Lexmark X652DE Common Criteria Installation Supplement and Administrator Guide - Page 34

Creating security templates using the EWS

Get Lexmark X652DE - Mfp Taa Gov Compliant PDF manuals and user guides
UPC - 734646093835
View all Lexmark X652DE manuals
Add to My Manuals
Save this manual to your list of manuals

Page 34 highlights

Creating security templates using the EWS A security template is assigned to each device function, to control which users are permitted to access that function. At a minimum, you must create two security templates: one for "Administrator_Only" and one for "Authenticated_Users". If there is a need to grant access to some functions while restricting others, you can create additional security templates such as "Administrator_Reports", or "Color_User". Each template will be populated with groups containing users authorized to access the functions protected by that template. A "PKI Authentication" security template is created automatically when you configure PKI Authentication. 1 From the EWS, click Settings > Security > Security Setup. Note: For information about accessing the EWS, see "Using the Embedded Web Server" on page 15. Be sure to disable HTTP and HTTPS access after you have finished using the EWS. 2 Under Advanced Security Setup, Step 2, select Security Template. 3 Under Manage Security Templates, select Add a Security Template. 4 In the Security Templates Name field, type a unique name for the template. It can be helpful to use a descriptive name, such as "Administrator _ Only", or "Authenticated_Users." 5 From the Authentication list, select a method for authenticating users. This list will be populated with the authentication building blocks that have been configured on the MFP (internal accounts, LDAP+GSSAPI, and/or PKI Authentication). Notes: • Because a PKI Authentication security template is created when you configure PKI Authentication, the PKI Authentication building block would be used only when modifying other security templates to add authorization. • Even if it has been configured, PKI Authentication will not be displayed in the list of available building blocks if the application is in a "Stopped" state. For information about starting PKI Authentication, see "Configuring Common Access Card access" on page 32. 6 Click Add authorization, and then select from the Authorization Setup list. This list will be populated with the authentication building blocks that have been configured on the MFP (internal accounts, LDAP+GSSAPI, and/or PKI Authentication). 7 Click Modify Groups, and then select one or more groups to include in the security template. Hold down the Ctrl key to select multiple groups. 8 Click Save Template. Modifying or deleting an existing security template 1 From the EWS, click Settings > Security > Security Setup. 2 Under Advanced Security Setup, Step 2, select Security Template. 3 Select a security template from the list. 4 Edit the fields as necessary. 5 Click Modify to save changes, or Cancel to retain previously configured values. 34

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
Creating security templates using the EWS
A security template is assigned to each device function, to control which users are permitted to access that function.
At a minimum, you must create two security templates: one for "Administrator_Only" and one for
"Authenticated_Users". If there is a need to grant access to some functions while restricting others, you can create
additional security templates such as “Administrator_Reports”, or “Color_User”. Each template will be populated with
groups containing users authorized to access the functions protected by that template. A “PKI Authentication”
security template is created automatically when you configure PKI Authentication.
1
From the EWS, click
Settings
>
Security
>
Security Setup
.
Note:
For information about accessing the EWS, see “Using the Embedded Web Server” on page 15. Be sure to
disable HTTP and HTTPS access after you have finished using the EWS.
2
Under Advanced Security Setup, Step 2, select
Security Template
.
3
Under Manage Security Templates, select
Add a Security Template
.
4
In the Security Templates Name field, type a unique name for the template. It can be helpful to use a descriptive
name, such as ”Administrator _ Only”, or “Authenticated_Users.”
5
From the Authentication list, select a method for authenticating users. This list will be populated with the
authentication building blocks that have been configured on the MFP (internal accounts, LDAP+GSSAPI, and/or
PKI Authentication).
Notes:
Because a PKI Authentication security template is created when you configure PKI Authentication, the PKI
Authentication building block would be used only when modifying other security templates to add
authorization.
Even if it has been configured, PKI Authentication will not be displayed in the list of available building blocks
if the application is in a “Stopped” state. For information about starting PKI Authentication, see “Configuring
Common Access Card access” on page 32.
6
Click
Add authorization
, and then select from the Authorization Setup list. This list will be populated with the
authentication building blocks that have been configured on the MFP (internal accounts, LDAP+GSSAPI, and/or
PKI Authentication).
7
Click
Modify Groups
, and then select one or more groups to include in the security template. Hold down the Ctrl
key to select multiple groups.
8
Click
Save Template
.
Modifying or deleting an existing security template
1
From the EWS, click
Settings
>
Security
>
Security Setup
.
2
Under Advanced Security Setup, Step 2, select
Security Template
.
3
Select a security template from the list.
4
Edit the fields as necessary.
5
Click
Modify
to save changes, or
Cancel
to retain previously configured values.
34