Aficio C6055 Operating Instructions Manual

Security reference

Table of Contents

Quick Links

Download this manual

Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information

in "About This Machine" before using the machine.

Getting Started

Authentication and its Application

Ensuring Information Security

Managing Access to the Machine

Enhanced Network Security

Specifying the Extended Security Functions

Troubleshooting

Appendix

Operating Instructions

Security Reference

Table of Contents

Summary of Contents for Aficio C6055

Page 1: Operating Instructions
Operating Instructions Security Reference Getting Started Authentication and its Application Ensuring Information Security Managing Access to the Machine Enhanced Network Security Specifying the Extended Security Functions Troubleshooting Appendix Read this manual carefully before you use this machine and keep it handy for future reference. For safe and correct use, be sure to read the Safety Information in "About This Machine"...
Page 2 Introduction This manual contains detailed instructions and notes on the operation and use of this machine. For your safety and benefit, read this manual carefully before using the machine. Keep this manual in a handy place for quick reference. Important Contents of this manual are subject to change without prior notice.
Page 3: Manuals For This Machine
Manuals for This Machine Refer to the manuals that are relevant to what you want to do with the machine. • Media differ according to manual. • The printed and electronic versions of a manual have the same contents. • Adobe Acrobat Reader/Adobe Reader must be installed in order to view the manuals as PDF files. •...
Page 4 General Settings Guide Explains User Tools settings, and Address Book procedures such as registering fax numbers, e-mail addresses, and user codes. Also refer to this manual for explanations on how to connect the machine. Security Reference This manual is for administrators of the machine. It explains security functions that you can use to prevent unauthorized use of the machine, data tampering, or information leakage.
Page 5: Table Of Contents
TABLE OF CONTENTS Manuals for This Machine..........................1 How to Read This Manual..........................9 Symbols................................9 IP Address...............................9 1. Getting Started Enhanced Security............................11 Glossary...............................11 Setting Up the Machine..........................12 Security Measures Provided by this Machine....................15 Using Authentication and Managing Users....................15 Ensuring Information Security........................15 Limiting and Controlling Access........................17 Enhanced Network Security........................18 2.
Page 6 Specifying Basic Authentication........................46 Authentication Information Stored in the Address Book................50 Specifying Login User Name and Login Password...................50 Specifying Authentication Information to Log on..................52 Windows Authentication..........................56 Specifying Windows Authentication......................57 LDAP Authentication............................69 Specifying LDAP Authentication.........................70 Integration Server Authentication........................79 Specifying Integration Server Authentication....................79 Printer Job Authentication..........................88 If User Authentication is Specified........................91 User Code Authentication (Using the Control Panel)................91...
Page 7 Changing Passwords of Locked Print Files....................112 Unlocking Locked Print Files........................114 Specifying Access Permission for Stored Files.....................116 Assigning Users and Access Permission for Stored Files................116 Specifying Access Privileges for Files Stored using the Scanner and Fax Functions......119 Assigning the User and the Access Permission for the User's Stored Files..........123 Specifying Passwords for Stored Files.....................126 Unlocking Files............................127 Preventing Data Leaks Due to Unauthorized Transmission................130...
Page 8 Preventing Unauthorized Access........................181 Access Control............................181 Enabling/Disabling Protocols........................182 Specifying Network Security Level......................190 Encrypting Transmitted Passwords.......................194 Driver Encryption Key..........................194 Group Password for PDF files........................196 IPP Authentication Password........................197 Protection Using Encryption..........................199 SSL (Secure Sockets Layer) Encryption....................199 User Settings for SSL (Secure Sockets Layer)..................204 Setting the SSL / TLS Encryption Mode....................204 SNMPv3 Encryption..........................206 Transmission Using IPsec..........................209...
Page 9 Specifying Service Mode Lock Preparation....................244 Canceling Service Mode Lock.........................246 7. Troubleshooting Authentication Does Not Work Properly.....................249 A Message Appears..........................249 An Error Code Appears..........................251 Machine Cannot Be Operated........................266 8. Appendix Supervisor Operations..........................271 Logging on as the Supervisor........................271 Logging off as the Supervisor........................273 Changing the Supervisor..........................273 Resetting an Administrator's Password....................275 Machine Administrator Settings........................277...
Page 10 User Administrator Settings...........................295 System Settings............................295 Settings via Web Image Monitor......................295 Settings via SmartDeviceMonitor for Admin...................296 Document Server File Permissions........................297 The Privilege for User Account Settings in the Address Book..............299 User Settings - Control Panel Settings......................302 Copier / Document Server Features......................303 Printer Functions.............................309 Printer Features...............................310 Scanner Features............................314...
Page 11: How To Read This Manual
How to Read This Manual Symbols This manual uses the following symbols: Indicates important safety notes. Ignoring these notes could result in serious injury or death. Be sure to read these notes. They can be found in the "Safety Information" section of About This Machine. Indicates important safety notes.
Page 13: Getting Started
1. Getting Started This chapter describes the machine's security features and how to specify initial security settings. Enhanced Security This machine's security functions can be enhanced by managing the machine and its users using the improved authentication functions. By specifying access limits for the machine's functions and the documents and data stored in the machine, information leaks and unauthorized access can be prevented.
Page 14: Setting Up The Machine
1. Getting Started File Creator (Owner) This is a user who can store files in the machine and authorize other users to view, edit, or delete those files. Registered User Users with personal information registered in the Address Book who have a login password and user name.
Page 15 Enhanced Security Press [System Settings]. Press [Interface Settings]. Specify the IPv4 Address. For details on how to specify the IPv4 address, see "Interface Settings", General Settings Guide. Connect the machine to the network. Start Web Image Monitor, and then log on to the machine as the administrator. For details about logging on to Web Image Monitor as an administrator, see "Using Web Image Monitor".
Page 16 1. Getting Started • p.38 "Using Web Image Monitor" • p.199 "Protection Using Encryption" • p.30 "Registering the Administrator"...
Page 17: Security Measures Provided By This Machine
Security Measures Provided by this Machine Security Measures Provided by this Machine Using Authentication and Managing Users Enabling Authentication To control administrators' and users' access to the machine, perform administrator authentication and user authentication using login user names and login passwords. To perform authentication, the authentication function must be enabled.
Page 18 1. Getting Started Printing confidential files Using the printer's Locked Print, you can store files in the machine as confidential files and then print them. You can print a file using the machine's control panel and collect it on the spot to prevent others from seeing it.
Page 19: Limiting And Controlling Access
Security Measures Provided by this Machine Overwriting the Data on the Hard Disk Before disposing of the machine, make sure all data on the hard disk is deleted. Prevent data leakage by automatically deleting transmitted printer jobs from the memory. To overwrite the hard disk data, the optional DataOverwriteSecurity Unit is required.
Page 20: Enhanced Network Security
1. Getting Started • p.167 "Preventing Modification of Machine Settings" • p.174 "Limiting Available Functions" Enhanced Network Security Preventing Unauthorized Access You can limit IP addresses or disable ports to prevent unauthorized access over the network and protect the Address Book, stored files, and default settings. For details about preventing unauthorized access, see "Preventing Unauthorized Access".
Page 21: Authentication And Its Application
2. Authentication and its Application This chapter describes how to register the administrator and specify the authentication methods. How to log on and log off once authentication is enabled is also described here. Administrators and Users When controlling access using the authentication method specified by an administrator, select the machine's administrator, enable the authentication function, and then use the machine.
Page 22: User
2. Authentication and its Application If any of the users forget their password, the user administrator can delete it and create a new one, allowing the user to access the machine again. For instructions on registering the user administrator, see "Registering the Administrator". Machine Administrator This is the administrator who mainly manages the machine's default settings.
Page 23 Administrators and Users For details about registering users in the Address Book, see "Administrator Tools", General Settings Guide, SmartDeviceMonitor for Admin Help, or Web Image Monitor Help.
Page 24: The Management Function
2. Authentication and its Application The Management Function The machine has an authentication function requiring a login user name and login password. By using the authentication function, you can specify access limits for individual users and groups of users. Using access limits, you can not only limit the machine's available functions but also protect the machine settings and files and data stored in the machine.
Page 25: About User Authentication
The Management Function 1. User Administrator This administrator manages personal information in the Address Book. You can register/delete users in the Address Book or change users' personal information. 2. Machine Administrator This administrator manages the machine's default settings. It is possible to enable only the machine administrator to set data security for copying, log deletion and other defaults.
Page 26 2. Authentication and its Application BBC004S 1. User A user performs normal operations on the machine, such as copying and printing. 2. Group A group performs normal operations on the machine, such as copying and printing. 3. Unauthorized User 4. Authentication Using a login user name and password, user authentication is performed.
Page 27: Enabling Authentication
Enabling Authentication Enabling Authentication To control administrators' and users' access to the machine, perform administrator or user authentication using login user names and passwords. To perform authentication, the authentication function must be enabled. To specify authentication, you need to register administrators. To perform Basic Authentication, Windows Authentication, LDAP Authentication, or Integration Server Authentication, the optional printer function must be installed.
Page 28 2. Authentication and its Application • To specify Basic Authentication, Windows Authentication, LDAP Authentication, or Integration Server Authentication, you must first specify administrator authentication. • You can specify User Code Authentication without specifying administrator authentication. • p.27 "Administrator Authentication" • p.40 "User Authentication" •...
Page 29: Administrator Authentication
Administrator Authentication Administrator Authentication Administrators are handled differently from the users registered in the Address Book. When registering an administrator, you cannot use a login user name already registered in the Address Book. Windows Authentication, LDAP Authentication and Integration Server Authentication are not performed for an administrator, so an administrator can log on even if the server is unreachable due to a network problem.
Page 30 2. Authentication and its Application Press [System Settings]. Press [Administrator Tools]. Press [Administrator Authentication Management]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
Page 31 Administrator Authentication Press [User Management], [Machine Management], [Network Management], or [File Management] key to select which settings to manage. Set "Admin. Authentication" to [On]. "Available Settings" appears. Select the settings to manage from "Available Settings". The selected settings will be unavailable to users. "Available Settings"...
Page 32: Registering The Administrator
2. Authentication and its Application • p.271 "Supervisor Operations" • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication" • p.167 "Managing Access to the Machine" Registering the Administrator If administrator authentication has been specified, we recommend only one person take each administrator role.
Page 33 Administrator Authentication Press [System Settings]. Press [Administrator Tools]. Press [Program / Change Administrator].
Page 34 2. Authentication and its Application In the line for the administrator whose authority you want to specify, press [Administrator 1], [Administrator 2], [Administrator 3] or [Administrator 4], and then press [Change]. If you allocate each administrator's authority to a different person, the screen appears as follows: Press [Change] for the login user name.
Page 35 Administrator Authentication Enter the login user name, and then press [OK]. Press [Change] for the login password. Enter the login password, and then press [OK]. Follow the password policy to make the login password more secure. For details about the password policy and how to specify it, see "Specifying the Extended Security Functions".
Page 36 2. Authentication and its Application Press [Change] for the encryption password. Enter the encryption password, and then press [OK]. If a password reentry screen appears, enter the encryption password, and then press [OK]. Press [OK] twice. You will be logged off. Press the [User Tools/Counter] key.
Page 37: Logging On Using Administrator Authentication
Administrator Authentication Logging on Using Administrator Authentication If administrator authentication has been specified, log on using an administrator's user name and password. This section describes how to log on. Press the [Login/Logout] key. The message, "Press [Login], then enter the login user name and login password." appears. Press [Login].
Page 38: Logging Off Using Administrator Authentication
2. Authentication and its Application Enter the login password, and then press [OK]. "Authenticating... Please wait." appears, followed by the screen for specifying the default. • If user authentication has already been specified, a screen for authentication appears. • To log on as an administrator, enter the administrator's login user name and login password. •...
Page 39: Changing The Administrator
Administrator Authentication Changing the Administrator Change the administrator's login user name and login password. You can also assign administrator authority to the login user names [Administrator 1] to [Administrator 4]. To combine the authorities of multiple administrators, assign multiple administrators to a single administrator. For example, to assign machine administrator authority and user administrator authority to [Administrator 1], press [Administrator 1] in the lines for the machine administrator and the user administrator.
Page 40: Using Web Image Monitor
2. Authentication and its Application Press [Program / Change Administrator]. In the line for the administrator you want to change, press [Administrator 1], [Administrator 2], [Administrator 3] or [Administrator 4], and then press [Change]. Press [Change] for the setting you want to change, and re-enter the setting. Press [OK].
Page 41 Administrator Authentication Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is "192.168.001.010", you must enter it as "192.168.1.10" to connect to the machine. The top page of Web Image Monitor appears.
Page 42: User Authentication
2. Authentication and its Application User Authentication There are five types of user authentication methods: User Code authentication, Basic authentication, Windows authentication, LDAP authentication, and Integration Server authentication. To use user authentication, select an authentication method on the control panel, and then make the required settings for the authentication.
Page 43: User Code Authentication
User Code Authentication User Code Authentication This is an authentication method for limiting access to functions according to a user code. The same user code can be used by more than one user. For details about specifying user codes, see "Authentication Information", General Settings Guide.
Page 44 2. Authentication and its Application Press [User Authentication Management]. Select [User Code Auth.]. If you do not want to use user authentication management, select [Off]. Select which of the machine's functions you want to limit. The selected settings will be unavailable to users. For details about limiting available functions for individuals or groups, see "Limiting Available Functions".
Page 45 User Code Authentication Select the "Printer Job Authentication" level. If you select [Entire] or [Simple (All)], proceed to "Selecting Entire or Simple (All)". If you select [Simple (Limitation)], proceed to "Selecting Simple (Limitation)". For a description of the printer job authentication levels, see "Printer Job Authentication". •...
Page 46 2. Authentication and its Application authentication is not required. Specify this setting if you want to print using unauthenticated printer drivers or without any printer driver. Authentication is required for printing with non-specified devices. If you select [Simple (Limitation)], you can print even with unauthenticated printer drivers or devices. Specify this setting if you want to print with a printer driver or device that cannot be identified by the machine or if you do not require authentication for printing.
Page 47 User Code Authentication Press [OK]. Press [Exit]. Press the [User Tools/Counter] key.
Page 48: Basic Authentication
2. Authentication and its Application Basic Authentication Specify this authentication method when using the machine's Address Book to authenticate each user. Using Basic authentication, you can not only manage the machine's available functions but also limit access to stored files and to the personal data in the Address Book. Under Basic authentication, the administrator must specify the functions available to each user registered in the Address Book.
Page 49 Basic Authentication Press [User Authentication Management]. Select [Basic Auth.]. If you do not want to use user authentication management, select [Off]. Select which of the machine's functions you want to permit. Basic Authentication will be applied to the selected functions. Users can use the selected functions only.
Page 50 2. Authentication and its Application Select the "Printer Job Authentication" level. If you select [Entire] or [Simple (All)], proceed to "Selecting Entire or Simple (All)". If you select [Simple (Limitation)], proceed to "Selecting Simple (Limitation)". For a description of the printer job authentication levels, see "Printer Job Authentication". •...
Page 51 Basic Authentication Selecting Simple (Limitation) If you select [Simple (Limitation)], you can specify clients for which printer job authentication is not required. Specify [Parallel Interface: Simple], [USB: Simple] and the clients' IPv4 address range in which printer job authentication is not required. Specify this setting if you want to print using unauthenticated printer drivers or without any printer driver.
Page 52: Authentication Information Stored In The Address Book
2. Authentication and its Application You can specify the IPv4 address range to which this setting is applied, and whether or not to apply the setting to the parallel and USB interfaces. Press [Exit]. Press [OK]. Press [Exit]. Press the [User Tools/Counter] key. Authentication Information Stored in the Address Book This can be specified by the user administrator.
Page 53 Basic Authentication Press [Address Book Management]. Select the user or group. Press [Auth. Info].
Page 54: Specifying Authentication Information To Log On
2. Authentication and its Application Press [Change] for "Login User Name". Enter a login user name, and then press [OK]. Press [Change] for "Login Password". Enter a login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK].
Page 55 Basic Authentication • When using [Use Auth. Info at Login] for "SMTP Authentication", "Folder Authentication", or "LDAP Authentication", a user name other than "other", "admin", "supervisor" or "HIDE***" must be specified. The symbol "***" represents any character. • To use [Use Auth. Info at Login] for "SMTP authentication", a login password up to 128 characters in length must be specified.
Page 56 2. Authentication and its Application Select the user or group. Press [Auth. Info]. Select [Use Auth. Info at Login] in "SMTP Authentication". If the setting to be specified does not appear, press [ Next] to scroll down to other settings. For folder authentication, select [Use Auth.
Page 57 Basic Authentication • p.50 "Specifying Login User Name and Login Password"...
Page 58: Windows Authentication
2. Authentication and its Application Windows Authentication Specify this authentication when using the Windows domain controller to authenticate users who have their accounts on the directory server. Users cannot be authenticated if they do not have their accounts in the directory server.
Page 59: Specifying Windows Authentication
Windows Authentication • If you have created a new user in the domain controller and selected "User must change password at next logon", log on to the machine from the computer to change the password before logging on from the machine's control panel. •...
Page 60 2. Authentication and its Application Press [Administrator Tools]. Press [User Authentication Management]. Select [Windows Auth.]. If you do not want to use user authentication management, select [Off].
Page 61 Windows Authentication If you want to use Kerberos authentication, press [On]. If you want to use NTLM authentication, press [Off] and proceed to step 8. Select a Kerberos authentication realm and proceed to step 9. To enable Kerberos authentication, a realm must be registered beforehand. The realm name must be registered in capital letters.
Page 62 2. Authentication and its Application Select the "Printer Job Authentication" level. If you select [Entire] or [Simple (All)], proceed to "Selecting Entire or Simple (All)". If you select [Simple (Limitation)], proceed to "Selecting Simple (Limitation)". For a description of the printer job authentication levels, see "Printer Job Authentication". •...
Page 63 Windows Authentication Press [On] for "Use Secure Connection (SSL)". If you are not using secure sockets layer (SSL) for authentication, press [Off]. If global groups have been registered under Windows server, you can limit the use of functions for each global group. You need to create global groups in the Windows server in advance and register in each group the users to be authenticated.
Page 64 2. Authentication and its Application Under "Group Name", press [Change], and then enter the group name. Press [OK]. Select which of the machine's functions you want to permit. Windows Authentication will be applied to the selected functions. Users can use the selected functions only. For details about specifying available functions for individuals or groups, see "Limiting Available Functions".
Page 65 Windows Authentication Selecting Simple (Limitation) If you select [Simple (Limitation)], you can specify clients for which printer job authentication is not required. Specify [Parallel Interface: Simple], [USB: Simple] and the clients' IPv4 address range in which printer job authentication is not required. Specify this setting if you want to print using unauthenticated printer drivers or without any printer driver.
Page 66 2. Authentication and its Application You can specify the IPv4 address range to which this setting is applied, and whether or not to apply the setting to the parallel and USB interfaces. Press [Exit]. Press [On] for "Use Secure Connection (SSL)". If you are not using secure sockets layer (SSL) for authentication, press [Off].
Page 67 Windows Authentication Under "Group Name", press [Change], and then enter the group name. Press [OK]. Select which of the machine's functions you want to permit. Windows Authentication will be applied to the selected functions. Users can use the selected functions only. For details about specifying available functions for individuals or groups, see "Limiting Available Functions".
Page 68 2. Authentication and its Application Installing Internet Information Services (IIS) and Certificate services Specify this setting if you want the machine to automatically obtain e-mail addresses registered in Active Directory. We recommended you install Internet Information Services (IIS) and Certificate services as the Windows components.
Page 69 Windows Authentication Check the specified data, which appears as "Request File Summary", and then click [Next]. The server certificate is created. If the fax number cannot be obtained If the fax number cannot be obtained during authentication, specify the setting as follows: Start C:\WINNT\SYSTEM32\adminpak.
Page 70 2. Authentication and its Application Click [Install]. Enter the contents of the device certificate. In the "Certificate Request" box, enter the contents of the device certificate received from the certificate authority. Click [OK]. "Installed" appears under "Certificate Status" to show that a device certificate for the machine has been installed.
Page 71: Ldap Authentication
LDAP Authentication LDAP Authentication Specify this authentication method when using the LDAP server to authenticate users who have their accounts on the LDAP server. Users cannot be authenticated if they do not have their accounts on the LDAP server. The Address Book stored in the LDAP server can be registered to the machine, enabling user authentication without first using the machine to register individual settings in the Address Book.
Page 72: Specifying Ldap Authentication
2. Authentication and its Application • User Name You do not have to enter the user name if the LDAP server supports "Anonymous Authentication". • Password You do not have to enter the password if the LDAP server supports "Anonymous Authentication".
Page 73 LDAP Authentication Press [System Settings]. Press [Administrator Tools]. Press [User Authentication Management].
Page 74 2. Authentication and its Application Select [LDAP Auth.]. If you do not want to use user authentication management, select [Off]. Select the LDAP server to be used for LDAP authentication. Select the "Printer Job Authentication" level. You can specify the IPv4 address range to which this setting is applied, and whether or not to apply the setting to the parallel and USB interfaces.
Page 75 LDAP Authentication • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication" • p.73 "Selecting Entire or Simple (All)" • p.75 "Selecting Simple (Limitation)" • p.88 "Printer Job Authentication" Selecting Entire or Simple (All) If you select [Entire], you cannot print using a printer driver or a device that does not support authentication. To print under an environment that does not support authentication, select [Simple (All)] or [Simple (Limitation)].
Page 76 2. Authentication and its Application Press [Change] for "Login Name Attribute". Enter the login name attribute, and then press [OK]. Use the Login Name Attribute as a search criterion to obtain information about an authenticated user. You can create a search filter based on the Login Name Attribute, select a user, and then retrieve the user information from the LDAP server so it is transferred to the machine's Address Book.
Page 77 LDAP Authentication Press [Change] for "Unique Attribute". Enter the unique attribute and then press [OK]. Specify Unique Attribute on the machine to match the user information in the LDAP server with that in the machine. By doing this, if the Unique Attribute of a user registered in the LDAP server matches that of a user registered in the machine, the two instances are treated as referring to the same user.
Page 78 2. Authentication and its Application you do not require authentication for printing. However, note that, because the machine does not require authentication in this case, it may be used by unauthorized users. Press [Simple (Limitation)]. Press [Change]. Specify the range in which [Simple (Limitation)] is applied to "Printer Job Authentication". You can specify the IPv4 address range to which this setting is applied, and whether or not to apply the setting to the parallel and USB interfaces.
Page 79 LDAP Authentication Select which of the machine's functions you want to permit. LDAP Authentication will be applied to the selected functions. Users can use the selected functions only. For details about specifying available functions for individuals or groups, see "Limiting Available Functions".
Page 80 2. Authentication and its Application Press [Change] for "Unique Attribute". Enter the unique attribute and then press [OK]. Specify Unique Attribute on the machine to match the user information in the LDAP server with that in the machine. By doing this, if the Unique Attribute of a user registered in the LDAP server matches that of a user registered in the machine, the two instances are treated as referring to the same user.
Page 81: Integration Server Authentication
Integration Server Authentication Integration Server Authentication To use Integration Server authentication, you need a server on which ScanRouter software that supports authentication is installed. For external authentication, the Integration Server authentication collectively authenticates users accessing the server over the network, providing a server-independent, centralized user authentication system that is safe and convenient.
Page 82 2. Authentication and its Application Press [System Settings]. Press [Administrator Tools]. Press [User Authentication Management]. Select [Integration Svr. Auth.]. If you do not want to use User Authentication Management, select [Off].
Page 83 Integration Server Authentication Press [Change] for "Server Name". Specify the name of the server for external authentication. Enter the server name, and then press [OK]. Enter the IPv4 address or host name. In "Authentication Type", select the authentication system for external authentication. Select an available authentication system.
Page 84 2. Authentication and its Application Press [Change] for "Domain Name". Enter the domain name, and then press [OK]. You cannot specify a domain name under an authentication system that does not support domain login.
Page 85 Integration Server Authentication Press [Obtain URL]. The machine obtains the URL of the server specified in "Server Name". If the setting to be specified does not appear, press [ Next] to scroll down to other settings. If "Server Name" or the setting for enabling SSL is changed after obtaining the URL, the URL is "Not Obtained".
Page 86 2. Authentication and its Application Under "Group Name", press [Change], and then enter the group name. Press [OK]. Select which of the machine's functions you want to permit. Authentication will be applied to the selected functions. Users can use the selected functions only. For details about specifying available functions for individuals or groups, see "Limiting Available Functions".
Page 87 Integration Server Authentication For a description of the printer job authentication levels, see "Printer Job Authentication". • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication" • p.174 "Limiting Available Functions" • p.85 "Selecting Entire or Simple (All)" •...
Page 88 2. Authentication and its Application If you select [Simple (Limitation)], you can print even with unauthenticated printer drivers or devices. Specify this setting if you want to print with a printer driver or device that cannot be identified by the machine or if you do not require authentication for printing.
Page 89 Integration Server Authentication Press [On] for "Use Secure Connection (SSL)", and then press [OK]. To not use secure sockets layer (SSL) for authentication, press [Off]. Press the [User Tools/Counter] key.
Page 90: Printer Job Authentication
2. Authentication and its Application Printer Job Authentication This section explains Printer Job Authentication. Printer Job Authentication Levels and Printer Job Types This section explains the relationship between printer job authentication levels and printer job types. Depending on the combination of printer job authentication level and printer job type, the machine may not print properly.
Page 91 Printer Job Authentication Printer Jobs: Job Reset Settings: Disabled • [Simple (All)] The machine authenticates printer jobs and remote settings that have authentication information, and cancels the jobs and settings that fail authentication. Printer jobs and settings without authentication information are performed without being authenticated.
Page 92 2. Authentication and its Application 7. A PDF file is printed via ftp. Personal authentication is performed using the user ID and password used for logging on via ftp. However, the user ID and password are not encrypted. • p.233 "Specifying the Extended Security Functions"...
Page 93: If User Authentication Is Specified
If User Authentication is Specified If User Authentication is Specified When user authentication (User Code Authentication, Basic Authentication, Windows Authentication, LDAP Authentication, or Integration Server Authentication) is set, the authentication screen is displayed. Unless a valid user name and password are entered, operations are not possible with the machine. Log on to operate the machine, and log off when you are finished operations.
Page 94: User Code Authentication (Using A Printer Driver)
2. Authentication and its Application User Code Authentication (Using a Printer Driver) When User Code authentication is set, you can specify a user code in printer properties on the printer driver. For details, see the printer driver Help. Login (Using the Control Panel) Use the following procedure to log in when Basic Authentication, Windows Authentication, LDAP Authentication, or Integration Server Authentication is enabled.
Page 95: Log Off (Using The Control Panel)
If User Authentication is Specified Enter the login user name, and then press [OK]. Enter the login password, and then press [OK]. The message, "Authenticating... Please wait." appears. Log Off (Using the Control Panel) Follow the procedure below to log off when Basic Authentication, Windows Authentication, or LDAP Authentication is set.
Page 96: Login (Using A Printer Driver)
2. Authentication and its Application Press [Yes]. • You can log off using the following procedures also. • Press the [Power] key. • Press the [Energy Saver] key. Login (Using a Printer Driver) When Basic Authentication, Windows Authentication, or LDAP Authentication is set, make encryption settings in printer properties on the printer driver, and then specify a login user name and password.
Page 97: User Lockout Function
If User Authentication is Specified • Delete the cache memory in the Web Image Monitor after logging off. User Lockout Function If an incorrect password is entered several times, the User Lockout function prevents further login attempts under the same user name. Even if the locked out user enters the correct password later, authentication will fail and the machine cannot be used until the lockout period elapses or an administrator or supervisor disables the lockout.
Page 98 2. Authentication and its Application Locked out User Unlocking administrator user administrator, network administrator, file administrator, supervisor machine administrator supervisor machine administrator Specifying the User Lockout Function This can be specified by the machine administrator using Web Image Monitor. Open a Web browser. Enter "http://(the machine's IP address or host name)/"...
Page 99: Auto Logout
If User Authentication is Specified Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is "192.168.001.010", you must enter it as "192.168.1.10" to connect to the machine. The top page of Web Image Monitor appears.
Page 100 2. Authentication and its Application Press [Timer Settings]. Press [Auto Logout Timer]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select [On]. If you do not want to specify [Auto Logout Timer], select [Off].
Page 101 If User Authentication is Specified Enter "60" to "999" (seconds) using the number keys, and then press [ ]. Press the [User Tools/Counter] key.
Page 102: Authentication Using An External Device
2. Authentication and its Application Authentication Using an External Device To authenticate using an external device, see the device manual. For details, contact your sales representative.
Page 103: Ensuring Information Security
3. Ensuring Information Security This chapter describes how to protect data that is stored on the machine and transmitted information from unauthorized viewing and modification. Preventing Unauthorized Copying In Printer Features, using the printer driver, you can embed a pattern in the printed copy to discourage or prevent unauthorized copying.
Page 104: Data Security For Copying
3. Ensuring Information Security If the document is copied, scanned, or stored in the Document Server by a copier or multifunction printer, the embedded pattern appears clearly on the copy, discouraging unauthorized copying. To use the printer function when User Authentication is enabled, you must enter the login user name and password for the printer driver.
Page 105 Preventing Unauthorized Copying confidential information from being copied. Also if a document with embedded pattern is detected, the machine beeps. An unauthorized copy log is also stored. To gray out copies of data security for copying documents when they are copied or stored in the Document Server, the optional Copy Data Security Unit must be installed in the machine.
Page 106: Printing Limitations
3. Ensuring Information Security • If misdetection occurs, contact your service representative. • If a document with embedded pattern for data security for copying is copied, scanned, or stored in the Document Server using a copier or multi-function printer without the Copy Data Security Unit, the embedded pattern appears clearly on the copy.
Page 107: Printing With Unauthorized Copy Prevention And Data Security For Copying
Preventing Unauthorized Copying Printing with Unauthorized Copy Prevention and Data Security for Copying This section describes Printing with Unauthorized Copy Prevention and Data Security for Copying. Specifying Printer Settings for Unauthorized Copy Prevention (Printer Driver Setting) Using the printer driver, specify the printer settings for unauthorized copy prevention. To use the printer function when User Authentication is enabled, you must enter the login user name and password for the printer driver.
Page 108 3. Ensuring Information Security For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication". To use this function, the Copy Data Security Unit must be installed. If a printed document is copied or stored in the Document Server, the copy is grayed out. •...
Page 109 Preventing Unauthorized Copying If the setting you want to specify does not appear, press [ Next] to scroll down to other settings. Press [On]. If you do not want to specify "Data Security for Copying", select [Off]. Press [OK]. Press [Exit]. Press the [User Tools/Counter] key.
Page 110: Printing A Confidential Document
3. Ensuring Information Security Printing a Confidential Document Depending on the location of the machine, it is difficult to prevent unauthorized persons from viewing prints lying in the machine's output trays. When printing confidential documents, use the Locked Print function. Locked Print •...
Page 111: Printing A Locked Print File
Printing a Confidential Document Printing a Locked Print File To print a Locked Print file, you must be at the machine and print the file using the control panel. To print Locked Print files, the password is required. If you do not enter the correct password, you cannot print the files.
Page 112: Deleting Locked Print Files
3. Ensuring Information Security Press [Print]. Enter the password for the stored file, and then press [OK]. Enter the password specified in step 4 of "Specifying a Locked Print File". Press [Yes]. • p.91 "If User Authentication is Specified" Deleting Locked Print Files This can be specified by the file creator (owner).
Page 113 Printing a Confidential Document Press [Print Jobs]. Press [Locked Print Job List]. Select the file. Press [Delete]. The password entry screen does not appear if the file administrator is logged in.
Page 114: Changing Passwords Of Locked Print Files
3. Ensuring Information Security Enter the password of the Locked Print file, and then press [OK]. Press [Yes]. • Locked Print files can also be deleted by the file administrator. Changing Passwords of Locked Print Files This can be specified by the file creator (owner) or file administrator. If the password has been forgotten, the file administrator changes the password to restore access.
Page 115 Printing a Confidential Document Press [Locked Print Job List]. Select the file. Press [Change Password]. Enter the password for the stored file, and then press [OK]. The password entry screen does not appear if the file administrator is logged in.
Page 116: Unlocking Locked Print Files
3. Ensuring Information Security Enter the new password for the stored file, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Unlocking Locked Print Files If you specify [On] for "Enhance File Protection", the file will be locked and become inaccessible if an invalid password is entered ten times.
Page 117 Printing a Confidential Document Press [Locked Print Job List]. Select the file. Press [Unlock File]. Press [Yes]. • You can use the same procedure to unlock stored print files also. • p.233 "Specifying the Extended Security Functions" • p.35 "Logging on Using Administrator Authentication" •...
Page 118: Specifying Access Permission For Stored Files
3. Ensuring Information Security Specifying Access Permission for Stored Files This section describes Specifying Access Permission for Stored Files. You can specify who is allowed to access stored scan files and files stored in the Document Server. This can prevent activities such as printing or sending of stored files by unauthorized users. You can also specify which users can change or delete stored files.
Page 119 Specifying Access Permission for Stored Files Specify the users and their access permissions for each stored file. By making this setting, only users granted access permission can access stored files. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication".
Page 120 3. Ensuring Information Security Press [Change Access Priv.]. Press [Program/Change/Delete]. Press [New Program]. Select the users or groups you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit].
Page 121: Specifying Access Privileges For Files Stored Using The Scanner And Fax Functions
Specifying Access Permission for Stored Files Select the user who you want to assign access permission to, and then select the permission. Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control]. Press [Exit]. Press [OK]. • p.35 "Logging on Using Administrator Authentication" •...
Page 122 3. Ensuring Information Security Press [Access Privileges]. Press [New Program]. Select the users or groups you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit]. Select the user who you want to assign access permission to, and then select the permission.
Page 123 Specifying Access Permission for Stored Files Press [Select Stored File]. Select the file. Press [Manage / Delete File]. Press [Change Access Priv.].
Page 124 3. Ensuring Information Security Press [Program/Change/Delete]. Press [New Program]. Select the users or groups you want to assign permission to. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit]. Select the user who you want to assign access permission to, and then select the permission. Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].
Page 125: Assigning The User And The Access Permission For The User's Stored Files
Specifying Access Permission for Stored Files Assigning the User and the Access Permission for the User's Stored Files This can be specified by the file creator (owner) or user administrator. Specify the users and their access permission to files stored by a particular user. Only those users granted access permission can access stored files.
Page 126 3. Ensuring Information Security Press [Address Book Management]. Select the user or group. Press [Protection].
Page 127 Specifying Access Permission for Stored Files Under "Protect File(s)", press [Program/Change/Delete] for "Permissions for Users/ Groups". If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [New Program]. Select the users or groups to register. You can select more than one user.
Page 128: Specifying Passwords For Stored Files
3. Ensuring Information Security Press [OK]. Press [Exit]. Press the [User Tools/Counter] key. • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication" Specifying Passwords for Stored Files This can be specified by the file creator (owner) or file administrator. Specify passwords for stored files.
Page 129: Unlocking Files
Specifying Access Permission for Stored Files Press [Change Password]. Enter the password using the number keys. You can use 4 to 8 numbers as the password for the stored file. Press [OK]. Confirm the password by re-entering it using the number keys. Press [OK].
Page 130 3. Ensuring Information Security Only the file administrator can unlock files. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication". Press the [Document Server] key. Select the file. Press [File Management].
Page 131 Specifying Access Permission for Stored Files • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication"...
Page 132: Preventing Data Leaks Due To Unauthorized Transmission
3. Ensuring Information Security Preventing Data Leaks Due to Unauthorized Transmission This section describes Preventing Data Leaks Due to Unauthorized Transmission. If user authentication is specified, the user who has logged on will be designated as the sender to prevent data from being sent by an unauthorized person masquerading as the user.
Page 133 Preventing Data Leaks Due to Unauthorized Transmission Press [System Settings]. Press [Administrator Tools]. Press [Extended Security]. Press [On] for "Restrict Use of Destinations". If "Restrict Use of Destinations" is set to [On], "Restrict Adding of User Destinations" does not appear.
Page 134 3. Ensuring Information Security Press [OK]. Press the [User Tools/Counter] key. • p.233 "Specifying the Extended Security Functions" • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication"...
Page 135: Using S/Mime To Protect Email Transmission
Using S/MIME to Protect Email Transmission Using S/MIME to Protect Email Transmission By registering a user certificate in the Address Book, you can send e-mail that is encrypted with a public key which prevents its content from being altered during transmission. You can also prevent sender impersonation (spoofing) by installing a device certificate on the machine, and attaching an electronic signature created with a private key.
Page 136 3. Ensuring Information Security 4. Using the shared key, encrypt the e-mail message. 5. The shared key is encrypted using the user's public key. 6. The encrypted e-mail is sent. 7. The receiver decrypts the shared key using a secret key that corresponds to the public key. 8.
Page 137: Attaching An Electronic Signature
Using S/MIME to Protect Email Transmission Open a Web browser. Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is "192.168.001.010", you must enter it as "192.168.1.10" to connect to the machine. The top page of Web Image Monitor appears.
Page 138 3. Ensuring Information Security 3. Make electronic signature settings. Make settings for the electronic signature using Web Image Monitor. Configuration flow (certificate issued by a certificate authority) 1. Create the device certificate. Create the device certificate using Web Image Monitor. The application procedure for a created certificate depends on the certificate authority.
Page 139 Using S/MIME to Protect Email Transmission Click [OK]. A security warning dialog box appears. Check the details, and then click [OK]. "Installed" appears under Certificate Status to show that a device certificate for the printer has been installed. Click [Logout]. •...
Page 140 3. Ensuring Information Security For application details, click the Web Image Monitor Details icon and use the information shown in "Certificate Details". • The issuing location may not be displayed if you request two certificates at the same time. When you install a certificate, be sure to check the certificate destination and installation procedure.
Page 141 Using S/MIME to Protect Email Transmission Selecting the Device certificate This can be specified by the network administrator. Select the device certificate to be used for S/MIME using Web Image Monitor. Open a Web browser. Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros.
Page 142 3. Ensuring Information Security Click [Configuration], and then click [S/MIME] under "Security". The S/MIME settings page appears. Select the digest algorithm to be used in the electronic signature next to "Digest Algorithm" under "Signature". Select the method for attaching the electronic signature when sending e-mail from the scanner next to "When Sending E-mail by Scanner"...
Page 143: Protecting The Address Book
Protecting the Address Book Protecting the Address Book If user authentication is specified, the user who has logged on will be designated as the sender to prevent data from being sent by an unauthorized person masquerading as the user. To protect the data from unauthorized reading, you can also encrypt the data in the Address Book. Address Book Access Permission This can be specified by the registered user.
Page 144 3. Ensuring Information Security Press [Address Book Management]. Select the user or group. Press [Protection]. Press [Program/Change/Delete] for "Permissions for Users/Groups" under "Protect Destination".
Page 145 Protecting the Address Book Press [New Program]. Select the users or groups to register. You can select more than one user. By pressing [All Users], you can select all the users. Press [Exit]. Select the user who you want to assign access permission to, and then select the permission. Select the permission, from [Read-only], [Edit], [Edit / Delete], or [Full Control].
Page 146: Encrypting Data In The Address Book
3. Ensuring Information Security Press the [User Tools/Counter] key. • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication" Encrypting Data in the Address Book This can be specified by the user administrator. You can encrypt the data in the Address Book using the extended security function, "Encrypt Address Book". For details about this and other extended security functions, see "Specifying the Extended Security Functions".
Page 147 Protecting the Address Book Press [Extended Security]. Press [On] for "Encrypt Address Book". Press [Change] for "Encryption Key". Enter the encryption key, and then press [OK]. Enter the encryption key using up to 32 alphanumeric characters. Press [Encrypt / Decrypt]. Press [Yes].
Page 148 3. Ensuring Information Security Normally, once encryption is complete, [Exit] appears. If you press [Stop] during encryption, the data is not encrypted. If you press [Stop] during decryption, the data stays encrypted. Press [Exit]. Press [OK]. Press the [User Tools/Counter] key. •...
Page 149: Encrypting Data On The Hard Disk
Encrypting Data on the Hard Disk Encrypting Data on the Hard Disk This can be specified by the machine administrator. In order to use this function, the HDD Encryption Unit option is required. Prevent information leakage by encrypting the Address Book, authentication information, and stored documents as the data is written.
Page 150 3. Ensuring Information Security Press the [User Tools/Counter] key. Press [System Settings]. Press [Administrator Tools]. Press [Machine Data Encryption Settings]. If the setting to be specified does not appear, press [ Next].
Page 151 Encrypting Data on the Hard Disk Press [Encrypt]. Select the data to be carried over to the hard disk and not be reset. To carry all of the data over to the hard disk, select [All Data]. To carry over only the machine settings data, select [File System Data Only].
Page 152: Printing The Encryption Key
3. Ensuring Information Security Press [OK]. Press [Exit]. Press [Exit]. Press the [User Tools/Counter] key. Turn off the power and the main power switch, and then turn the main power switch back For details about turning off the power, see "Turning On the Power", About This Machine. Printing the Encryption Key Use the following procedure to print the key again if it has been lost or misplaced.
Page 153 Encrypting Data on the Hard Disk Press [Administrator Tools]. Press [Machine Data Encryption Settings]. Press [Print Encryption Key]. The encryption key for retrieving backup data is printed.
Page 154: Updating The Encryption Key
3. Ensuring Information Security Press the [Start] key. Press [Exit]. Updating the Encryption Key You can update the encryption key and create a new key. Updates are possible when the machine is functioning normally. • The encryption key is required for recovery if the machine malfunctions. Be sure to store the encryption key safely for retrieving back-up data.
Page 155 Encrypting Data on the Hard Disk Press [Administrator Tools]. Press [Machine Data Encryption Settings]. Press [Update Encryption Key]. Select the data to be carried over to the hard disk and not be reset. To carry all of the data over to the hard disk, select [All Data]. To carry over only the machine settings data, select [File System Data Only].
Page 156: Canceling Data Encryption
3. Ensuring Information Security Press the [Start] key. The encryption key for retrieving the backup data is printed. Press [OK]. Press [Exit]. Press [Exit]. Press the [User Tools/Counter] key. Turn off the power and the main power switch, and then turn the main power switch back For details about turning off the power, see "Turning On the Power", About This Machine.
Page 157 Encrypting Data on the Hard Disk • After completing this procedure on the machine's control panel, turn off the power and restart the machine to enable the new settings. Restarting can be slow when there is data to be carried over to the hard disk.
Page 158 3. Ensuring Information Security Press [Cancel Encryption]. Select the data to be carried over to the hard disk and not be reset. To carry all of the data over to the hard disk, select [All Data]. To carry over only the machine settings data, select [File System Data Only].
Page 159: Deleting Data On The Hard Disk
Deleting Data on the Hard Disk Deleting Data on the Hard Disk This can be specified by the machine administrator. To use this function, the optional DataOverwriteSecurity Unit must be installed. The machine's hard disk stores all document data from the copier, printer, fax, and scanner functions. It also stores the data of users' document boxes and code counters, and the Address Book.
Page 160: Auto Erase Memory Setting
3. Ensuring Information Security Clear This icon is lit when there is no temporary data to be overwritten. • Depending on the amount of data and the erasure method, full erasure might take several hours. • Once in progress, the Erase All Memory function can be paused, but not stopped. No other operations are possible until all data is erased.
Page 161 Deleting Data on the Hard Disk Press [System Settings]. Press [Administrator Tools]. Press [Auto Erase Memory Setting]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
Page 162 3. Ensuring Information Security Press [On]. Press [Change]. Enter the number of times that you want to overwrite using the number keys, and then press [ ]. Press [OK]. Auto Erase Memory is set. • p.35 "Logging on Using Administrator Authentication" •...
Page 163 Deleting Data on the Hard Disk Canceling Auto Erase Memory Follow steps 1 to 4 in "Auto Erase Memory Setting". Press [Off]. Press [OK]. Auto Erase Memory is disabled. To set Auto Erase Memory to [On] again, repeat the procedure in "Auto Erase Memory Setting". Types of Data that Can or Cannot Be Overwritten The following table shows the types of data that can or cannot be overwritten by "Auto Erase Memory".
Page 164: Erase All Memory
3. Ensuring Information Security Data not overwritten by Auto Erase Memory Documents stored by the user in the Document Server using the Copier, Printer or Scanner functions Information registered in the Address Book *5 Counters stored under each user code Image overlay data *6 *1 A Sample Print, Locked Print, or Stored Print job can only be overwritten after printing is completed.
Page 165 Deleting Data on the Hard Disk Press [System Settings]. Press [Administrator Tools]. Press [Erase All Memory]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
Page 166 3. Ensuring Information Security Press [Change]. Enter the number of times that you want to overwrite using the number keys, and then press [ ]. Press [Erase]. Press [Yes]. When overwriting is completed, press [Exit], and then turn off the power. Before turning the power off, see "Turning On the Power", About This Machine.
Page 167 Deleting Data on the Hard Disk Turn off the main power. Before turning the power off, see "Turning On the Power", About This Machine. • To resume overwriting, turn on the main power.
Page 168 3. Ensuring Information Security...
Page 169: Managing Access To The Machine
4. Managing Access to the Machine This chapter describes how to prevent unauthorized access to and modification of the machine's settings. Preventing Modification of Machine Settings This section describes Preventing Modification of Machine Settings. The administrator type determines which machine settings can be modified. Users cannot change the administrator settings.
Page 170 4. Managing Access to the Machine For a list of settings that users can specify according to the Menu Protect level, see "User Settings - Control Panel Settings", "User Settings - Web Image Monitor Settings". • p.19 "Administrators and Users" •...
Page 171: Menu Protect
Menu Protect Menu Protect The administrator can also limit users' access permission to the machine's settings. The machine's [System Settings] menu and the printer's regular menus can be locked so they cannot be changed. This function is also effective when management is not based on user authentication. For a list of settings that users can specify according to the Menu Protect level, see "User Settings - Control Panel Settings", "User Settings - Web Image Monitor Settings".
Page 172 4. Managing Access to the Machine Press [Administrator Tools]. Press [Menu Protect]. Select the menu protect level, and then press [OK]. Press the [User Tools/Counter] key. Fax Functions To specify [Menu Protect] in [Facsimile Features], set [Machine Management] to [On] in [Administrator Authentication Management] in [Administrator Tools] in [System Settings].
Page 173 Menu Protect Select the menu protect level, and then press [OK]. Press the [User Tools/Counter] key. Printer Functions To specify [Menu Protect] in [Printer Features], set [Machine Management] to [On] in [Administrator Authentication Management] in [Administrator Tools] in [System Settings]. Press the [User Tools/Counter] key.
Page 174 4. Managing Access to the Machine Select the menu protect level, and then press [OK]. Press the [User Tools/Counter] key. Scanner Functions To specify [Menu Protect] in [Scanner Features], set [Machine Management] to [On] in [Administrator Authentication Management] in [Administrator Tools] in [System Settings]. Press the [User Tools/Counter] key.
Page 175 Menu Protect Select the menu protect level, and then press [OK]. Press the [User Tools/Counter] key.
Page 176: Limiting Available Functions
4. Managing Access to the Machine Limiting Available Functions To prevent unauthorized operation, you can specify who is allowed to access each of the machine's functions. Available Functions Specify the available functions from the copier, Document Server, fax, scanner, and printer functions. [Full Colour / Two Colour / Single Colour / Black &...
Page 177 Limiting Available Functions Press [Administrator Tools]. Press [Address Book Management]. Select the user.
Page 178 4. Managing Access to the Machine Press [Auth. Info]. In "Available Functions", select the functions you want to specify. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Press [OK]. Press [Exit]. Press the [User Tools/Counter] key.
Page 179: Managing Log Files
Managing Log Files Managing Log Files 1. Log information To view the log, Web SmartDeviceMonitor Professional IS/Standard is required. The following log information is stored in the machine's memory and on its hard disk: • Job log Stores information about workflow related to user files, such as copying, printing, fax delivery, and scan file delivery.
Page 180: Transfer Log Setting
4. Managing Access to the Machine Press [System Settings]. Press [Administrator Tools]. Press [Delete All Logs]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings. A confirmation message appears. Press [Yes]. Press [Exit].
Page 181 Managing Log Files Press the [User Tools/Counter] key. Press [System Settings]. Press [Administrator Tools]. Press [Transfer Log Setting]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
Page 182 4. Managing Access to the Machine Press [Off]. Press [OK]. Press the [User Tools/Counter] key. • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication"...
Page 183: Enhanced Network Security
5. Enhanced Network Security This chapter describes how to increase security over the network using the machine's functions. Preventing Unauthorized Access You can limit IP addresses, disable ports and protocols, or use Web Image Monitor to specify the network security level to prevent unauthorized access over the network and protect the Address Book, stored files, and default settings.
Page 184: Enabling/Disabling Protocols
5. Enhanced Network Security Click [OK]. Access control is set. Click [Logout]. Enabling/Disabling Protocols This can be specified by the network administrator. Specify whether to enable or disable the function for each protocol. By making this setting, you can specify which protocols are available and so prevent unauthorized access over the network.
Page 185 Preventing Unauthorized Access Protocol Port Setting Method Disabled Condition Functions that require FTP cannot be used. • Web Image Monitor You can restrict • telnet personal information • SmartDeviceMonitor TCP:21 from being displayed by for Admin making settings on the •...
Page 186 5. Enhanced Network Security Protocol Port Setting Method Disabled Condition You can also make settings to require SSL transmission and restrict the use of other transmission methods using the control panel or Web Image Monitor. • Control Panel • Web Image Monitor •...
Page 187 Preventing Unauthorized Access Protocol Port Setting Method Disabled Condition using the control panel, Web Image Monitor, or telnet. Functions that require RSH and network TWAIN functions • Web Image Monitor cannot be used. • telnet You can restrict • SmartDeviceMonitor RSH/RCP TCP:514 personal information...
Page 188 5. Enhanced Network Security Protocol Port Setting Method Disabled Condition Device discovery using • Web Image Monitor SSDP UDP:1900 UPnP from Windows • telnet cannot be used. • Web Image Monitor • telnet Bonjour functions • SmartDeviceMonitor Bonjour UDP:5353 cannot be used. for Admin •...
Page 189 Preventing Unauthorized Access Protocol Port Setting Method Disabled Condition • SmartDeviceMonitor for Admin • Web SmartDeviceMonitor • Web Image Monitor • telnet TCP:53001 WS-Printer functions • SmartDeviceMonitor WS-Printer cannot be used. (variable) for Admin • Web SmartDeviceMonitor • Web Image Monitor •...
Page 190 5. Enhanced Network Security Press [System Settings]. Press [Interface Settings]. Press [Effective Protocol].
Page 191 Preventing Unauthorized Access Press [Inactive] for the protocol you want to disable. Press [OK]. Press the [User Tools/Counter] key. • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication" Making Settings Using Web Image Monitor Open a Web browser. Enter "http://(the machine's IP address or host name)/"...
Page 192: Specifying Network Security Level
5. Enhanced Network Security Specifying Network Security Level This can be specified by the network administrator. This setting lets you change the security level to limit unauthorized access. You can make network security level settings on the control panel, as well as Web Image Monitor.
Page 193 Preventing Unauthorized Access Press [Network Security Level]. If the setting you want to specify does not appear, press [ Next] to scroll down to other settings. Select the network security level. Select [Level 0], [Level 1], or [Level 2]. Press [OK]. Press [Exit].
Page 194 5. Enhanced Network Security Click [Login]. The network administrator can log on. Enter the login user name and login password. Click [Configuration], and then click [Network Security] under "Security". Select the network security level in "Security Level". Click [OK]. Click [OK]. Click [Logout].
Page 195 Preventing Unauthorized Access Function Level 0 Level 1 Level 2 SNMP v1v2> Setting Available Unavailable Unavailable SNMP v1v2> Browse Available Available Unavailable SNMP v3 Available Available Available SNMP v3> SNMP Encryption Automatic Automatic Ciphertext Only TELNET Available Unavailable Unavailable SSDP> Port 1900 open open closed...
Page 196: Encrypting Transmitted Passwords
5. Enhanced Network Security Encrypting Transmitted Passwords Prevent login passwords, group passwords for PDF files, and IPP authentication passwords from being revealed by encrypting them for transmission. Also, encrypt the login password for administrator authentication and user authentication. Driver Encryption Key Encrypt the password transmitted when specifying user authentication.
Page 197 Encrypting Transmitted Passwords Press [System Settings]. Press [Administrator Tools]. Press [Extended Security].
Page 198: Group Password For Pdf Files
5. Enhanced Network Security For "Driver Encryption Key", press [Change]. "Driver Encryption Key" is one of the extended security functions. For details about this and other security functions, see "Specifying the Extended Security Functions". Enter the driver encryption key, and then press [OK]. Enter the driver encryption key using up to 32 alphanumeric characters.
Page 199: Ipp Authentication Password
Encrypting Transmitted Passwords Press [Printer Features]. Press [PDF Menu]. Press [PDF Group Password]. If the setting to be specified does not appear, press [ Next]. For [New Password], press [Enter]. Enter the password, and then press [OK]. For [Confirm New Password], press [Enter]. Enter the password and press [OK].
Page 200 5. Enhanced Network Security Specify the IPP authentication passwords for the machine using Web Image Monitor. By making this setting, you can encrypt IPP authentication passwords for transmission to prevent them from being analyzed. Open a Web browser. Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros.
Page 201: Protection Using Encryption
Protection Using Encryption Protection Using Encryption Establish encrypted transmission on this machine using SSL, SNMPv3, and IPsec. By encrypting transmitted data and safeguarding the transmission route, you can prevent sent data from being intercepted, analyzed, and tampered with. SSL (Secure Sockets Layer) Encryption This can be specified by the network administrator.
Page 202 5. Enhanced Network Security 2. The device certificate and public key are sent from the machine to the user's computer. 3. Create a shared key from the user's computer, and then encrypt it using the public key. 4. The encrypted shared key is sent to the machine. 5.
Page 203 Protection Using Encryption Click [Login]. The network administrator can log on. Enter the login user name and login password. Click [Configuration], and then click [Device Certificate] under "Security". Check the radio button next to the number of the certificate you want to create. Click [Create].
Page 204 5. Enhanced Network Security Click [Request]. Make the necessary settings. Click [OK]. "Requesting" appears for "Certificate Status" in the "Certificates" area. Click [Logout]. Apply to the certificate authority for the device certificate. The application procedure depends on the certificate authority. For details, contact the certificate authority.
Page 205 Protection Using Encryption Enter the contents of the device certificate. In the "Certificate Request" box, enter the contents of the device certificate received from the certificate authority. Click [OK]. "Installed" appears under "Certificate Status" to show that a device certificate for the machine has been installed.
Page 206: User Settings For Ssl (Secure Sockets Layer)
5. Enhanced Network Security User Settings for SSL (Secure Sockets Layer) If you have installed a device certificate and enabled SSL (Secure Sockets Layer), you need to install the certificate on the user's computer. The network administrator must explain the procedure for installing the certificate to users. If a warning dialog box appears while accessing the machine using the Web Image Monitor or IPP, start the Certificate Import Wizard and install a certificate.
Page 207 Protection Using Encryption Setting the SSL / TLS Encryption Mode This can be specified by the network administrator. After installing the device certificate, specify the SSL/TLS encrypted communication mode. By making this setting, you can change the security level. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication".
Page 208: Snmpv3 Encryption
5. Enhanced Network Security If the setting to be specified does not appear, press [ Next] to scroll down to other settings. Select the encrypted communication mode. Select [Ciphertext Only], [Ciphertext Priority], or [Ciphertext / Cleartext] as the encrypted communication mode. Press [OK].
Page 209 Protection Using Encryption Press [System Settings]. Press [Interface Settings]. Press [Permit SNMPv3 Communication]. If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
Page 210 5. Enhanced Network Security Press [Encryption Only]. Press [OK]. Press the [User Tools/Counter] key. • To use SmartDeviceMonitor for Admin for encrypting the data for specifying settings, you need to specify the network administrator's [Encryption Password] setting and [Encryption Key] in [SNMP Authentication Information] in SmartDeviceMonitor for Admin, in addition to specifying [Permit SNMPv3 Communication] on the machine.
Page 211: Transmission Using Ipsec
Transmission Using IPsec Transmission Using IPsec This can be specified by the network administrator. For communication security, this machine supports IPsec. IPsec transmits secure data packets at the IP protocol level using the shared key encryption method, where both the sender and receiver retain the same key.
Page 212: Encryption Key Auto Exchange Settings And Encryption Key Manual Settings
5. Enhanced Network Security • For successful authentication, the sender and receiver must specify the same authentication algorithm and authentication key. If you use the encryption key auto exchange method, the authentication algorithm and authentication key are specified automatically. AH Protocol Performs secure transmission using authentication only.
Page 213: Ipsec Settings
Transmission Using IPsec IPsec Settings IPsec settings for this machine can be made on Web Image Monitor. The following table explains individual setting items. Encryption Key Auto Exchange / Manual Settings - Shared Settings Setting Description Setting Value • Active Specify whether to enable or IPsec disable IPsec.
Page 214 5. Enhanced Network Security Security Level Security Level Features Select this level if you want to encrypt the data packets as well as authenticate the transmission partner and prevent unauthorized Authentication and High Level packet tampering. Packet encryption helps prevent Encryption eavesdropping attacks.
Page 215 Transmission Using IPsec Authentication and Low Level Authentication and High Setting Authentication Only Encryption Level Encryption Phase 2 Authentic HMAC-MD5-96/ HMAC-MD5-96/HMAC- HMAC-SHA1-96 ation HMAC-SHA1-96 SHA1-96 Algorithm Phase 2 Encryptio Cleartext (NULL DES/3DES/AES-128/ 3DES/AES-128/ encryption) AES-192/AES-256 AES-192/AES-256 Algorithm Phase 2 Inactive Inactive Encryption Key Auto Exchange Setting Items When you specify a security level, the corresponding security settings are automatically configured,...
Page 216 5. Enhanced Network Security Setting Description Setting Value address, or enter 128 after an IPv6 address. • Transport • Tunnel (Tunnel beginning address - Tunnel ending address) Specify the encapsulation If you specify "Tunnel", you mode. Encapsulation Mode must then specify the "Tunnel (auto setting) End Points", which are the beginning and ending IP...
Page 217 Transmission Using IPsec Setting Description Setting Value Specify the Diffie-Hellman Phase 1 • 1 group number. Diffie-Hellman Group • 2 (auto setting) Specify the time period for Phase 1 Set in seconds from 300 sec. (5 which the SA settings in phase min.) to 172800 sec.
Page 218 5. Enhanced Network Security Encryption Key Manual Settings Items Setting Description Setting Value • Inactive • IPv4 Specify the address type for Address Type which IPsec transmission is • IPv6 used. • IPv4/IPv6 (Default Settings only) The machine's IPv4 or IPv6 address.
Page 219 Transmission Using IPsec Setting Description Setting Value Specify the same value as your Any number between 256 and SPI (Input) transmission partner's SPI 4095 output value. To use encryption and authentication data, specify • EPS EPS. Security Protocol • AH To use authentication data only, specify AH.
Page 220: Encryption Key Auto Exchange Settings Configuration Flow
5. Enhanced Network Security Setting Description Setting Value Specify a value within the ranges shown below, according to the encryption algorithm. hexadecimal value 0-9, a-f, A-F • DES, set 16 digits • 3DES, set 48 digits • AES-128, set 32 digits •...
Page 221 Transmission Using IPsec BBD004S • To use a certificate to authenticate the transmission partner in encryption key auto exchange settings, a device certificate must be installed. • After configuring IPsec, you can use "Ping" command to check if the connection is established correctly. However, you cannot use "Ping"...
Page 222 5. Enhanced Network Security Make encryption key auto exchange settings in "Settings 1". If you want to make multiple settings, select the settings number and add settings. Click [OK]. Select [Active] for "IPsec". Set "Exclude HTTPS Transmission" to [Active] if you do not want to use IPsec for HTTPS transmission.
Page 223 Transmission Using IPsec Click [Logout]. Specifying IPsec Settings on the Computer Specify exactly the same settings for IPsec SA settings on your computer as are specified by the machine's security level on the machine. Setting methods differ according to the computer's operating system. The example procedure shown here uses Windows XP when the Authentication and Low Level Encryption Security level is selected.
Page 224 5. Enhanced Network Security If you select "Certificate" for authentication method in Encryption Key Auto Exchange Settings on the machine, specify the device certificate. If you select PSK, enter the same PSK text specified on the machine with the pre-shared key. Click [Add] in the IP Filter List.
Page 225: Encryption Key Manual Settings Configuration Flow
Transmission Using IPsec • If you specify the "Authentication and High Level Encryption" security level in encryption key auto exchange settings, also select the "Master key perfect forward secrecy (PFS)" check box in the Security Filter Properties screen (which appears in step 29). If using PFS in Windows XP, the PFS group number used in phase 2 is automatically negotiated in phase 1 from the Diffie-Hellman group number (set in step 11).
Page 226: Telnet Setting Commands
5. Enhanced Network Security Open a Web browser. Enter "http://(the machine's IP address or host name)/" in the address bar. When entering an IPv4 address, do not begin segments with zeros. For example: If the address is "192.168.001.010", you must enter it as "192.168.1.10" to connect to the machine. The top page of Web Image Monitor appears.
Page 227 Transmission Using IPsec Displays the following IPsec settings information: • IPsec shared settings values • Encryption key manual settings, SA setting 1-4 values • Encryption key manual settings, default setting values • Encryption key auto exchange settings, IKE setting 1-4 values •...
Page 228 5. Enhanced Network Security • To display the settings 1-4, specify the number [1-4]. • To display the default setting, specify [default]. • Not specifying any value displays all of the settings. Disable settings msh> ipsec manual {1|2|3|4|default} disable • To disable the settings 1-4, specify the setting number [1-4]. •...
Page 229 Transmission Using IPsec • Not specifying an encapsulation mode displays the current setting. Tunnel end point setting msh> ipsec manual {1|2|3|4|default} tunneladdar beginning IP address ending IP address • Enter the separate setting number [1-4] or [default] and specify the tunnel end point beginning and ending IP address.
Page 230 5. Enhanced Network Security • To display the settings 1-4, specify the number [1-4]. • To display the default setting, specify [default]. • Not specifying any value displays all of the settings. Disable settings msh> ipsec manual {1|2|3|4|default} disable • To disable the settings 1-4, specify the number [1-4]. •...
Page 231 Transmission Using IPsec • If you specify [require], data will not be transmitted when IPsec cannot be used. If you specify [use], data will be sent normally when IPsec cannot be used. When IPsec can be used, IPsec transmission is performed. •...
Page 232 5. Enhanced Network Security • Not specifying the hash algorithm displays the current setting. ISAKMP SA (phase 1) encryption algorithm setting msh> ipsec ike {1|2|3|4|default} ph1 encrypt {des|3des} • Enter the separate setting number [1-4] or [default] and specify the ISAKMP SA (phase 1) encryption algorithm.
Page 233 Transmission Using IPsec IPsec SA (phase 2) PFS setting msh> ipsec ike {1|2|3|4|default} ph2 pfs {none|1|2|14} • Enter the separate setting number [1-4] or [default] and specify the IPsec SA (phase 2) Diffie- Hellman group number. • Specify the group number to be used. •...
Page 234: Authentication By Telnet
5. Enhanced Network Security Authentication by telnet This section explains Authentication by telnet. When using telnet, the default login name for administrator login is "admin" and the password is blank. For details on how to login to telnet, see "Using telnet", Network Guide.
Page 235: Specifying The Extended Security Functions
6. Specifying the Extended Security Functions This chapter describes the machine's extended security features and how to specify them. Specifying the Extended Security Functions In addition to providing basic security through user authentication and administrator specified access limits on the machine, security can also be increased by encrypting transmitted data and data in the Address Book.
Page 236 6. Specifying the Extended Security Functions Press [System Settings]. Press [Administrator Tools]. Press [Extended Security].
Page 237: Settings
Specifying the Extended Security Functions Press the setting you want to change, and change the setting. Press [OK]. Press the [User Tools/Counter] key. Settings Default settings are shown in bold type. Driver Encryption Key This can be specified by the network administrator. Encrypt the password transmitted when specifying user authentication.
Page 238 6. Specifying the Extended Security Functions • Off Restrict Adding of User Destinations This can be specified by the user administrator. When "Restrict Use of Destinations" is set to [Off], after entering a fax or scanner destination directly, you can register it in the Address Book by pressing [Program Dest.]. If [On] is selected for this setting, [Program Dest.] does not appear.
Page 239 Specifying the Extended Security Functions • Prohibit • Do not Prohibit Restrict Use of Simple Encryption This can be specified by the network administrator. When a sophisticated encryption method cannot be enabled, simple encryption will be applied. For example, when using User Management Tool and Address Management in Smart Device Monitor for Admin to edit the Address Book, or DeskTopBinder and ScanRouter delivery software and SSL/TLS cannot be enabled, make this setting [Off] to enable simple encryption.
Page 240: Update Firmware
6. Specifying the Extended Security Functions If you select [Access Privilege], users who canceled a copy or print job in progress and the machine administrator can operate the machine. Even if you select [Login Privilege] and log on to the machine, you cannot cancel a copy or print job in progress if you are not authorized to use the copy and printer functions.
Page 241 Specifying the Extended Security Functions Change Firmware Structure This can be specified by the machine administrator. Specify whether to prevent changes in the machine's firmware structure. The Change Firmware Structure function detects when the SD card is inserted, removed or replaced. If you select [Prohibit], the machine stops during startup when a firmware structure change is detected and a message requesting administrator login is displayed.
Page 242: Other Security Functions
6. Specifying the Extended Security Functions Other Security Functions This section explains settings for preventing information leaks, and functions that you can restrict to further increase security. Fax Function Not Displaying Destinations and Senders in Reports and Lists In [Facsimile Features], you can specify whether to display destinations and sender names by setting "Switch 4, Bit No.
Page 243: Weekly Timer Code
Other Security Functions Weekly Timer Code If the power is turned off when Weekly Timer Mode is set, the Weekly Timer Code settings must be enabled and you must enter a code before you can turn the power back on. Specifying the Weekly Timer Code This can be specified by the machine administrator.
Page 244 6. Specifying the Extended Security Functions Press [Weekly Timer Code]. Press [On]. Canceling Weekly Timer Code This can be specified by the machine administrator. Press the [User Tools/Counter] key. Press [System Settings].
Page 245 Other Security Functions Press [Timer Settings]. Press [Weekly Timer Code]. Press [Off].
Page 246: Limiting Machine Operation To Customers Only
6. Specifying the Extended Security Functions Limiting Machine Operation to Customers Only The machine can be set so that operation is impossible without administrator authentication. The machine can be set to prohibit operation without administrator authentication and also prohibit remote registration in the Address Book by a service representative.
Page 247 Limiting Machine Operation to Customers Only Press [Administrator Tools]. Press [Service Mode Lock]. Press [On], and then press [OK]. A confirmation message appears. Press [Yes]. Press the [User Tools/Counter] key. • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication"...
Page 248: Canceling Service Mode Lock
6. Specifying the Extended Security Functions Canceling Service Mode Lock For a service representative to carry out inspection or repair in service mode, the machine administrator must log on to the machine and cancel the service mode lock. For details about logging on and logging off with administrator authentication, see "Logging on Using Administrator Authentication", "Logging off Using Administrator Authentication".
Page 249 Limiting Machine Operation to Customers Only Press the [User Tools/Counter] key. The service representative can switch to service mode. • p.35 "Logging on Using Administrator Authentication" • p.36 "Logging off Using Administrator Authentication"...
Page 250 6. Specifying the Extended Security Functions...
Page 251: Troubleshooting
7. Troubleshooting This chapter describes what to do if the machine does not function properly. Authentication Does Not Work Properly This section explains what to do if a user cannot operate the machine because of a problem related to user authentication.
Page 252 7. Troubleshooting Messages Cause Solutions "Failed to obtain URL." The machine cannot connect to Make sure the server's settings, the server or cannot establish such as the IP address and host communication. name, are specified correctly on the machine. Make sure the host name of the UA Server is specified correctly.
Page 253: An Error Code Appears
Authentication Does Not Work Properly Messages Cause Solutions "The selected file(s) contained file You have tried to delete files Files can be deleted by the file (s) without access privileges. without the authority to do so. creator (owner) or file Only file(s) with access privileges administrator.
Page 254 7. Troubleshooting Error Code Cause Solution The administrator has restricted use of simple encryption. You can use the encryption key if it has been specified in the driver. 3. A driver encryption key error occurred. Make sure that the encryption key is correctly specified on the driver.
Page 255 Authentication Does Not Work Properly Windows Authentication Error Code Cause Solution Make sure no other user is A TWAIN operation occurred W0103-000 logged on to the machine, and during authentication. then try again. 1. A password error occurred. Make sure the password is entered correctly.
Page 256 7. Troubleshooting Error Code Cause Solution Book is being used at another location. Wait a few minutes and then try again. If the situation does not return to Authentication cannot be normal, make sure that an completed because of the high authentication attack is not W0406-101 number of authentication...
Page 257 Authentication Does Not Work Properly Error Code Cause Solution (such as domainname.xxx.com), make sure that DNS is specified in "Interface Settings". 2. If a NetBIOS domain name is specified in domain name (such as DOMAINNAME), make sure that WINS is specified in "Interface Settings".
Page 258 7. Troubleshooting Error Code Cause Solution 1. Kerberos authentication settings are not correctly configured. Make sure the realm name, KDC (Key Distribution Center) name and corresponding domain name are specified correctly. 2. The KDC and machine timing do not match. Authentication will fail if the difference between the KDC and machine timing is more...
Page 259 Authentication Does Not Work Properly Error Code Cause Solution account allows you to obtain the user group. Make sure the user group's group scope is set to "Global Group" and the group type is set to "Security" in group properties. Make sure the account has been added to user group.
Page 260 7. Troubleshooting Error Code Cause Solution UserPrincipleName for the login name instead. Recreate the account if the account name contains any of An authentication error these prohibited characters. occurred because the user W0406-003 name contains a space, colon If the account name was (:), or quotation mark (").
Page 261 Authentication Does Not Work Properly LDAP Authentication Error Code Cause Solution Make sure no other user is A TWAIN operation occurred L0103-000 logged on to the machine, and during authentication. then try again. 1. A password error occurred. Make sure the password is entered correctly.
Page 262 7. Troubleshooting Error Code Cause Solution Book is being used at another location. Make sure that a connection The LDAP server is not correctly L0306-018 test is successful with the current configured. LDAP server configuration. An authentication error occurred because the Address Wait a few minutes and then try L0307-001 Book is being used at another...
Page 263 Authentication Does Not Work Properly Error Code Cause Solution the LDAP authentication settings. 4. Make sure the SSL settings are supported by the LDAP server. 1. Make sure the login user name and password are entered correctly. 2. Make sure a useable login name is registered on the machine.
Page 264 7. Troubleshooting Error Code Cause Solution 1. Kerberos authentication settings are not correctly configured. Make sure the realm name, KDC (Key Distribution Center) name, and supporting domain name are specified correctly. 2. The KDC and machine timing do not match. L0406-204 Kerberos authentication failed.
Page 265 Authentication Does Not Work Properly Error Code Cause Solution The authentication server login 1. Delete the old, duplicated name is the same as a user name or change the login name already registered on the name. L0511-000 machine. (Names are 2.
Page 266 7. Troubleshooting Error Code Cause Solution The administrator has restricted use of simple encryption. You can use the encryption key if it has been specified in the driver. 3. A driver encryption key error occurred. Make sure that the encryption key is correctly specified on the driver.
Page 267 Authentication Does Not Work Properly Error Code Cause Solution Obtain the URL using Obtain 1. The URL could not be I0406-301 URL in Integration Server obtained. authentication. 1. Make sure the login user name and password are entered correctly. 2. Make sure that a useable login name is registered on the machine.
Page 268: Machine Cannot Be Operated
7. Troubleshooting Error Code Cause Solution Authentication failed because no more users can be Ask the user administrator to I0612-005 registered. (The number of delete unused user accounts in users registered in the Address the Address Book. Book has reached capacity.) An authentication error occurred because the Address Wait a few minutes and then try...
Page 269 Authentication Does Not Work Properly Condition Cause Solution Cannot authenticate using the Authentication is not possible Wait until editing of the Address TWAIN driver. while the machine is editing the Book data is complete. Address Book data. After starting "User Management "Restrict Use of Simple Set "Restrict Use of Simple Tool"...
Page 270 7. Troubleshooting Condition Cause Solution remove the original, and then log off. "Program Dest." does not appear "Restrict Adding of User Registration must be done by the on the fax or scanner screen for Destinations" is set to [Off] in user administrator.
Page 271 Authentication Does Not Work Properly • p.194 "Driver Encryption Key" • p.204 "Setting the SSL / TLS Encryption Mode" • p.116 "Specifying Access Permission for Stored Files" • p.141 "Protecting the Address Book"...
Page 272 7. Troubleshooting...
Page 273: Appendix
8. Appendix Supervisor Operations The supervisor can delete an administrator's password and specify a new one. If any of the administrators forget their passwords or if any of the administrators change, the supervisor can assign a new password. If logged on using the supervisor's user name and password, you cannot use normal functions or specify defaults.
Page 274 8. Appendix Press the [Login/Logout] key. Press [Login]. Enter a login user name, and then press [OK]. When you assign the administrator for the first time, enter "supervisor".
Page 275: Logging Off As The Supervisor
Supervisor Operations Enter a login password, and then press [OK]. The message, "Authenticating... Please wait." appears. Logging off as the Supervisor If administrator authentication has been specified, be sure to log off after completing settings. This section describes how to log off after completing settings. Press the [Login/Logout] key.
Page 276 8. Appendix Press [System Settings]. Press [Administrator Tools]. Press [Program / Change Administrator]. Under "Supervisor", press [Change].
Page 277: Resetting An Administrator's Password
Supervisor Operations Press [Change] for the login user name. Enter the login user name, and then press [OK]. Press [Change] for the login password. Enter the login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK] twice.
Page 278 8. Appendix Press [Program / Change Administrator]. Press [Change] for the administrator you wish to reset. Press [Change] for the login password. Enter the login password, and then press [OK]. If a password reentry screen appears, enter the login password, and then press [OK]. Press [OK] twice.
Page 279: Machine Administrator Settings
Machine Administrator Settings Machine Administrator Settings The machine administrator settings that can be specified are as follows: System Settings The following settings can be specified. General Features All the settings can be specified. Tray Paper Settings All the settings can be specified. Timer Settings All the settings can be specified.
Page 280 8. Appendix E-mail Address Password Encryption • POP before SMTP Wait Time after Authent. User Name E-mail Address Password • Reception Protocol • POP3 / IMAP4 Settings Server Name Encryption Connection Test • Administrator's E-mail Address • Default User Name / Password (Send) SMB User Name / SMB Password FTP User Name / FTP Password NCP User Name / NCP Password...
Page 281 Machine Administrator Settings Machine Administrator You can change the user name and the full-control user's authority. • Key Counter Management • Extended Security Restrict Display of User Information Transfer to Fax Receiver Authenticate Current Job @Remote Service Update Firmware Change Firmware Structure •...
Page 282: Maintenance
8. Appendix *1 The DataOverwriteSecurity Unit option must be installed. *2 The Copy Data Security Unit option must be installed. *3 The HDD Encryption Unit option must be installed. Maintenance The following settings can be specified. Auto Colour Calibration All the settings can be specified. Copier / Document Server Features The following settings can be specified.
Page 283 Machine Administrator Settings Scan Settings All the settings can be specified. Send Settings The following settings can be specified. • Program / Change / Delete Standard Message • Backup File TX Setting Reception Settings The following settings can be specified. •...
Page 284: Printer Features
8. Appendix • Email Setting • Folder Setting Printer Features The following settings can be specified. List / Test Print All the settings can be specified. Maintenance • Menu Protect • List / Test Print Lock • 4Colour Graphic Mode System •...
Page 285: Scanner Features
Machine Administrator Settings Host Interface All the settings can be specified. PCL Menu All the settings can be specified. PS Menu *1 All the settings can be specified. PDF Menu *1 All the settings can be specified. *1 The PostScript 3 Unit option must be installed. Scanner Features The following settings can be specified.
Page 286 8. Appendix Device Settings • System Spool Printing Protect Printer Display Panel Print Priority Function Reset Timer Permit Firmware Update Permit Firmware Structure Change Display IP Address on Device Display Panel Output Tray Paper Tray Priority Front Cover Sheet Tray Back Cover Sheet Tray Slip Sheet Tray Designation Sheet 1 Tray...
Page 287 Machine Administrator Settings • User Authentication Management All the settings can be specified. • Administrator Authentication Management Machine Administrator Authentication Available Settings for Machine Administrator • Program/Change Administrator You can specify the following administrator settings as the machine administrator. Login User Name Login Password Encryption Password •...
Page 288 8. Appendix • PDF Group Password *1 All the settings can be specified. • PDF Fixed Password *1 All the settings can be specified. *1 The PostScript 3 Unit option must be installed. • Initial Settings All the settings can be specified. •...
Page 289: Settings Via Smartdevicemonitor For Admin
Machine Administrator Settings Update RC Gate Firmware • Remote Communication Gate Proxy Webpage • Download Help File Settings via SmartDeviceMonitor for Admin The following settings can be specified. Device Information • Reset Device • Reset Current Job • Reset All Jobs User Management Tool The following settings can be specified.
Page 290: Network Administrator Settings
8. Appendix Network Administrator Settings The network administrator settings that can be specified are as follows: System Settings The following settings can be specified. Interface Settings If DHCP is set to On, the settings that are automatically obtained via DHCP cannot be specified. •...
Page 291: Facsimile Features
Network Administrator Settings Restrict Use of Simple Encryption Facsimile Features The following settings can be specified. Send Settings • Max. E-mail Size Initial Settings • Enable H.323 • Enable SIP • H.323 Settings • SIP Settings • Program/Change/Delete Gateway Scanner Features The following settings can be specified.
Page 292 8. Appendix Select groups to notify • Administrator Authentication Management Network Administrator Authentication Available Settings for Network Administrator • Program/Change Administrator You can specify the following administrator settings for the machine administrator. Login User Name Login Password Change Encryption Password •...
Page 293 Network Administrator Settings Network • IPv4 All the settings can be specified. • IPv6 All the settings can be specified. • NetWare All the settings can be specified. • AppleTalk All the settings can be specified. • SMB All the settings can be specified. •...
Page 294: Settings Via Smartdevicemonitor For Admin
8. Appendix All the settings can be specified. • IPsec All the settings can be specified. • S/MIME All the settings can be specified. Webpage • Download Help file Settings via SmartDeviceMonitor for Admin The following settings can be specified. NIB Setup Tool All the settings can be specified.
Page 295: File Administrator Settings
File Administrator Settings File Administrator Settings The file administrator settings that can be specified are as follows: System Settings The following settings can be specified. Interface Setting • DNS Configuration Connection Test Administrator Tools • Administrator Authentication Management File Management •...
Page 296: Settings Via Web Image Monitor
8. Appendix • Auto Delete Stored Print Jobs Settings via Web Image Monitor The following settings can be specified. Printer: Print Jobs The file administrator can Edit/Delete the Print Job List and Unlock the print job. Document Server All the settings can be specified. Device Settings •...
Page 297: User Administrator Settings
User Administrator Settings User Administrator Settings The user administrator settings that can be specified are as follows: System Settings The following settings can be specified. Administrator Tools • Address Book Management • Address Book: Program / Change / Delete Group •...
Page 298: Settings Via Smartdevicemonitor For Admin
8. Appendix Device Settings • Auto E-mail Notification Select groups to notify • Administrator Authentication Management User Administrator Authentication Available Settings for User Administrator • Program/Change Administrator The user administrator settings that can be specified are as follows: Login User Name Login Password Change Encryption Password Webpage...
Page 299: Document Server File Permissions
Document Server File Permissions Document Server File Permissions The authorities for using the files stored in Document Server are as follows. The authority designations in the list indicate users with the following authorities. • Read-only This is a user assigned "Read-only" authority. •...
Page 300 8. Appendix Full File Settings Read-only Edit Edit / Delete Owner Control Admin. Unlocking Files *1 This setting can be specified by the owner.
Page 301: The Privilege For User Account Settings In The Address Book
The Privilege for User Account Settings in the Address Book The Privilege for User Account Settings in the Address Book The authorities for using the Address Book are as follows: The authority designations in the list indicate users with the following authorities. •...
Page 302 8. Appendix Read-only Edit Edit / Delete Full Register User Settings Control ed User Admin. (User) (User) (User) SMTP Authentication A *1 A *1 Folder Authentication LDAP Authentication A *1 A *1 Available Functions *1 You can only enter the password. Tab Name: Protection Read- Edit /...
Page 303 The Privilege for User Account Settings in the Address Book Read- Edit / Edit Full Register User only Delete Settings Control ed User Admin. (User) (User) (User) Fax Header Label Insertion Tab Name: E-mail Address Read- Edit / Edit Full Register User only...
Page 304: User Settings - Control Panel Settings
8. Appendix User Settings - Control Panel Settings This section displays the user settings that can be specified on the machine when user authentication is specified. Settings that can be specified by the user vary according to the menu protect level and available settings specifications.
Page 305: Copier / Document Server Features
Copier / Document Server Features Copier / Document Server Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. •...
Page 306 8. Appendix Settings Level 1 Level 2 Customize Function: Document Server Print Reproduction Ratio Settings Level 1 Level 2 Shortcut Reduce/Enlarge Reproduction Ratio Reduce/Enlarge Ratio Priority Ratio for Create Margin Edit Settings Level 1 Level 2 Front Margin: Left / Right Back Margin: Left / Right Front Margin: Top / Bottom Back Margin: Top / Bottom...
Page 307 Copier / Document Server Features Settings Level 1 Level 2 Double Copies Separation Line Separation Line in Combine Copy Back Cover Stamp Background Numbering Settings Level 1 Level 2 Size Density Stamp Colour Preset Stamp Settings Level 1 Level 2 Stamp Language Stamp Priority Stamp Colour: COPY...
Page 308 8. Appendix Settings Level 1 Level 2 Stamp Format: For Your Info.*1 Stamp Format: PRELIMINARY*1 Stamp Format: For Internal Use Only*1 Stamp Format: CONFIDENTIAL*1 Stamp Format: DRAFT*1 *1 The print position can be adjusted but not specified. User Stamp Settings Level 1 Level 2 Program / Delete Stamp...
Page 309 Copier / Document Server Features Settings Level 1 Level 2 Stamp Setting *1 *1 The print position can be adjusted but not specified. Page Numbering Settings Level 1 Level 2 Stamp Format Font Size Duplex Back Page Stamping Position Page Numbering in Combine Stamp on Designating Slip Sheet Stamp Position: P1, P2...*1 Stamp Position: 1/5, 2/5...*1...
Page 310 8. Appendix Settings Level 1 Level 2 Superimpose Stamp Colour Stamp Setting Input / Output Settings Level 1 Level 2 Switch to Batch SADF Auto Reset Rotate Sort: Auto Paper Continue Copy Eject Face Method in Glass Mode Copy Eject Face Method in Bypass Mode Memory Full Auto Scan Restart Insert Separation Sheet Letterhead Setting...
Page 311: Printer Functions
Printer Functions Printer Functions If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available.
Page 312: Printer Features
8. Appendix Printer Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available.
Page 313 Printer Features System Settings Level 1 Level 2 Print Error Report Auto Continue Memory Overflow Job Separation Rotate by 180 Degrees Auto Delete Temporary Print Jobs Auto Delete Stored Print Jobs Initial Print Job List Memory Usage Duplex Copies Blank Page Print Spool Image Reserved Job Waiting Time Printer Language...
Page 314 8. Appendix Host Interface Settings Level 1 Level 2 I/O Buffer I/O Timeout PCL Menu Settings Level 1 Level 2 Orientation Form Lines Font Source Font Number Point Size Font Pitch Symbol Set Courier Font Extend A4 Width Append CR to LF Resolution PS Menu *1 Settings...
Page 315 Printer Features PDF Menu *1 Settings Level 1 Level 2 Change PDF Password PDF Group Password Resolution Colour Setting Colour Profile *1 The PostScript 3 Unit option must be installed.
Page 316: Scanner Features
8. Appendix Scanner Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available.
Page 317 Scanner Features Settings Level 1 Level 2 Background Density ADS (Full Colour) Send Settings Settings Level 1 Level 2 Compression (Black & White) Compression (Gray Scale / Full Colour) High Compression PDF Level Max. E-mail Size Divide & Send E-mail Insert Additional E-mail Info No.
Page 318: Facsimile Features
8. Appendix Facsimile Features If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available.
Page 319 Facsimile Features Send Settings Settings Level 1 Level 2 Max E-mail Size Program/Change/Delete Standard Message Backup File TX Setting Reception Settings Settings Level 1 Level 2 Switch Reception Mode Program Special Sender Program Special Sender: Print List Forwarding Reception File Setting Stored Reception File User Setting SMTP RX File Delivery Setting 2 Sided Print...
Page 320 8. Appendix Initial Settings Settings Level 1 Level 2 Parameter Setting Parameter Setting: Print List Program Closed Network Code Program Memory Lock ID Internet Fax Settings Select Dial/Push Phone Program Fax Information Enable H.323 Settings Enable SIP H.323 Settings SIP Settings Program/Change/Delete Gateway E-mail Setting Folder Setting...
Page 321: System Settings
System Settings System Settings The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not Available Settings has been specified. •...
Page 322 8. Appendix Settings Time Interval Between Printing Jobs Key Repeat Tray Paper Settings Settings Paper Tray Priority: Copier Paper Tray Priority: Facsimile Paper Tray Priority: Printer Printer Bypass Paper Size Tray Paper Size: Tray 1-3 Paper Type: Bypass Tray Paper Type: Tray 1-3 Paper Type: LCT Front Cover Sheet Tray Back Cover Sheet Tray...
Page 323 System Settings Settings Copier / Document Server Auto Reset Timer Facsimile Auto Reset Timer Printer Auto Reset Timer Scanner Auto Reset Timer Set Date Set Time Auto Logout Timer Weekly Timer Code Weekly Timer Code: Monday Weekly Timer Code: Tuesday Weekly Timer Code: Wednesday Weekly Timer Code: Thursday Weekly Timer Code: Friday...
Page 324 8. Appendix Settings IPv6 Gateway Address IPv6 Stateless Address Autoconfiguration DNS Configuration *1 DDNS Configuration IPsec Domain Name *1 WINS Configuration *1 Effective Protocol NCP Delivery Protocol NW Frame Type SMB Computer Name SMB Work Group Ethernet Speed LAN Type Ping Command Permit SNMPv3 Communication Permit SSL / TLS Communication...
Page 325 System Settings Settings Selection Signal Status Input Prime Bidirectional Communication Signal Control *2 The IEEE 1284 interface board option must be installed. Wireless LAN *3 Settings Communication Mode SSID Setting Ad-hoc Channel Security Method Restore Factory Defaults *3 The Wireless LAN interface unit option must be installed. WEP (Encryption) Settings Settings WEP (Encryption) Key *4...
Page 326 8. Appendix Settings SMTP Authentication *6 POP before SMTP Reception Protocol POP3 / IMAP4 Settings Administrator's E-mail Address E-mail Communication Port E-mail Reception Interval Max. Reception E-mail Size E-mail Storage in Server Default User Name / Password (Send) *6 Program / Change / Delete E-mail Message Auto Specify Sender name Fax E-mail Account Scanner Resend Interval Time...
Page 327 System Settings Settings Address Book: Switch Title Back Up / Restore Address Book Display / Print Counter Display / Clear / Print Counter per User User Authentication Management Administrator Authentication Management Program / Change Administrator Key Counter Management Extended Security Auto Delete File in Document Server Delete All Files in Document Server Capture Priority *7...
Page 328 8. Appendix Settings Machine Data Encryption Settings *10 *6 Only the password can be specified. *7 The File Format Converter option must be installed. *8 The DataOverwriteSecurity Unit option must be installed. *9 The Copy Data Security Unit option must be installed. *10 The HDD Encryption Unit option must be installed.
Page 329: User Settings - Web Image Monitor Settings
User Settings - Web Image Monitor Settings User Settings - Web Image Monitor Settings This section displays the user settings that can be specified on Web Image Monitor when user authentication is specified. Settings that can be specified by the user vary according to the menu protect level and available settings specifications.
Page 330: Device Settings
8. Appendix Device Settings The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not [Available Settings] has been specified. •...
Page 331 Device Settings Settings Front Cover Sheet Tray : Display Time Back Cover Sheet Tray : Tray to set Back Cover Sheet Tray : Apply Duplex Back Cover Sheet Tray : Display Time Cover Sheet Tray : Tray to set Cover Sheet Tray : Apply Duplex Cover Sheet Tray : Display Time Slip Sheet Tray : Tray to set Slip Sheet Tray : Apply Duplex...
Page 332 8. Appendix Settings Tray2 : Paper Size Tray2 : Custom Paper Size Tray2 : Paper Type Tray2 : Paper Thickness Tray2 : Apply Auto Paper Select Tray2 : Apply Duplex Tray3 : Paper Size Tray3 : Custom Paper Size Tray3 : Paper Type Tray3 : Paper Thickness Tray3 : Apply Auto Paper Select Tray3 : Apply Duplex...
Page 333 Device Settings Settings Bypass Tray : Paper Thickness Date/Time Settings Set Date Set Time SNTP Server Address SNTP Polling Interval Time Zone Timer Settings Auto Off Timer Energy Saver Timer Panel Off Timer System Auto Reset Timer Copier/Document Server Auto Reset Timer Facsimile Auto Reset Timer Scanner Auto Reset Timer Printer Auto Reset Timer...
Page 334 8. Appendix Settings Weekly Timer: Friday Weekly Timer: Saturday Weekly Timer: Sunday Logs Settings Collect Job Log Job Log Collect Level Collect Access Logs Access Log Collect Level Transfer Logs Encrypt Logs Delete All Logs E-mail Settings Administrator E-mail Address Reception Protocol E-mail Reception Interval Max.
Page 335 Device Settings Settings SMTP Auth. Password SMTP Auth. Encryption POP before SMTP POP E-mail Address POP User Name POP Password Timeout setting after POP Auth. POP3/IMAP4 Server Name POP3/IMAP4 Encryption POP3 Reception Port No. IMAP4 Reception Port No. Fax E-mail Address Receive Fax E-mail Fax E-mail User Name Fax E-mail Password...
Page 336 8. Appendix Settings Out of Toner Toner Almost Empty Paper Misfeed Cover Open Out of Paper Almost Out of Paper Paper Tray Error Output Tray Full Waste Toner Bottle is Full Unit Connection Error Duplex Unit Error Replacement Required: PCU Add Staples Service Call Successful Hole Punch Receptacle is Full...
Page 337 Device Settings Settings Notification Message Restriction to System Config. Info. Restriction to Network Config. Info. Restriction to Printer Config. Info. Restriction to Supply Info. Restriction to Device Status Info. Receivable E-mail Address/Domain Name E-mail Language File Transfer Settings SMB User Name SMB Password FTP User Name FTP Password...
Page 338 8. Appendix Settings Windows Authentication Printer Job Authentication Windows Authentication SSL Windows Authentication Kerberos Authentication Windows Authentication Domain Name Windows Authentication Realm Name Windows Authentication Group Settings for Windows Authentication LDAP Authentication Printer Job Authentication LDAP Authentication LDAP Authentication LDAP Authentication Login Name Attribute LDAP Authentication Unique Attribute LDAP Authentication Available Function Integration Server Authentication Printer Job...
Page 339 Device Settings Administrator Authentication Management Settings User Administrator Authentication Available Settings for User Administrator Machine Administrator Authentication Available Settings for Machine Administrator Network Administrator Authentication Available Settings for Network Administrator File Administrator Authentication Available Settings for File Administrator LDAP Server Settings LDAP Search Program/Change/Delete...
Page 340: Printer
8. Appendix Printer If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available. R (Read) = Reading only.
Page 341 Printer Settings Level 1 Level 2 Sub Paper Size Page Size Letterhead Setting Bypass Tray Setting Priority Edge to Edge Print Default Printer Language Tray Switching List/Test Print Lock Virtual Printer Host Interface Settings Level 1 Level 2 I/O Buffer I/O Timeout PCL Menu Settings...
Page 342 8. Appendix Settings Level 1 Level 2 Append CR to LF Resolution PS Menu *1 Settings Level 1 Level 2 Data Format Resolution Color Setting Color Profile *1 The PostScript 3 Unit option must be installed. PDF Menu *1 Settings Level 1 Level 2 Resolution...
Page 343 Printer *1 The PostScript 3 Unit option must be installed. PDF Group Password *1 Settings Level 1 Level 2 Current PDF Group Password New PDF Group Password Confirm PDF Group Password *1 The PostScript 3 Unit option must be installed. PDF Fixed Password *1 Settings Level 1...
Page 344: Scanner
8. Appendix Scanner If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available. R (Read) = Reading only.
Page 345 Scanner Settings Level 1 Level 2 High Compression PDF Level Max. E-mail Size Divide & Send E-mail Insert Additional E-mail Info No. of Digits for Single Page Files Stored File E-mail Method...
Page 346: Fax
8. Appendix If you have specified administrator authentication, the available functions and settings depend on the menu protect setting. The following settings can be specified by someone who is not an administrator. • Abbreviations in the table columns R/W (Read and Write) = Both reading and modifying the setting are available. R (Read) = Reading only.
Page 347 Settings Level 1 Level 2 Print Reception Time Reception File Print Quantity Paper Tray Memory Lock Reception IP-Fax Settings Settings Level 1 Level 2 Enable H.323 Enable IP-Fax Gatekeeper Gatekeeper Address (Main) Gatekeeper Address (Sub) Own Fax No. Enable SIP Enable Server User Name Server IP Address: Proxy Server Addr.
Page 348 8. Appendix Settings Level 1 Level 2 Select Protocol 1-50 Gateway Address 1-50 Parameter Settings Settings Level 1 Level 2 Just Size Printing Convert to PDF When Transferring to Folder Journal Immediate Transmission Result Report Communication Result Report Memory Storage Report SEP Code RX Result Report SEP Code RX Reserve Report Confidential File Report...
Page 349: Interface
Interface Interface The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not "Available Settings" has been specified. •...
Page 350 8. Appendix Settings Communication Mode SSID Channel Security Method WEP Authentication WEP Key Number WEP Key WPA Encryption Method WPA Authentication Method WPA-PSK/WPA2-PSK WPA/WPA2 Settings *2 The Wireless LAN interface unit option must be installed.
Page 351: Network
Network Network The settings available to the user depend on whether or not administrator authentication has been specified. If administrator authentication has been specified, the settings available to the user depend on whether or not "Available Settings" has been specified. •...
Page 352 8. Appendix Settings RSH/RCP DIPRINT sftp WS-Device WS-Printer WS-Printer / IPP Timeout RHPP IPv6 Settings IPv6 Address Host Name Domain Name Link-local Address Stateless Address Manual Configuration Address DCHPv6-lite DDNS Default Gateway Address DNS Server RSH/RCP DIPRINT...
Page 353 Network Settings sftp WS-Device WS-Printer WS-Printer / IPP Timeout RHPP NetWare Settings NetWare Print Server Name Logon Mode File Server Name NDS Tree NDS Context Name Operation Mode Remote Printer No. Job Timeout Frame Type Print Server Protocol NCP Delivery Protocol AppleTalk Settings AppleTalk...
Page 354 8. Appendix Settings Network No. Printer Name Printer Type Zone Name Settings Protocol Workgroup Name Computer Name Comment Share Name Notify Print Completion Bonjour Settings Bonjour Local Hostname Computer Name Location DIPRINT...
Page 355 Network Webpage Settings Language 1 Language 2 URL 1 URL 2 Set Help URL Target WS-Device / UPnP Setting Download Help Page...
Page 356: Functions That Require Options
8. Appendix Functions That Require Options The following functions require certain options and additional functions. • Hard Disk overwrite erase function DataOverwriteSecurity Unit • Data security for copying function Copy Data Security Unit • PDF direct print function Postscript 3 Unit •...
Page 357: Index
INDEX Encryption Key Auto Exchange / Manual Settings - Shared Settings..........Access Control............. Encryption Key Auto Exchange Security Level..................Access Permission..........Encryption Key Auto Exchange Setting Items..Address Book Access Permission..................... Address Book Privileges........Encryption Auto Exchange Settings Administrator............
Page 358 LDAP Authentication - Operational Requirements Restrictions on Destinations........ for LDAP Authentication........Locked Print............S/MIME.............. Log off (Administrator).......... Scanner..............Log on (Administrator).......... Scanner Features..........Login............... Security Functions..........Logout..............Self-Signed Certificate........Service Mode Lock..........Machine Administrator......... Settings by SNMP v1 and v2......Machine Administrator Settings......
Page 359 Windows Authentication Operational Requirements for NTLM authentication....
Page 360 MEMO...
Page 361 MEMO...
Page 362 MEMO D015-7902...
Page 363 In accordance with IEC 60417, this machine uses the following symbols for the main power switch: means POWER ON. means STAND BY. Trademarks ® ® ® ® Microsoft , Windows , Windows NT , Windows Server , and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Page 364 Type for C6055/MP C6000/LD260c/Aficio MP C6000 Type for C7570/MP C7500/LD275c/Aficio MP C7500 D015-7902...

This manual is also suitable for:

Ld260c Ld275c C7570 Mp c6000 Mp c7500

Aficio C6055 Operating Instructions Manual

1 Getting Started

2 Authentication and Its Application

3 Ensuring Information Security

4 Managing Access to the Machine

5 Enhanced Network Security

6 Specifying the Extended Security Functions

7 Troubleshooting

8 Appendix

Quick Links

Operating Instructions

Related Manuals for Aficio C6055

Summary of Contents for Aficio C6055

This manual is also suitable for:

Table of Contents