Home » Lexmark Manuals » Laser Printers » Lexmark C925 » Manual Viewer

Lexmark C925 Lexmark Document Distributor - Page 42

Using Kerberos authentication, Configuring Kerberos authentication on printers

Add to My Manuals
Save this manual to your list of manuals

Page 42 highlights

Installing Lexmark Document Distributor 42 Using Kerberos authentication If a user logs on at a printer using Kerberos, the credentials can be used by the LDD system to manipulate files on the network and interact with ECM systems on behalf of the user. Notes: • SSL is required to use Kerberos authentication with an LDD system, and secure communication between printers and servers must be enabled for any device group that uses a solution with Kerberos authentication. For more information, see "Enabling secure communication between servers and printers in a device group" on page 105. • The date and time must be correct on the printer, LDD server, and KDC server when using Kerberos authentication. Configuring Kerberos authentication on printers Notes: • The following procedure applies to e‑Task 2+ printers. If these steps do not apply to your printer, then see the documentation that came with your printer. • The names and locations of some links differ depending on the firmware installed on your printer. Where multiple link names or locations are specified below, click the specified link that appears for your printer. 1 Type the printer IP address or host name in the address field of your Web browser to access the printer Embedded Web Server. Note: If you do not know the IP address or host name of the printer, then you can: • View the information on the printer control panel home screen, or in the TCP/IP section under the Networks/Ports menu. • Print a network setup page or menu settings page and locate the information in the TCP/IP section. 2 Click Settings > Security > Security Setup. 3 Configure the connection to the Kerberos Domain Controller: a In the "Step 1: Configuring a Security Building Block" section, click Kerberos 5. b Select a configuration method: • To import a Kerberos configuration file, which allows more control over Kerberos tickets, use the Import Kerberos File section: 1 Click Browse to find the krb5.conf file. 2 Click Submit. Notes: - Click Delete File to remove the Kerberos configuration file from the printer. - Click View File to view the Kerberos configuration file for the printer. The following example represents a minimal configuration file: [libdefaults] default_realm = MY.REALM kdc_timesync = 1 forwardable = true [realms]

Section	Page
Contents	2
Lexmark Document Distributor overview	8
Understanding the stages of a job	8
Document capture	8
Document processing	8
Document routing	8
Confirmation	9
Understanding the Lexmark Document Distributor system	9
System components	9
Reliability, scalability, and disaster recovery	10
Workflow solutions	11
Client software	12
Lexmark Management Console	12
Security overview	12
System setup overview	13
Supported printers	13
Supported ECM platforms	17
Installing Lexmark Document Distributor	18
Minimum and recommended system requirements	18
Avoiding conflicts with other software	21
Ports used by the LDD system	21
Activating LDD licenses	22
Understanding installation types	26
Installing a workgroup system	27
Configuration type for workgroup systems	27
Installation overview for a workgroup system	27
Installing system components in a workgroup system	27
Installing an enterprise system	28
Configuration types for enterprise systems	28
System sizing guidelines	31
Installation overview for an enterprise system	32
Using Oracle database with LDD	33
Installing the database and load balancer without clustering (configurations 1, 1-N, and 1-1-N)	33
Installing the database and load balancer with clustering (configurations X-N, and X-Y-N)	35
Installing servers	38
Installing LDD components silently	39
Upgrading to LDD 4.6	40
Using Kerberos authentication	42
Configuring Kerberos authentication on printers	42
Configuring LDD servers for Kerberos authentication	43
Monitoring and maintaining the system	45
Using Lexmark Management Console	45
Accessing Lexmark Management Console	45
Changing the administrator user name	46
Changing the administrator password	46
Enabling LDAP server authentication for LMC	46
Assigning privileges to groups	47
Device Groups tab tasks	49
Software Client Groups tab tasks	50
Devices tab tasks	51
Solutions tab tasks	52
E-Forms tab tasks	52
Services tab tasks	52
System tab tasks	53
Finding basic information	53
Understanding the Home tab	53
Understanding the status bar	54
System status information on the status bar and Home tab	54
Viewing information summaries for LDD elements	55
Viewing jobs or system logs	55
Customizing columns for jobs and system logs	56
Viewing device group profile settings	56
Viewing software client group profiles	56
Viewing forms associated with a solution	56
Viewing version information	57
Managing the LDD system	57
Viewing and changing server status	57
Viewing and managing scheduled tasks	57
Configuring the confirmation page	58
Adding servers to the system after initial installation	59
Changing the IP address on a configuration 1 system	59
Rebooting the LDD system	60
Restarting the Lexmark Solutions Application Server	61
Uninstalling LDD components	62
Updating the Advanced Prompting Bundle	63
Managing system performance	63
Accessing the System Health dashboard	63
Monitoring system health	63
Adjusting limits on concurrent jobs	64
Tuning the load balancer for unequal servers	65
Assigning servers to only run LMC or process jobs	65
Configuring chunk size for device discovery and policy updates	66
Configuring communications	66
Configuring connection to an SMTP server	66
Configuring NPA device communication	67
Configuring SNMP for discovering printers	67
Configuring device security	67
Managing licenses	68
Finding the host ID	68
Viewing or downloading existing licenses	68
Upgrading the license of an existing server	69
Adding an MFP, e-forms virtual printer, or software client license to an existing server	71
Re-hosting licenses	73
Using the Solution Status Page	74
Accessing the Solution Status Page	74
Understanding status information	74
Repairing common server problems	77
Adding printers to a server	77
Adding licenses to a server	78
Removing printers	79
Managing reports	79
Running a report	79
Scheduling a report	80
Using built-in reports	81
Adding a report	82
Editing report settings	83
Removing a report	83
Configuring default report options	83
Creating custom reports	84
Using special LDD parameters	84
Querying the database	84
Using included subreports	85
Backup and disaster recovery	86
Scheduling automatic backups	86
Recovering backup data with a new installation	87
Installing new servers during recovery	88
Connecting existing servers during recovery	88
Recreating LDD printer ports after an address change	89
Manually backing up databases	90
Managing solutions	91
Understanding the solution deployment process	91
Understanding solution settings	91
Uploading solutions to the LDD system	91
Configuring global solution settings	92
Editing local settings for a deployed or assigned solution	92
Configuring an eSF application associated with a solution	93
Managing solution-related files	93
Removing solutions	93
Managing device groups and devices	95
Creating and populating device groups	95
Understanding device groups	95
Creating a device group	95
Creating a device group from an existing device group	96
Configuring timeout for policy updates	96
Creating a new discovery profile	96
Importing a list of printers to a device group	97
Discovering printers	98
Discovering missing printers	98
Viewing all printers with outdated policies	99
Scheduling a discovery task	99
Deploying solutions to a device group	99
Customizing the home screen for a device group	100
Updating policies for device groups	104
Scheduling policy updates	104
Enabling secure communication between servers and printers in a device group	105
Disabling validation of eSF application deployment	105
Using the Devices tab	106
Searching for devices	106
Editing the home screen layout on specific devices	106
Viewing device profiles	107
Updating device policies	107
Removing devices from the system	107
Managing software clients	109
Understanding software clients and software client groups	109
Understanding dynamic prompting support	110
Understanding software client setup	110
Creating and populating software client groups	111
Creating a software client group	111
Adding software clients to a software client group	111
Importing software clients to a software client group	112
Assigning solutions to a software client group	112
Installing client software	112
Installing client software on a Microsoft Cluster Server	113
Adding LDD printers on a client workstation or print server	113
Increasing LDD print queue availability using printer pooling	115
Testing and using Lexmark Document Distributor solutions	116
Using a solution from a printer	116
Using LDD print queues	117
Using Select'N'Send	118
Using the Select'N'Send GUI	118
Using Select'N'Send from the command line	120
Scheduling scripts	120
Viewing logs	122
Viewing installation logs	122
Viewing the server log	122
Viewing the Embedded Solutions Diagnostic Log	123
Troubleshooting	124
Solving problems with LMC	124
The browser displays a 5yy error when accessing LMC	124
LMC responds very slowly	124
LMC does not finish loading or data is missing	125
An error occurs when uploading a formset	125
Reports are not displayed when run	125
User cannot access some tasks in LMC	125
User can still access tasks even after privileges are removed	125
The Solutions tab and the eSF Configuration task for device groups do not function	125
Jobs do not respond after an error occurred	125
Solving problems with discovery	126
Discovery and policy updates running slowly	126
Discoveries frequently time out	126
Some printers on the network cannot be discovered	126
Solving server and printer problems	127
One or more servers cannot be set online	127
One or more servers cannot be set offline	127
Error in importing a license	127
LDSS Server is unavailable message appears on the printer control panel	128
The server log contains Quartz errors	129
Kerberos authentication is not working	129
An expected icon does not appear on the home screen after solution deployment	130
Policy updates failed for a printer	131
The printer only returns to the home screen after attempting to execute an LDD profile	131
The solution stops responding	132
The solution cannot connect to the network	132
Solving problems with client software	133
Cannot create new Lexmark Document Server ports	133
System processes terminate unexpectedly when creating a Lexmark Document Server port	133
Cannot create or configure a Lexmark Document Server port in Windows Vista or Windows Server 2008	133
Jobs are not sent to the LDD system when using LDD printers	134
Select'N'Send cannot send files to LDD	134
Solutions are receiving inaccurate page counts	134
Notices	136
Edition notice	136
Trademarks	136
UNITED STATES GOVERNMENT RIGHTS	136
The Apache Software License, Version 1.1	137
Apache License Version 2.0, January 2004	137

Match case Limit results 1 per page

Using Kerberos authentication

If a user logs on at a printer using Kerberos, the credentials can be used by the LDD system to manipulate files on the

network and interact with ECM systems on behalf of the user.

Notes:

•

SSL is required to use Kerberos authentication with an LDD system, and secure communication between printers

and servers must be enabled for any device group that uses a solution with Kerberos authentication. For more

information, see “Enabling secure communication between servers and printers in a device group” on

page 105.

•

The date and time must be correct on the printer, LDD server, and KDC server when using Kerberos

authentication.

Configuring Kerberos authentication on printers

Notes:

•

The following procedure applies to e

‑

Task 2+ printers. If these steps do not apply to your printer, then see the

documentation that came with your printer.

•

The names and locations of some links differ depending on the firmware installed on your printer. Where

multiple link names or locations are specified below, click the specified link that appears for your printer.

Type the printer IP address or host name in the address field of your Web browser to access the printer Embedded

Web Server.

Note:

If you do not know the IP address or host name of the printer, then you can:

•

View the information on the printer control panel home screen, or in the TCP/IP section under the

Networks/Ports menu.

•

Print a network setup page or menu settings page and locate the information in the TCP/IP section.

Click

Settings

Security

Security Setup

Configure the connection to the Kerberos Domain Controller:

In the “Step 1: Configuring a Security Building Block” section, click

Kerberos 5

Select a configuration method:

•

To import a Kerberos configuration file, which allows more control over Kerberos tickets, use the Import

Kerberos File section:

Click

Browse

to find the krb5.conf file.

Click

Submit

Notes:

–

Click

Delete File

to remove the Kerberos configuration file from the printer.

–

Click

View File

to view the Kerberos configuration file for the printer.

The following example represents a minimal configuration file:

[libdefaults]

default_realm = MY.REALM

kdc_timesync = 1

forwardable = true

[realms]

Installing Lexmark Document Distributor