Hold All Jobs
System Administrator login is required when accessing the security features via the Web User Interface (Web UI) or
when implementing the guidelines and recommendations specified in this document. To log in to the Web UI as an
authenticated System Administrator, follow the instructions under "Accessing CentreWare Information Services as a
System Administrator" under "Accessing Administration and Configuration Settings" in Section 2 of the applicable
System Administration Guide (SAG)
To log in to the Local User Interface (denoted hereafter in this document as the Control Panel) as an authenticated
System Administrator, follow "Accessing the Control Panel as a System Administrator" under "Accessing Administration
and Configuration Settings" in Section 2 of the SAG.
Follow the instructions located in Chapter 4, Security, in the SAG to set up the security functions listed in Item a above.
Note that whenever the SAG requires that the System Administrator provide an IPv4 address, IPv6 address or port
number the values should be those that pertain to the particular device being configured.
In setting up the device to be in the evaluated configuration, perform the following
1. Administrator Password:
i. Change the Administrator password upon installation. Reset the Administrator password periodically.
Set the Administrator password to a minimum length of eight alphanumeric characters.
Change the Administrator password once a month and
Ensure that all passwords are strong passwords (e.g., passwords use a combination of alphanumeric and
non-alphanumeric characters; passwords don't use common names or phrases, etc.).
To change the Administrator password from the Web UI, follow the instructions under "Changing the System
Administrator Password" in Section 2 of the SAG.
To change the Administrator password from the Control Panel, follow the instructions under "Changing the
System Administrator Password at the Control Panel" in Section 2 of the SAG.
Disable the Admin Password Reset security feature so it is not used. To disable this feature, perform the
At the Web UI select the Properties tab.
Select the following entries from the Properties 'Content menu': Security
Select the [Disable Password Reset] option and then select the [Apply] button to save the option entered.
Establish local authentication at the device by following the "Configuring Local Authentication Settings"
instructions in Section 4 of the SAG.
Set up unique user accounts with appropriate privileges on the device for all users who require access to the
device by following the "User Database" instructions in Section 4 of the SAG.
Establish network (remote) authentication access to network accounts by following the "Configuring Network
Authentication Settings" instructions in Section 4 of the SAG to set up an Authentication Server.
In the evaluated configuration the only allowable Authentication Types are Kerberos (Solaris), Kerberos
(Windows) or LDAP.
When configuring network authentication using LDAP/LDAPS enable SSL by following the instructions in Step
3 for "Configuring LDAP Server Optional Information" under "LDAP" in Section 3 of the SAG, making sure that
Enable SSL (Secure Socket Layer) under SSL is selected.
Establish user authentication via a Smart Card by following either the "Configuring Smart Card Authentication
Settings" instructions in Section 4 of the SAG or the "Software Configuration" instructions starting on page 18
of the Smart Card Installation and Configuration Guide
5845 / 5855 / 5865 / 5875 / 5890 System Administrator Guide, Version 1.0: February 2013; Xerox
7225 System Administrator Guide, Version 1.0: April 2013; Xerox
February 2013; Xerox
The instructions for setting up the device in the Evaluated Configuration assume that the System Administrator has been successfully
authenticated as a System Administrator at either the Control Panel or Web UI following the instructions in section I.a of this document..
9301 / 9302 / 9303 Xerox ConnectKey Controller System Administrator Guide, Version 1.0: February 2013.
7800 Series System Administrator Guide, Version 1.0: