Lexmark T652DTN Embedded Web Server Administrator's Guide - Page 6

Groups, Access Controls, Security Templates

Get Lexmark T652DTN - Taa/gov Compliant PDF manuals and user guides
UPC - 734646317368
View all Lexmark T652DTN manuals
Add to My Manuals
Save this manual to your list of manuals

Page 6 highlights

Groups Administrators can designate up to 32 groups to be used in association with either the Internal accounts or LDAP/LDAP+GSSAPI building blocks. For the purposes of Embedded Web Server security, groups are used to identify sets of users needing access to similar functions. For example, in Company A, employees in the warehouse do not need to print in color, but those in sales and marketing use color every day. In this scenario, it makes sense to create a "Warehouse" group, and a "Sales and Marketing" group. Access Controls By default, all device menus, settings, and functions come with no security enabled. Access Controls (also referred to in some devices as "Function Access Controls"), are used to manage access to specific menus and functions or to disable them entirely. Access controls can be set using a password, PIN, or security template. The number of functions that can be controlled varies depending on the type of device, but in some multifunction printers, over 40 individual menus and functions can be protected. Note: For a list of individual Access Controls and what they do, see "Menu of Access Controls" on page 29. Security Templates Some scenarios call for only basic security such as PIN-protected access to common device functions, while others require tighter security and role-based restrictions. Individually, building blocks, groups, and access controls may not meet the needs of a complex security environment. In order to accommodate users in different groups needing access to a common set of functions such as printing, copying, and faxing, administrators must be able to combine these components in ways that give all users the functions they need, while restricting other functions to only authorized users. A Security Template is a profile constructed using a building block, or certain building blocks paired with one or more groups. How they are combined determines the type of security created: Building block Type of security Internal Accounts Authentication only Internal Accounts with Groups Authentication and authorization Kerberos 5 Authentication only LDAP Authentication only LDAP with Groups Authentication and authorization LDAP + GSSAPI Authentication only LDAP + GSSAPI with Groups Authentication and authorization Password Authorization only PIN Authorization only Each device can support up to 140 security templates, allowing administrators to create very specific profiles-or roles-for each access control. Using security features in the Embedded Web Server 6

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
Groups
Administrators can designate up to 32 groups to be used in association with either the Internal accounts or
LDAP/LDAP+GSSAPI building blocks. For the purposes of Embedded Web Server security, groups are used to identify
sets of users needing access to similar functions. For example, in Company A, employees in the warehouse do not
need to print in color, but those in sales and marketing use color every day. In this scenario, it makes sense to create
a “Warehouse” group, and a “Sales and Marketing” group.
Access Controls
By default, all device menus, settings, and functions come with no security enabled. Access Controls (also referred
to in some devices as “Function Access Controls”), are used to manage access to specific menus and functions or to
disable them entirely. Access controls can be set using a password, PIN, or security template. The number of functions
that can be controlled varies depending on the type of device, but in some multifunction printers, over 40 individual
menus and functions can be protected.
Note:
For a list of individual Access Controls and what they do, see “Menu of Access Controls” on page 29.
Security Templates
Some scenarios call for only basic security such as PIN-protected access to common device functions, while others
require tighter security and role-based restrictions. Individually, building blocks, groups, and access controls may
not meet the needs of a complex security environment. In order to accommodate users in different groups needing
access to a common set of functions such as printing, copying, and faxing, administrators must be able to combine
these components in ways that give all users the functions they need, while restricting other functions to only
authorized users.
A
Security Template
is a profile constructed using a building block, or certain building blocks paired with one or more
groups. How they are combined determines the type of security created:
Building block
Type of security
Internal Accounts
Authentication only
Internal Accounts with Groups
Authentication and authorization
Kerberos 5
Authentication only
LDAP
Authentication only
LDAP with Groups
Authentication and authorization
LDAP + GSSAPI
Authentication only
LDAP + GSSAPI with Groups
Authentication and authorization
Password
Authorization only
PIN
Authorization only
Each device can support up to 140 security templates, allowing administrators to create very specific profiles—or
roles—for each access control.
Using security features in the Embedded Web Server
6