to log on and log off once authentication is enabled is also described here. Administrators and Users When controlling access using the authentication method specified by an administrator, select the machine's administrator, enable the authentication function, and then use the machine.

  • Page 20: User

    2. Authentication and its Application If any of the users forget their password, the user administrator can delete it and create a new one, allowing the user to access the machine again. For instructions on registering the user administrator, see "Registering the Administrator". Machine Administrator This is the administrator who mainly manages the machine's default settings.
  • Page 21 Administrators and Users For details about registering users in the Address Book, see "Administrator Tools", General Settings Guide, or see Web Image Monitor Help.

  • Page 22: The Management Function

    2. Authentication and its Application The Management Function The machine has an authentication function requiring a login user name and login password. By using the authentication function, you can specify access limits for individual users. Using access limits, you can not only limit the machine's available functions but also protect the machine settings and files and data stored in the machine.

  • Page 23: About User Authentication

    The Management Function 1. User Administrator This administrator manages personal information in the Address Book. You can register/delete users in the Address Book or change users' personal information. 2. Machine Administrator This administrator manages the machine's default settings. It is possible to enable only the machine administrator. 3.
  • Page 24 2. Authentication and its Application BTD600S 1. User A user performs normal operations on the machine, such as copying. 2. Unauthorized User 3. Authentication Using a login user name and password, user authentication is performed. 4. This Machine 5. Access Limit Using authentication, unauthorized users are prevented from accessing the machine.

  • Page 25: Enabling Authentication

    Enabling Authentication Enabling Authentication To control administrators' and users' access to the machine, perform administrator or user authentication using login user names and passwords. To perform authentication, the authentication function must be enabled. To specify authentication, you need to register administrators. For instructions on registering the administrator, see "Registering the Administrator".
  • Page 26 2. Authentication and its Application • p.25 "Administrator Authentication" • p.38 "User Authentication" • p.25 "Specifying Administrator Privileges" • p.28 "Registering the Administrator" • p.39 "User Code Authentication" • p.41 "Basic Authentication" • p.48 "Windows Authentication" • p.54 "LDAP Authentication"...

  • Page 27: Administrator Authentication

    Administrator Authentication Administrator Authentication Administrators are handled differently from the users registered in the Address Book. When registering an administrator, you cannot use a login user name already registered in the Address Book. Windows Authentication and LDAP Authentication are not performed for an administrator, so an administrator can log on even if the server is unreachable due to a network problem.
  • Page 28 2. Authentication and its Application Press [System Settings]. Press [Administrator Tools]. Press [Administrator Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
  • Page 29 Administrator Authentication Press [User Management], [Machine Management], [Network Management], or [File Management] key to select which settings to manage. Set "Admin. Authentication" to [On]. "Available Settings" appears. Select the settings to manage from "Available Settings". The selected settings will be unavailable to users. "Available Settings"...

  • Page 30: Registering The Administrator

    2. Authentication and its Application • p.179 "Supervisor Operations" • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication" • p.95 "Managing Access to the Machine" Registering the Administrator If administrator authentication has been specified, we recommend only one person take each administrator role.
  • Page 31 Administrator Authentication Press [System Settings]. Press [Administrator Tools]. Press [Program / Change Administrator].
  • Page 32 2. Authentication and its Application In the line for the administrator whose authority you want to specify, press [Administrator 1], [Administrator 2], [Administrator 3] or [Administrator 4], and then press [Change]. If you allocate each administrator's authority to a different person, the screen appears as follows: Press [Change] for the login user name.
  • Page 33 Administrator Authentication Enter the login user name, and then press [OK]. Press [Change] for the login password. Enter the login password, and then press [OK]. Follow the password policy to make the login password more secure. For details about the password policy and how to specify it, see "Specifying the Extended Security Functions".
  • Page 34 2. Authentication and its Application Press [Change] for the encryption password. Enter the encryption password, and then press [OK]. If a password reentry screen appears, enter the encryption password, and then press [OK]. Press [OK] twice. You will be logged off. Press the [User Tools/Counter] key.

  • Page 35: Logging On Using Administrator Authentication

    Administrator Authentication Logging on Using Administrator Authentication If administrator authentication has been specified, log on using an administrator's user name and password. This section describes how to log on. Press the [Login/Logout] key. BTD008S The message, "Press [Login], then enter the login user name and login password." appears. Press [Login].

  • Page 36: Logging Off Using Administrator Authentication

    2. Authentication and its Application Enter the login password, and then press [OK]. "Authenticating... Please wait." appears, followed by the screen for specifying the default. • If user authentication has already been specified, a screen for authentication appears. • To log on as an administrator, enter the administrator's login user name and login password. •...

  • Page 37: Changing The Administrator

    Administrator Authentication Changing the Administrator Change the administrator's login user name and login password. You can also assign administrator authority to the login user names [Administrator 1] to [Administrator 4]. To combine the authorities of multiple administrators, assign multiple administrators to a single administrator. For example, to assign machine administrator authority and user administrator authority to [Administrator 1], press [Administrator 1] in the lines for the machine administrator and the user administrator.

  • Page 38: Using Web Image Monitor

    2. Authentication and its Application Press [Program / Change Administrator]. In the line for the administrator you want to change, press [Administrator 1], [Administrator 2], [Administrator 3] or [Administrator 4], and then press [Change]. Press [Change] for the setting you want to change, and re-enter the setting. Press [OK].
  • Page 39 Administrator Authentication Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is "192.168.001.010", you must enter it as "192.168.1.10" to connect to the machine. The top page of Web Image Monitor appears.

  • Page 40: User Authentication

    2. Authentication and its Application User Authentication There are four types of user authentication methods: User Code authentication, Basic authentication, Windows authentication and LDAP authentication. To use user authentication, select an authentication method on the control panel, and then make the required settings for the authentication. The settings depend on the authentication method.

  • Page 41: User Code Authentication

    User Code Authentication User Code Authentication This is an authentication method for limiting access to functions according to a user code. The same user code can be used by more than one user. For details about specifying user codes, see "Authentication Information", General Settings Guide.
  • Page 42 2. Authentication and its Application Press [User Authentication Management]. Select [User Code Auth.]. If you do not want to use user authentication management, select [Off]. Select which of the machine's functions you want to limit. Keys for the selected functions are available to users only when a user code is entered. For details about limiting available functions for individuals, see "Limiting Available Functions".

  • Page 43: Basic Authentication

    Basic Authentication Basic Authentication Specify this authentication method when using the machine's Address Book to authenticate each user. Using Basic authentication, you can not only manage the machine's available functions but also limit access to stored files and to the personal data in the Address Book. Under Basic authentication, the administrator must specify the functions available to each user registered in the Address Book.
  • Page 44 2. Authentication and its Application Press [User Authentication Management]. Select [Basic Auth.]. If you do not want to use user authentication management, select [Off]. Select which of the machine's functions you want to permit. Basic Authentication will be applied to the selected functions. Users can use the selected functions only.

  • Page 45: Authentication Information Stored In The Address Book

    Basic Authentication • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication" • p.99 "Limiting Available Functions" Authentication Information Stored in the Address Book This can be specified by the user administrator. For details about logging on and logging off with administrator authentication, see "Administrator Authentication".
  • Page 46 2. Authentication and its Application Select the user. Press [Auth. Info]. Press [Change] for "Login User Name". Enter a login user name, and then press [OK].
  • Page 47 Basic Authentication Press [Change] for "Login Password". Enter a login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK]. Press [Exit] twice. Press the [User Tools/Counter] key. Press [System Settings]. Press [Administrator Tools].
  • Page 48 2. Authentication and its Application Select the user. Press [Auth. Info]. Select [Use Auth. Info at Login] in "SMTP Authentication".
  • Page 49 Basic Authentication If the setting to be specified does not appear, press [ Next] to scroll down to other settings. For folder authentication, select [Use Auth. Info at Login] in "Folder Authentication". For LDAP authentication, select [Use Auth. Info at Login] in "LDAP Authentication". Press [OK].

  • Page 50: Windows Authentication

    2. Authentication and its Application Windows Authentication Specify this authentication when using the Windows domain controller to authenticate users who have their accounts on the directory server. Users cannot be authenticated if they do not have their accounts in the directory server.

  • Page 51: Specifying Windows Authentication

    Windows Authentication • Enter the login password correctly; keeping in mind that it is case-sensitive. • The first time you access the machine, you can use the functions available to your group. If you are not registered in a group, you can use the functions available under [*Default Group]. To limit which functions are available to which users, first make settings in advance in the Address Book.
  • Page 52 2. Authentication and its Application Press [Administrator Tools]. Press [User Authentication Management]. Select [Windows Auth.]. If you do not want to use user authentication management, select [Off].
  • Page 53 Windows Authentication If you want to use Kerberos authentication, press [On]. If you want to use NTLM authentication, press [Off] and proceed to step 8. Select a Kerberos authentication realm and proceed to step 9. To enable Kerberos authentication, a realm must be registered beforehand. The realm name must be registered in capital letters.
  • Page 54 2. Authentication and its Application • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication" Creating the Server Certificate To create the server certificate for the domain controller, use the following procedure: Start Internet Services Manager. Right-click [Default Web Site], and then click [Properties].
  • Page 55 Windows Authentication Click [Install]. Enter the contents of the device certificate. In the "Certificate Request" box, enter the contents of the device certificate received from the certificate authority. Click [OK]. "Installed" appears under "Certificate Status" to show that a device certificate for the machine has been installed.

  • Page 56: Ldap Authentication

    2. Authentication and its Application LDAP Authentication Specify this authentication method when using the LDAP server to authenticate users who have their accounts on the LDAP server. Users cannot be authenticated if they do not have their accounts on the LDAP server. The Address Book stored in the LDAP server can be registered to the machine, enabling user authentication without first using the machine to register individual settings in the Address Book.

  • Page 57: Specifying Ldap Authentication

    LDAP Authentication You do not have to enter the user name if the LDAP server supports "Anonymous Authentication". • Password You do not have to enter the password if the LDAP server supports "Anonymous Authentication". • When you select Cleartext authentication, LDAP Simplified authentication is enabled. Simplified authentication can be performed with a user attribute (such as cn, or uid), instead of the DN.
  • Page 58 2. Authentication and its Application Press [System Settings]. Press [Administrator Tools]. Press [User Authentication Management].
  • Page 59 LDAP Authentication Select [LDAP Auth.]. If you do not want to use user authentication management, select [Off]. Select the LDAP server to be used for LDAP authentication. • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication"...

  • Page 60: If User Authentication Is Specified

    2. Authentication and its Application If User Authentication is Specified When user authentication (User Code Authentication, Basic Authentication, Windows Authentication or LDAP Authentication) is set, the authentication screen is displayed. Unless a valid user name and password are entered, operations are not possible with the machine. Log on to operate the machine, and log off when you are finished operations.
  • Page 61 If User Authentication is Specified Press the [Login/Logout] key. BTD008S Press [Login]. Enter the login user name, and then press [OK].

  • Page 62: Log Off (Using The Control Panel)

    2. Authentication and its Application Enter the login password, and then press [OK]. The message, "Authenticating... Please wait." appears. Log Off (Using the Control Panel) Follow the procedure below to log off when Basic Authentication, Windows Authentication, or LDAP Authentication is set. Press the [Login/Logout] key.

  • Page 63: Login (Using Web Image Monitor)

    If User Authentication is Specified • You can log off using the following procedures also. • Press the [Power] key. • Press the [Energy Saver] key. Login (Using Web Image Monitor) This section explains how to log on to the machine via Web Image Monitor. Click [Login] on the top page of the Web Image Monitor.
  • Page 64 2. Authentication and its Application Setting Item Description Setting Values Default Setting Specify whether or not • Active Lockout to enable the lockout • Inactive • Inactive function. Specify the number of authentication Number of Attempts attempts to allow 1-10 Before Lockout before applying lockout.
  • Page 65 If User Authentication is Specified Click [Login]. The machine administrator can log on. Enter the login user name and login password. Click [Configuration], and then click [User Lockout Policy] under "Security". The User Lockout Policy page appears. Set "Lockout" to [Active]. In the drop down menu, select the number of login attempts to permit before applying lockout.

  • Page 66: Auto Logout

    2. Authentication and its Application Auto Logout This can be specified by the machine administrator. When using user authentication management, the machine automatically logs you off if you do not use the control panel within a given time. This feature is called "Auto Logout". Specify how long the machine is to wait before performing Auto Logout.
  • Page 67 If User Authentication is Specified Select [On]. If you do not want to specify [Auto Logout Timer], select [Off]. Enter "60" to "999" (seconds) using the number keys, and then press [ ]. Press the [User Tools/Counter] key.
  • Page 68 2. Authentication and its Application...

  • Page 69: Ensuring Information Security

    3. Ensuring Information Security This chapter describes how to protect data that is stored on the machine. Specifying Access Permission for Stored Files This section describes Specifying Access Permission for Stored Files. You can specify who is allowed to access files stored in the Document Server. You can also specify which users can change or delete stored files.
  • Page 70 3. Ensuring Information Security By making this setting, only users granted access permission can access stored files. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication". • If files become inaccessible, reset their access permission as the file creator (owner). This can also be done by the file administrator.
  • Page 71 Specifying Access Permission for Stored Files Press [Program/Change/Delete]. Press [New Program]. Select the users you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit]. Select the user who you want to assign access permission to, and then select the permission. Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].

  • Page 72: Specifying Passwords For Stored Files

    3. Ensuring Information Security • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication" Specifying Passwords for Stored Files This can be specified by the file creator (owner) or file administrator. Specify passwords for stored files. This provides increased protection against unauthorized use of files.

  • Page 73: Unlocking Files

    Specifying Access Permission for Stored Files Press [Change Password]. Enter the password using the number keys. You can use 4 to 8 numbers as the password for the stored file. Press [OK]. Confirm the password by re-entering it using the number keys. Press [OK].
  • Page 74 3. Ensuring Information Security Only the file administrator can unlock files. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication". Press the [Document Server] key. Select the file. Press [File Management].
  • Page 75 Specifying Access Permission for Stored Files • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication"...

  • Page 76: Protecting The Address Book

    3. Ensuring Information Security Protecting the Address Book If user authentication is specified, you can specify who is allowed to access the data in the address book. To protect the data from unauthorized reading, you can also encrypt the data in the Address Book. Encrypting Data in the Address Book This can be specified by the user administrator.
  • Page 77 Protecting the Address Book Press [Extended Security]. Press [On] for "Encrypt Address Book". Press [Change] for "Encryption Key". Enter the encryption key, and then press [OK]. Enter the encryption key using up to 32 alphanumeric characters. Press [Encrypt / Decrypt]. Press [Yes].
  • Page 78 3. Ensuring Information Security Normally, once encryption is complete, [Exit] appears. If you press [Stop] during encryption, the data is not encrypted. If you press [Stop] during decryption, the data stays encrypted. Press [Exit]. Press [OK]. Press the [User Tools/Counter] key. •...

  • Page 79: Encrypting Data On The Hard Disk

    Encrypting Data on the Hard Disk Encrypting Data on the Hard Disk This can be specified by the machine administrator. In order to use this function, the HDD Encryption Unit option is required. Prevent information leakage by encrypting the Address Book, authentication information, and stored documents as the data is written.
  • Page 80 3. Ensuring Information Security Press the [User Tools/Counter] key. Press [System Settings]. Press [Administrator Tools]. Press [Machine Data Encryption Settings]. If the setting to be specified does not appear, press [ Next].
  • Page 81 Encrypting Data on the Hard Disk Press [Encrypt]. Select the data to be carried over to the hard disk and not be reset. To carry all of the data over to the hard disk, select [All Data]. To carry over only the machine settings data, select [File System Data Only].

  • Page 82: Printing The Encryption Key

    3. Ensuring Information Security Press [OK]. Press [Exit]. Press [Exit]. Press the [User Tools/Counter] key. Turn off the power and the main power switch, and then turn the main power switch back For details about turning off the power, see "Turning On the Power", About This Machine. Printing the Encryption Key Use the following procedure to print the key again if it has been lost or misplaced.
  • Page 83 Encrypting Data on the Hard Disk Press [Administrator Tools]. Press [Machine Data Encryption Settings]. Press [Print Encryption Key]. The encryption key for retrieving backup data is printed.

  • Page 84: Updating The Encryption Key

    3. Ensuring Information Security Press the [Start] key. Press [Exit]. Updating the Encryption Key You can update the encryption key and create a new key. Updates are possible when the machine is functioning normally. • The encryption key is required for recovery if the machine malfunctions. Be sure to store the encryption key safely for retrieving back-up data.
  • Page 85 Encrypting Data on the Hard Disk Press [Administrator Tools]. Press [Machine Data Encryption Settings]. Press [Update Encryption Key]. Select the data to be carried over to the hard disk and not be reset. To carry all of the data over to the hard disk, select [All Data]. To carry over only the machine settings data, select [File System Data Only].

  • Page 86: Canceling Data Encryption

    3. Ensuring Information Security Press the [Start] key. The encryption key for retrieving the backup data is printed. Press [OK]. Press [Exit]. Press [Exit]. Press the [User Tools/Counter] key. Turn off the power and the main power switch, and then turn the main power switch back For details about turning off the power, see "Turning On the Power", About This Machine.
  • Page 87 Encrypting Data on the Hard Disk • After completing this procedure on the machine's control panel, turn off the power and restart the machine to enable the new settings. Restarting can be slow when there is data to be carried over to the hard disk.
  • Page 88 3. Ensuring Information Security Press [Cancel Encryption]. Select the data to be carried over to the hard disk and not be reset. To carry all of the data over to the hard disk, select [All Data]. To carry over only the machine settings data, select [File System Data Only].

  • Page 89: Deleting Data On The Hard Disk

    Deleting Data on the Hard Disk Deleting Data on the Hard Disk This can be specified by the machine administrator. To use this function, the optional DataOverwriteSecurity Unit must be installed. The machine's hard disk stores all document data from the copier function. It also stores the data of users' document boxes and code counters, and the Address Book.
  • Page 90 3. Ensuring Information Security • The Data Overwrite icon will indicate "Clear" when there is a Sample Print/Locked Print/Hold Print/ Stored Print job. • If the Data Overwrite icon is not displayed, first check if Auto Erase Memory has been set to Off. If the icon is not displayed even though Auto Erase Memory is On, contact your service representative.
  • Page 91 Deleting Data on the Hard Disk Press [Auto Erase Memory Setting]. Press [On]. Select the method of overwriting. If you select [NSA] or [DoD], proceed to step 10. If you select [Random Numbers], proceed to step 8. For details about the methods of overwriting, see "Methods of Overwriting". Press [Change].
  • Page 92 3. Ensuring Information Security Canceling Auto Erase Memory This can be specified by the machine administrator. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication". Follow steps 1 to 5 in "Using Auto Erase Memory". Press [Off].
  • Page 93 Deleting Data on the Hard Disk Erase All Memory This can be specified by the machine administrator. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication". You can erase all the data on the hard disk by writing over it. This is useful if you relocate or dispose of your machine.
  • Page 94 3. Ensuring Information Security Enter the number of times that you want to overwrite using the number keys, and then press [ ]. Press [Erase]. Press [Yes]. When overwriting is completed, press [Exit], and then turn off the main power. Before turning the power off, see "Turning On the Power", About This Machine.
  • Page 95 Deleting Data on the Hard Disk • To resume overwriting, turn on the main power.
  • Page 96 3. Ensuring Information Security...

  • Page 97: Managing Access To The Machine

    4. Managing Access to the Machine This chapter describes how to prevent unauthorized access to and modification of the machine's settings. Preventing Modification of Machine Settings This section describes Preventing Modification of Machine Settings. The administrator type determines which machine settings can be modified. Users cannot change the administrator settings.
  • Page 98 4. Managing Access to the Machine • p.25 "Administrator Authentication" • p.195 "User Administrator Settings" • p.185 "Machine Administrator Settings" • p.190 "Network Administrator Settings" • p.193 "File Administrator Settings" • p.201 "User Settings - Control Panel Settings" • p.214 "User Settings - Web Image Monitor Settings"...

  • Page 99: Menu Protect

    Menu Protect Menu Protect The administrator can also limit users' access permission to the machine's settings. The machine's [System Settings] menu and the machine's regular menus can be locked so they cannot be changed. This function is also effective when management is not based on user authentication. For a list of settings that users can specify according to the Menu Protect level, see "User Settings - Control Panel Settings", "User Settings - Web Image Monitor Settings".
  • Page 100 4. Managing Access to the Machine Press [Administrator Tools]. Press [Menu Protect]. Select the menu protect level, and then press [OK]. Press the [User Tools/Counter] key.

  • Page 101: Limiting Available Functions

    Limiting Available Functions Limiting Available Functions To prevent unauthorized operation, you can specify who is allowed to access each of the machine's functions. Available Functions Specify the available functions from the copier, Document Server functions. [Full Colour / Two Colour / Single Colour / Black & White, Two-colour / Single Copier Colour / Black &...
  • Page 102 4. Managing Access to the Machine Press [Administrator Tools]. Press [Address Book Management]. Select the user.
  • Page 103 Limiting Available Functions Press [Auth. Info]. In "Available Functions", select the functions you want to specify. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [OK]. Press [Exit]. Press the [User Tools/Counter] key. •...
  • Page 104 4. Managing Access to the Machine...

  • Page 105: Enhanced Network Security

    5. Enhanced Network Security This chapter describes how to increase security over the network using the machine's functions. Preventing Unauthorized Access You can limit IP addresses, disable ports and protocols, or use Web Image Monitor to specify the network security level to prevent unauthorized access over the network and protect the Address Book, stored files, and default settings.

  • Page 106: Enabling/Disabling Protocols

    5. Enhanced Network Security Click [Logout]. Enabling/Disabling Protocols This can be specified by the network administrator. Specify whether to enable or disable the function for each protocol. By making this setting, you can specify which protocols are available and so prevent unauthorized access over the network. Network settings can be specified on the control panel, or using Web Image Monitor, telnet.
  • Page 107 Preventing Unauthorized Access Protocol Port Setting Method Disabled Condition Functions that require • Web Image Monitor HTTP cannot be used. HTTP TCP:80 • telnet Cannot print using IPP on port 80. Functions that require HTTPS cannot be used. You can also make settings to require SSL •...
  • Page 108 5. Enhanced Network Security Protocol Port Setting Method Disabled Condition Functions that require SNMPv3 cannot be used. You can also make settings to require • Web Image Monitor SNMPv3 encrypted SNMPv3 UDP:161 • telnet transmission and restrict the use of other transmission methods using the control panel, Web Image Monitor, or...
  • Page 109 Preventing Unauthorized Access Press [Interface Settings]. Press [Effective Protocol]. Press [Inactive] for the protocol you want to disable. Press [OK]. Press the [User Tools/Counter] key. • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication"...

  • Page 110: Specifying Network Security Level

    5. Enhanced Network Security Making Settings Using Web Image Monitor Open a Web browser. Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is "192.168.001.010", you must enter it as "192.168.1.10"...
  • Page 111 Preventing Unauthorized Access Press [System Settings]. Press [Administrator Tools]. Press [Network Security Level]. If the setting you want to specify does not appear, press [ Next] to scroll down to other settings.
  • Page 112 5. Enhanced Network Security Select the network security level. Select [Level 0], [Level 1], or [Level 2]. Press [OK]. Press [Exit]. Press the [User Tools/Counter] key. • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication" Making Settings Using Web Image Monitor Open a Web browser.
  • Page 113 Preventing Unauthorized Access Status of Functions under each Network Security Level Tab Name:TCP/IP Function Level 0 Level 1 Level 2 TCP/IP Available Available Available HTTP> Port 80 open open open HTTP> Port 443 open open open HTTP> Port 631 open open closed HTTP>...

  • Page 114: Encrypting Transmitted Passwords

    5. Enhanced Network Security Encrypting Transmitted Passwords Prevent login passwords from being revealed by encrypting them for transmission. Also, encrypt the login password for administrator authentication and user authentication.

  • Page 115: Protection Using Encryption

    Protection Using Encryption Protection Using Encryption Establish encrypted transmission on this machine using SSL, SNMPv3, and IPsec. By encrypting transmitted data and safeguarding the transmission route, you can prevent sent data from being intercepted, analyzed, and tampered with. SSL (Secure Sockets Layer) Encryption This can be specified by the network administrator.
  • Page 116 5. Enhanced Network Security 2. The device certificate and public key are sent from the machine to the user's computer. 3. Create a shared key from the user's computer, and then encrypt it using the public key. 4. The encrypted shared key is sent to the machine. 5.
  • Page 117 Protection Using Encryption Click [Login]. The network administrator can log on. Enter the login user name and login password. Click [Configuration], and then click [Device Certificate] under "Security". Check the radio button next to the number of the certificate you want to create. Click [Create].
  • Page 118 5. Enhanced Network Security Click [Request]. Make the necessary settings. Click [OK]. "Requesting" appears for "Certificate Status" in the "Certificates" area. Click [Logout]. Apply to the certificate authority for the device certificate. The application procedure depends on the certificate authority. For details, contact the certificate authority.
  • Page 119 Protection Using Encryption Enter the contents of the device certificate. In the "Certificate Request" box, enter the contents of the device certificate received from the certificate authority. Click [OK]. "Installed" appears under "Certificate Status" to show that a device certificate for the machine has been installed.

  • Page 120: User Settings For Ssl (Secure Sockets Layer)

    5. Enhanced Network Security User Settings for SSL (Secure Sockets Layer) If you have installed a device certificate and enabled SSL (Secure Sockets Layer), you need to install the certificate on the user's computer. The network administrator must explain the procedure for installing the certificate to users. If a warning dialog box appears while accessing the machine using the Web Image Monitor or IPP, start the Certificate Import Wizard and install a certificate.
  • Page 121 Protection Using Encryption Setting the SSL / TLS Encryption Mode This can be specified by the network administrator. After installing the device certificate, specify the SSL/TLS encrypted communication mode. By making this setting, you can change the security level. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication".

  • Page 122: Snmpv3 Encryption

    5. Enhanced Network Security If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select the encrypted communication mode. Select [Ciphertext Only], [Ciphertext Priority], or [Ciphertext / Cleartext] as the encrypted communication mode. Press [OK].
  • Page 123 Protection Using Encryption Press [System Settings]. Press [Interface Settings]. Press [Permit SNMPv3 Communication]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
  • Page 124 5. Enhanced Network Security Press [Encryption Only]. Press [OK]. Press the [User Tools/Counter] key. • If network administrator's [Encryption Password] setting is not specified, the data for transmission may not be encrypted or sent. For details about specifying the network administrator's [Encryption Password] setting, see "Registering the Administrator".

  • Page 125: Transmission Using Ipsec

    Transmission Using IPsec Transmission Using IPsec This can be specified by the network administrator. For communication security, this machine supports IPsec. IPsec transmits secure data packets at the IP protocol level using the shared key encryption method, where both the sender and receiver retain the same key.

  • Page 126: Encryption Key Auto Exchange Settings And Encryption Key Manual Settings

    5. Enhanced Network Security • For successful authentication, the sender and receiver must specify the same authentication algorithm and authentication key. If you use the encryption key auto exchange method, the authentication algorithm and authentication key are specified automatically. AH Protocol Performs secure transmission using authentication only.

  • Page 127: Ipsec Settings

    Transmission Using IPsec IPsec Settings IPsec settings for this machine can be made on Web Image Monitor. The following table explains individual setting items. Encryption Key Auto Exchange / Manual Settings - Shared Settings Setting Description Setting Value • Active Specify whether to enable or IPsec disable IPsec.
  • Page 128 5. Enhanced Network Security Security Level Security Level Features Select this level if you want to encrypt the data packets as well as authenticate the transmission partner and prevent unauthorized Authentication and High Level packet tampering. Packet encryption helps prevent Encryption eavesdropping attacks.
  • Page 129 Transmission Using IPsec Authentication and Low Level Authentication and High Setting Authentication Only Encryption Level Encryption Phase 2 Authentic HMAC-MD5-96/ HMAC-MD5-96/HMAC- HMAC-SHA1-96 ation HMAC-SHA1-96 SHA1-96 Algorithm Phase 2 Encryptio Cleartext (NULL DES/3DES/AES-128/ 3DES/AES-128/ encryption) AES-192/AES-256 AES-192/AES-256 Algorithm Phase 2 Inactive Inactive Encryption Key Auto Exchange Setting Items When you specify a security level, the corresponding security settings are automatically configured,...
  • Page 130 5. Enhanced Network Security Setting Description Setting Value The IPsec transmission partner's IPv4 or IPv6 address. Specify the address of the IPsec If you are not setting an address Remote Address transmission partner. You can range, enter 32 after an IPv4 also specify an address range.
  • Page 131 Transmission Using IPsec Setting Description Setting Value Specify the encryption Phase 1 algorithm to be used in phase • DES Encryption Algorithm • 3DES (auto setting) Specify the Diffie-Hellman Phase 1 • 1 group number. Diffie-Hellman Group • 2 (auto setting) Specify the time period for Phase 1 Set in seconds from 300 sec.
  • Page 132 5. Enhanced Network Security Encryption Key Manual Settings Items Setting Description Setting Value • Inactive • IPv4 Specify the address type for Address Type which IPsec transmission is • IPv6 used. • IPv4/IPv6 (Default Settings only) The machine's IPv4 or IPv6 address.
  • Page 133 Transmission Using IPsec Setting Description Setting Value Specify the same value as your Any number between 256 and SPI (Input) transmission partner's SPI 4095 output value. To use encryption and authentication data, specify • EPS EPS. Security Protocol • AH To use authentication data only, specify AH.

  • Page 134: Encryption Key Auto Exchange Settings Configuration Flow

    5. Enhanced Network Security Setting Description Setting Value Specify a value within the ranges shown below, according to the encryption algorithm. hexadecimal value 0-9, a-f, A-F • DES, set 16 digits • 3DES, set 48 digits • AES-128, set 32 digits •...
  • Page 135 Transmission Using IPsec BBD004S • To use a certificate to authenticate the transmission partner in encryption key auto exchange settings, a device certificate must be installed. • After configuring IPsec, you can use "Ping" command to check if the connection is established correctly. However, you cannot use "Ping"...
  • Page 136 5. Enhanced Network Security Make encryption key auto exchange settings in "Settings 1". If you want to make multiple settings, select the settings number and add settings. Click [OK]. Select [Active] for "IPsec". Set "Exclude HTTPS Transmission" to [Active] if you do not want to use IPsec for HTTPS transmission.
  • Page 137 Transmission Using IPsec On the [Start] menu, click [Control Panel], click [Performance and Maintenance], and then click [Administrative Tools]. Click [Local Security Policy]. Click [IP Security Policies on Local Computer]. In the "Action" menu, click [Create IP Security Policy]. The IP Security Policy Wizard appears. Click [Next].
  • Page 138 5. Enhanced Network Security Select "A specific IP address" in "Destination Address", enter the machine's IP address, and then click [Next]. Select the protocol type for IPsec, and then click [Next]. Click [Finish]. Click [OK]. Select the IP filter that was just created, and then click [Next]. Select the IPsec security filter, and then click [Edit].

  • Page 139: Encryption Key Manual Settings Configuration Flow

    Transmission Using IPsec Encryption Key Manual Settings Configuration Flow This section explains the procedure for specifying encryption key manual settings. This can be specified by the network administrator. BBD003S • Before transmission, SA information is shared and specified by the sender and receiver. To prevent SA information leakage, we recommend that this exchange is not performed over the network.

  • Page 140: Telnet Setting Commands

    5. Enhanced Network Security Click [Configuration], and then click [IPsec] under "Security". The IPsec settings page appears. Select [Active] for "Encryption Key Manual Settings". Click [Edit] under "Encryption Key Manual Settings". Set items for encryption key manual settings in "Settings 1". If you want to make multiple settings, select the settings number and add settings.
  • Page 141 Transmission Using IPsec • Displays IPsec settings information in portions. ipsec manual mode To display or specify encryption key manual settings, use the "ipsec manual_mode" command. Display current settings msh> ipsec manual_mode • Displays the current encryption key manual settings. Specify encryption key manual settings msh>...
  • Page 142 5. Enhanced Network Security Specify the local/remote address for settings 1-4 msh> ipsec manual {1|2|3|4} {ipv4|ipv6} local address remote address • Enter the separate setting number [1-4] or [default] and specify the local address and remote address. • To specify the local or remote address value, specify masklen by entering [/] and an integer 0-32 if you are specifying an IPv4 address.
  • Page 143 Transmission Using IPsec Authentication algorithm and authentication key settings msh> ipsec manual {1|2|3|4|default} auth {hmac-md5|hmac-sha1} authentication key • Enter the separate setting number [1-4] or [default] and specify the authentication algorithm, and then set the authentication key. • If you are setting a hexadecimal number, attach 0x at the beginning. •...
  • Page 144 5. Enhanced Network Security Specify the local/remote address for settings 1-4 msh> ipsec manual {1|2|3|4} {ipv4|ipv6} local address remote address • Enter the separate setting number [1-4], and the address type to specify local and remote address. • To set the local or remote address values, specify masklen by entering [/] and an integer 0-32 when settings an IPv4 address.
  • Page 145 Transmission Using IPsec • If you have set the address type in the default setting to [any], you cannot use [tunnel] in encapsulation mode. • Not specifying an encapsulation mode displays the current setting. Tunnel end point setting msh> ipsec ike {1|2|3|4|default} tunneladdar beginning IP address ending IP address •...
  • Page 146 5. Enhanced Network Security ISAKMP SA (phase 1) Diffie-Hellman group setting msh> ipsec ike {1|2|3|4|default} ph1 dhgroup {1|2|14} • Enter the separate setting number [1-4] or [default] and specify the ISAKMP SA (phase 1) Diffie- Hellman group number. • Specify the group number to be used. •...
  • Page 147 Transmission Using IPsec • Enter the separate setting number [1-4] or [default] and specify the IPsec SA (phase 2) validity period. • Enter the validity period (in seconds) from 300 to 172800. • Not specifying a validity period displays the current setting. Reset setting values msh>...
  • Page 148 5. Enhanced Network Security...

  • Page 149: Specifying The Extended Security Functions

    6. Specifying the Extended Security Functions This chapter describes the machine's extended security features and how to specify them. Specifying the Extended Security Functions In addition to providing basic security through user authentication and administrator specified access limits on the machine, security can also be increased by encrypting transmitted data and data in the Address Book.
  • Page 150 6. Specifying the Extended Security Functions Press [System Settings]. Press [Administrator Tools]. Press [Extended Security].

  • Page 151: Settings

    Specifying the Extended Security Functions Press the setting you want to change, and change the setting. Press [OK]. Press the [User Tools/Counter] key. Settings Default settings are shown in bold type. Encrypt Address Book This can be specified by the user administrator. Encrypt the data in the machine's Address Book. For details on protecting data in the Address Book, see "Protecting the Address Book".
  • Page 152 6. Specifying the Extended Security Functions The locked files can only be unlocked by the file administrator. When "Enhance File Protection" is specified, ( ) appears in the lower right corner of the screen. When files are locked, you cannot select them even if the correct password is entered. •...
  • Page 153 Specifying the Extended Security Functions This setting lets you specify [Complexity Setting] and [Minimum Character No.] for the password. By making this setting, you can limit the available passwords to only those that meet the conditions specified in [Complexity Setting] and [Minimum Character No.]. If you select [Level 1], specify the password using a combination of two types of characters selected from upper-case letters, lower-case letters, decimal numbers, and symbols such as #.
  • Page 154 6. Specifying the Extended Security Functions • p.74 "Protecting the Address Book" • p.118 "Setting the SSL / TLS Encryption Mode"...

  • Page 155: Other Security Functions

    Other Security Functions Other Security Functions This section explains settings for preventing information leaks, and functions that you can restrict to further increase security. Weekly Timer Code If the power is turned off when Weekly Timer Mode is set, the Weekly Timer Code settings must be enabled and you must enter a code before you can turn the power back on.
  • Page 156 6. Specifying the Extended Security Functions Press [Weekly Timer Code]. Press [On]. Canceling Weekly Timer Code This can be specified by the machine administrator. Press the [User Tools/Counter] key. Press [System Settings].
  • Page 157 Other Security Functions Press [Timer Settings]. Press [Weekly Timer Code]. Press [Off].

  • Page 158: Limiting Machine Operation To Customers Only

    6. Specifying the Extended Security Functions Limiting Machine Operation to Customers Only The machine can be set so that operation is impossible without administrator authentication. The machine can be set to prohibit operation without administrator authentication and also prohibit remote registration in the Address Book by a service representative.
  • Page 159 Limiting Machine Operation to Customers Only Press [Administrator Tools]. Press [Service Mode Lock]. Press [On], and then press [OK]. A confirmation message appears. Press [Yes]. Press the [User Tools/Counter] key. • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication"...

  • Page 160: Canceling Service Mode Lock

    6. Specifying the Extended Security Functions Canceling Service Mode Lock For a service representative to carry out inspection or repair in service mode, the machine administrator must log on to the machine and cancel the service mode lock. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication".
  • Page 161 Limiting Machine Operation to Customers Only Press the [User Tools/Counter] key. The service representative can switch to service mode. • p.33 "Logging on Using Administrator Authentication" • p.34 "Logging off Using Administrator Authentication"...
  • Page 162 6. Specifying the Extended Security Functions...

  • Page 163: Troubleshooting

    7. Troubleshooting This chapter describes what to do if the machine does not function properly. Authentication Does Not Work Properly This section explains what to do if a user cannot operate the machine because of a problem related to user authentication.

  • Page 164: An Error Code Appears

    7. Troubleshooting Messages Cause Solutions "Authentication has failed." The entered login user name or Ask the user administrator for the login password is incorrect. correct login user name and login password. See the error codes below for possible solutions: B,W,L,I 0104-000 B,W,L,I 0206-003 W,L,I 0406-003 "Authentication has failed."...
  • Page 165 Authentication Does Not Work Properly Error Code Display Position BBD007S 1. error code An error code appears. Basic Authentication Error Code Cause Solution 1. A password error occurred. Make sure the password is entered correctly. 2. "Restrict Use of Simple Encryption"...
  • Page 166 7. Troubleshooting Error Code Cause Solution Recreate the account if the account name contains any of An authentication error these prohibited characters. occurred because the user B0206-003 name contains a space, colon If the account name was (:), or quotation mark ("). entered incorrectly, enter it correctly and log in again.
  • Page 167 Authentication Does Not Work Properly Error Code Cause Solution The user attempted Only the administrator has authentication from an login privileges on this screen. application on the "System W0206-002 Settings" screen, where only Log in as a general user from the administrator has the application's login screen.
  • Page 168 7. Troubleshooting Error Code Cause Solution Make sure that the user is registered on the server. 2. A login name or password W0406-104 error occurred. Use a registered login user name and password. Make sure that the Windows 3. A domain name error W0406-104 authentication domain name is occurred.
  • Page 169 Authentication Does Not Work Properly Error Code Cause Solution Authentication is unsuccessful: 1. Make sure that Restrict LM/ NTLM is not set in either "Domain Controller Security Policy" or "Domain Security Policy". Authentication is rejected because NTLMv2 is not supported. 2.
  • Page 170 7. Troubleshooting Error Code Cause Solution 1. Kerberos authentication settings are not correctly configured. Make sure the realm name, KDC (Key Distribution Center) name and corresponding domain name are specified correctly. 2. The KDC and machine timing do not match. Authentication will fail if the difference between the KDC and machine timing is more...
  • Page 171 Authentication Does Not Work Properly Error Code Cause Solution The user group cannot be obtained if the UserPrincipleName 1. The UserPrincipleName (user@domainname.xxx.com) (user@domainname.xxx.com) form is used. W0400-105 form is being used for the login Use "sAMAccountName user name. (user)" to log in, because this account allows you to obtain the user group.
  • Page 172 7. Troubleshooting Error Code Cause Solution 1. The SSL settings on the Make sure the SSL settings on W0400-202 authentication server and the the authentication server and machine do not match. the machine match. If a user enters sAMAccountName as the login 2.
  • Page 173 Authentication Does Not Work Properly Error Code Cause Solution Authentication failed because no more users can be Ask the user administrator to W0612-005 registered. (The number of delete unused user accounts in users registered in the Address the Address Book. Book has reached capacity.) An authentication error occurred because the Address...
  • Page 174 7. Troubleshooting Error Code Cause Solution Recreate the account if the account name contains any of An authentication error these prohibited characters. occurred because the user L0206-003 name contains a space, colon If the account name was (:), or quotation mark ("). entered incorrectly, enter it correctly and log in again.
  • Page 175 Authentication Does Not Work Properly Error Code Cause Solution 1. Make sure that a connection test is successful with the current LDAP server configuration. If connection is not successful, there might be an error in the network settings. Check the domain name or DNS settings in "Interface 1.
  • Page 176 7. Troubleshooting Error Code Cause Solution 1. Authentication will fail if the password is left blank in simple authentication mode. To allow blank passwords, contact your service representative. 2. In simple authentication mode, the DN of the login user L0406-202 3.
  • Page 177 Authentication Does Not Work Properly Error Code Cause Solution The login attribute's search criteria might not be specified or the specified search Failed to obtain user L0400-210 information is unobtainable. information in LDAP search. Make sure the login name attribute is specified correctly. Recreate the account if the account name contains any of An authentication error...

  • Page 178: Machine Cannot Be Operated

    7. Troubleshooting Error Code Cause Solution Authentication failed because no more users can be Ask the user administrator to L0612-005 registered. (The number of delete unused user accounts in users registered in the Address the Address Book. Book has reached capacity.) An authentication error occurred because the Address Wait a few minutes and then try...
  • Page 179 Authentication Does Not Work Properly Condition Cause Solution User authentication is enabled, User authentication may have Re-enable user authentication, yet stored files do not appear. been disabled while [All Users] is and then enable [All Users] for not specified. the files that did not appear. For details about enabling [All Users], see "Specifying Access Permission for Stored Files".
  • Page 180 7. Troubleshooting...

  • Page 181: Appendix

    8. Appendix Supervisor Operations The supervisor can delete an administrator's password and specify a new one. If any of the administrators forget their passwords or if any of the administrators change, the supervisor can assign a new password. If logged on using the supervisor's user name and password, you cannot use normal functions or specify defaults.
  • Page 182 8. Appendix Press the [Login/Logout] key. BTD008S Press [Login]. Enter a login user name, and then press [OK]. When you assign the administrator for the first time, enter "supervisor".

  • Page 183: Logging Off As The Supervisor

    Supervisor Operations Enter a login password, and then press [OK]. The message, "Authenticating... Please wait." appears. Logging off as the Supervisor If administrator authentication has been specified, be sure to log off after completing settings. This section describes how to log off after completing settings. Press the [Login/Logout] key.
  • Page 184 8. Appendix Press [System Settings]. Press [Administrator Tools]. Press [Program / Change Administrator]. Under "Supervisor", press [Change].

  • Page 185: Resetting An Administrator's Password

    Supervisor Operations Press [Change] for the login user name. Enter the login user name, and then press [OK]. Press [Change] for the login password. Enter the login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK] twice.
  • Page 186 8. Appendix Press [Program / Change Administrator]. Press [Change] for the administrator you wish to reset. Press [Change] for the login password. Enter the login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK] twice.

  • Page 187: Machine Administrator Settings

    Machine Administrator Settings Machine Administrator Settings The machine administrator settings that can be specified are as follows: System Settings The following settings can be specified. General Features All the settings can be specified. Tray Paper Settings All the settings can be specified. Timer Settings All the settings can be specified.
  • Page 188 8. Appendix • POP3 / IMAP4 Settings Server Name Encryption Connection Test • Administrator's E-mail Address Administrator Tools • Display / Print Counter Print Counter List • Display / Clear / Print Counter per User Display Print Counter per User Print Counter per User •...

  • Page 189: Maintenance

    Machine Administrator Settings Connection Test Search Conditions Search Options • LDAP Search • Program / Change / Delete Realm • AOF (Always On) • Service Mode Lock • Auto Erase Memory Setting *1 • Erase All Memory *1 • Delete All Logs •...

  • Page 190: Settings Via Web Image Monitor

    8. Appendix Adjust Colour Image All the settings can be specified. Administrator Tools All the settings can be specified. Settings via Web Image Monitor The following settings can be specified. Top Page • Reset Device Device Settings • System Function Reset Timer Permit Firmware Update Permit Firmware Structure Change Display IP Address on Device Display Panel...
  • Page 191 Machine Administrator Settings • Auto E-mail Notification All the settings can be specified. • On-demand E-mail Notification All the settings can be specified. • File Transfer All the settings can be specified. • User Authentication Management All the settings can be specified. •...

  • Page 192: Network Administrator Settings

    8. Appendix Network Administrator Settings The network administrator settings that can be specified are as follows: System Settings The following settings can be specified. Interface Settings If DHCP is set to On, the settings that are automatically obtained via DHCP cannot be specified. •...
  • Page 193 Network Administrator Settings Device Settings • System Device Name Comment Location • E-mail Reception SMTP E-mail Communication Port • Auto E-mail Notification Select groups to notify • Administrator Authentication Management Network Administrator Authentication Available Settings for Network Administrator • Program/Change Administrator You can specify the following administrator settings for the machine administrator.
  • Page 194 8. Appendix All the settings can be specified. Security • Network Security All the settings can be specified. • Access Control All the settings can be specified. • SSL/TLS All the settings can be specified. • ssh All the settings can be specified. •...

  • Page 195: File Administrator Settings

    File Administrator Settings File Administrator Settings The file administrator settings that can be specified are as follows: System Settings The following settings can be specified. Interface Setting • DNS Configuration Connection Test Administrator Tools • Administrator Authentication Management File Management •...
  • Page 196 8. Appendix Login Password Change Encryption Password Webpage • Download Help File...

  • Page 197: User Administrator Settings

    User Administrator Settings User Administrator Settings The user administrator settings that can be specified are as follows: System Settings The following settings can be specified. Administrator Tools • Address Book Management • Address Book: Edit Title • Address Book: Switch Title •...
  • Page 198 8. Appendix The user administrator settings that can be specified are as follows: Login User Name Login Password Change Encryption Password Webpage • Download Help File...

  • Page 199: Document Server File Permissions

    Document Server File Permissions Document Server File Permissions The authorities for using the files stored in Document Server are as follows. The authority designations in the list indicate users with the following authorities. • Read-only This is a user assigned "Read-only" authority. •...
  • Page 200 8. Appendix Full File Settings Read-only Edit Edit / Delete Owner Control Admin. Unlocking Files *1 This setting can be specified by the owner.

  • Page 201: The Privilege For User Account Settings In The Address Book

    The Privilege for User Account Settings in the Address Book The Privilege for User Account Settings in the Address Book The authorities for using the Address Book are as follows: The authority designations in the list indicate users with the following authorities. •...
  • Page 202 8. Appendix Read-only Edit Edit / Delete Full Register User Settings Control ed User Admin. (User) (User) (User) Available Functions *1 You can only enter the password.

  • Page 203: User Settings - Control Panel Settings

    User Settings - Control Panel Settings User Settings - Control Panel Settings This section displays the user settings that can be specified on the machine when user authentication is specified. Settings that can be specified by the user vary according to the menu protect level and available settings specifications.

  • Page 204: Copier / Document Server Features

    8. Appendix Copier / Document Server Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available.
  • Page 205 Copier / Document Server Features Settings Level 1 Level 2 Customize Function: Document Server Print Reproduction Ratio Settings Level 1 Level 2 Shortcut Reduce/Enlarge Reproduction Ratio Reduce/Enlarge Ratio Priority Ratio for Create Margin Edit Settings Level 1 Level 2 Front Margin: Left / Right Back Margin: Left / Right Front Margin: Top / Bottom Back Margin: Top / Bottom...
  • Page 206 8. Appendix Settings Level 1 Level 2 Double Copies Separation Line Separation Line in Combine Copy Back Cover Stamp Background Numbering Settings Level 1 Level 2 Size Density Stamp Colour Preset Stamp Settings Level 1 Level 2 Stamp Language Stamp Priority Stamp Colour: COPY Stamp Colour: URGENT Stamp Colour: PRIORITY...
  • Page 207 Copier / Document Server Features Settings Level 1 Level 2 Stamp Format: For Your Info. *1 Stamp Format: PRELIMINARY*1 Stamp Format: For Internal Use Only*1 Stamp Format: CONFIDENTIAL*1 Stamp Format: DRAFT*1 *1 The print position can be adjusted but not specified. User Stamp Settings Level 1...
  • Page 208 8. Appendix Settings Level 1 Level 2 Stamp Setting*1 *1 The print position can be adjusted but not specified. Page Numbering Settings Level 1 Level 2 Stamp Format Font Size Duplex Back Page Stamping Position Page Numbering in Combine Stamp on Designating Slip Sheet Stamp Position: P1, P2...*1 Stamp Position: 1/5, 2/5...*1 Stamp Position: -1-, -2-...*1...
  • Page 209 Copier / Document Server Features Settings Level 1 Level 2 Superimpose Stamp Colour Stamp Setting Input / Output Settings Level 1 Level 2 Switch to Batch SADF Auto Reset Rotate Sort: Auto Paper Continue Copy Eject Face Method in Glass Mode Copy Eject Face Method in Bypass Mode Memory Full Auto Scan Restart Insert Separation Sheet...

  • Page 210: System Settings

    8. Appendix System Settings The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not Available Settings has been specified. •...
  • Page 211 System Settings Tray Paper Settings Settings Paper Tray Priority: Copier Tray Paper Size: Tray 1-3 Paper Type: Bypass Tray Paper Type: Tray 1-3 Paper Type: LCT Front Cover Sheet Tray Back Cover Sheet Tray Slip Sheet Tray Designation Sheet 1 Tray Designation Sheet 2 Tray Separation Sheet Tray Timer Settings...
  • Page 212 8. Appendix Settings Weekly Timer Code: Tuesday Weekly Timer Code: Wednesday Weekly Timer Code: Thursday Weekly Timer Code: Friday Weekly Timer Code: Saturday Weekly Timer Code: Sunday Interface Settings Interface Settings Settings Print List Network Settings Machine IPv4 Address *1 IPv4 Gateway Address Machine IPv6 Address *1 IPv6 Gateway Address...
  • Page 213 System Settings Settings NW Frame Type SMB Computer Name SMB Work Group Ethernet Speed Ping Command Permit SNMPv3 Communication Permit SSL / TLS Communication Host Name Machine Name *1 If you select [Auto-Obtain (DHCP)], you can only read the setting. File Transfer Settings SMTP Server...
  • Page 214 8. Appendix Administrator Tools Settings Address Book Management Address Book: Edit Title Address Book: Switch Title Display Print Counter Display / Clear Print Counter per User User Authentication Management Administrator Authentication Management Program / Change Administrator Extended Security Auto Delete File in Document Server Delete All Files in Document Server Capture Priority *4 Capture: Delete All Unsent Files *4...
  • Page 215 System Settings *2 Only the password can be specified. *3 The DataOverwriteSecurity Unit option must be installed. *4 The File Format Converter option must be installed. *5 The HDD Encryption Unit option must be installed.

  • Page 216: User Settings - Web Image Monitor Settings

    8. Appendix User Settings - Web Image Monitor Settings This section displays the user settings that can be specified on Web Image Monitor when user authentication is specified. Settings that can be specified by the user vary according to the menu protect level and available settings specifications.

  • Page 217: Device Settings

    Device Settings Device Settings The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not [Available Settings] has been specified. •...
  • Page 218 8. Appendix Settings Cover Sheet Tray : Display Time Slip Sheet Tray : Tray to set Slip Sheet Tray : Apply Duplex Slip Sheet Tray : Display Time Designation Sheet 1 Tray : Tray to set Designation Sheet 1 Tray : Apply Duplex Designation Sheet 1 Tray : Display Time Designation Sheet 2 Tray : Tray to set Designation Sheet 2 Tray : Apply Duplex...
  • Page 219 Device Settings Settings Tray3 : Paper Size Tray3 : Custom Paper Size Tray3 : Paper Type Tray3 : Paper Thickness Tray3 : Apply Auto Paper Select Tray3 : Apply Duplex Tray4 : Paper Size Tray4 : Custom Paper Size Tray4 : Paper Type Tray4 : Paper Thickness Tray4 : Apply Auto Paper Select Tray4 : Apply Duplex...
  • Page 220 8. Appendix Settings SNTP Server Address SNTP Polling Interval Time Zone Timer Settings Auto Off Timer Energy Saver Timer Panel Off Timer System Auto Reset Timer Copier/Document Server Auto Reset Timer Auto Logout Timer Weekly Timer Code Weekly Timer: Monday Weekly Timer: Tuesday Weekly Timer: Wednesday Weekly Timer: Thursday...
  • Page 221 Device Settings Settings Access Log Collect Level Transfer Logs Encrypt Logs Delete All Logs E-mail Settings Administrator E-mail Address Reception Protocol E-mail Reception Interval Max. Reception E-mail Size E-mail Storage in Server SMTP Server Name SMTP Port No. SMTP Authentication SMTP Auth.
  • Page 222 8. Appendix Settings POP3/IMAP4 Encryption POP3 Reception Port No. IMAP4 Reception Port No. E-mail Notification E-mail Address Receive E-mail Notification E-mail Notification User Name E-mail Notification Password Auto E-mail Notification Settings Notification Message Groups to Notify : Address List Call Service Out of Toner Toner Almost Empty Paper Misfeed...
  • Page 223 Device Settings Settings Add Staples Service Call Successful Hole Punch Receptacle is Full File Storage Memory Full Soon Waste Staple Receptacle is Full Log Error Device Access Violation Document Server Memory Full Detailed Settings of Each Item On-demand E-mail Notification Settings Notification Subject Notification Message...
  • Page 224 8. Appendix Settings Windows Authentication SSL Windows Authentication Kerberos Authentication Windows Authentication Domain Name Windows Authentication Realm Name Windows Authentication Group Settings for Windows Authentication LDAP Authentication LDAP Authentication LDAP Authentication Login Name Attribute LDAP Authentication Unique Attribute LDAP Authentication Available Function Administrator Authentication Management Settings User Administrator Authentication...
  • Page 225 Device Settings Settings Program/Change/Delete...

  • Page 226: Interface

    8. Appendix Interface The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not "Available Settings" has been specified. •...

  • Page 227: Network

    Network Network The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not "Available Settings" has been specified. •...
  • Page 228 8. Appendix IPv6 Settings IPv6 Address Host Name Domain Name Link-local Address Stateless Address Manual Configuration Address DCHPv6-lite DDNS Default Gateway Address DNS Server Settings Protocol Workgroup Name Computer Name Comment Share Name Notify Print Completion Bonjour Settings Bonjour Local Hostname...
  • Page 229 Network Settings Computer Name Location Webpage Settings Language 1 Language 2 URL 1 URL 2 Set Help URL Target Download Help Page...

  • Page 230: Functions That Require Options

    8. Appendix Functions That Require Options The following functions require certain options and additional functions. • Hard Disk overwrite erase function DataOverwriteSecurity Unit • Hard disk data encryption function HDD Encryption Unit...
  • Page 231 INDEX Encryption Key Manual Settings Configuration Flow..............Access Control............. Encryption Key Manual Settings Items....Access Permission..........Encryption Technology..........Address Book Privileges........Enhance File Protection........Administrator............Erase All Memory..........Administrator Authentication....10, 20, 25 Error Code............Administrator Privileges......... Error Message............. AH Protocol............ESP Protocol............
  • Page 232 Network Security Level........User Settings - Control Panel Settings....User Settings - Web Image Monitor Settings..................Operational Issues..........Owner..............Weekly Timer Code..........Windows Authentication........Password for Stored Files........Windows Authentication Operational Requirements for Kerberos authentication... Password Policy........... Windows Authentication Operational Printing the Encryption Key........
  • Page 233 MEMO...
  • Page 234 MEMO D0797508...
  • Page 235 Trademarks Microsoft , Windows , Windows Server , and Windows Vista are either registered trademarks or trademarks of ® ® ® ® Microsoft Corporation in the United States and/or other countries. Adobe, Acrobat, Acrobat Reader, and Reader are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.
  • Page 236 Type for Pro C550EX Type for Pro C700EX D079-7508...

This manual is also suitable for:

Pro c700ex

Table of Contents