Lexmark X782e PKI-Enabled Pre-Installation Guide

Lexmark X782e Manual

Get Lexmark X782e PDF manuals and user guides View all Lexmark X782e manuals
Add to My Manuals
Save this manual to your list of manuals

Lexmark X782e manual content summary:

  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 1
    PKI-Enabled MFP Pre-Installation Guide Version 2.0.0 www.lexmark.com
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 2
    with other products, programs, or services, except those expressly designated by the manufacturer, are the user's responsibility. ImageQuick, Optra, Lexmark, and Lexmark with diamond design are trademarks of Lexmark International, Inc. registered in the United States and/or other countries. Other
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 3
    4.2 Fax...17 4.3 FTP...18 5 PKI/AD Email Configuration 19 5.1 Email User Authorization 19 5.2 Email Server Setup ...19 5.3 User Options ...20 5.4 From Address...21 5.4.1 Card Email Address 21 5.4.2 LDAP Lookup...21 5.5 To Address ...22 5.6 Email Signing and Encryption 23 Version 2.0.0 Page ii
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 4
    PKI Pre-Installation Guide 5.6.1 Email Signing...23 5.6.2 Email Encryption 24 5.6.3 Results...24 6 PKI/AD Scan to Network Configuration 26 6.1 General Settings ...26 6.2 Fileshare Settings ...26 6.3 Fileshare Examples ...28 7 Finding Configuration Information 30 7.1 Kerberos Realm ...30 7.2
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 5
    the PKI applications on the Multi-Function Printer (MFP) once it has been installed. The data collected using this pre-installation guide will be needed to complete the installation instructions in the Lexmark PKI-Enabled MFP Installation and Configuration Guide. If you have questions about the
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 6
    Installation Guide 1.3 SmartCard Contents The SmartCard contains at least two certificates: • Identity • Email The identity certificate is not used by this application. The Email documentation (http://support.microsoft.com/kb/281245) for this requirement. • User Configuration Information o Universal
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 7
    following table lists the default ports needed based on the features that are used. Port Protocol 25 SMTP 53 DNS 80 Web 88 Kerberos 389 LDAP (non-SSL) 445 Windows File Sharing 636 LDAP (SSL) Required by which Feature Scan to Email DNS Lookups Web Configuration / OCSP Validation Active Directory
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 8
    Pre-Installation Guide 2 Basic Network Configuration This section is used to help get the device setup on the network. Even if the device has already been added to the network, please complete this section so that this information can be used as needed. 2.1 IP Address The device can be configured
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 9
    Domain Name □ Different Domain 3. What domain is the LDAP Server assigned to? □ Same as Printer Domain Name □ Same as Domain Controller Domain Name □ Different Domain 4. If scanning to the user's home directory will be enabled, the domain of the file servers hosting the directories will be
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 10
    -Installation Guide 2.5 Default LDAP Configuration Many of the PKI Applications utilize LDAP to perform queries that are used for getting other information about the authenticated user (such as home directory or email address) or for searching the address book when sending emails. The MFP supports
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 11
    supports anonymous binding, the authenticated user's credentials, or a service account using a Distinguished Name and password. □ Anonymous □ User's Credentials (Cannot be used in Pin Only mode) □ Service Account Distinguished Name Password: _________ To be provided at installation _________
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 12
    logout decisions to make prior to installing the application on the device. 3.1 Login Screen There are several options available for configuring what is displayed on the Login Screen. These options control which MFP functions are available without authenticating the user and the text and graphic
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 13
    to the MFP. The user can insert his/her card or username and password to gain access to all device functions. Check the box below to indicate the desired logon method. □ Card Only □ Manual Login Only □ Card or Manual Login 3.1.5 Display MFP Info The MFP can be configured to display various
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 14
    -Installation Guide 3.1.6 Display Printer Status When there is an error or warning on the MFP, a "Status/Supplies" button is displayed on the welcome screen in the lower right corner. The PKI Authentication application can be configured to display the error or warning on the login screen. The user
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 15
    PKI Pre-Installation Guide IP Address or Name IP Address or Name IP Address or Name 2. Kerberos Realm (which is typically the Windows Domain Name). There is usually only one, but if more than one realm is used, a Kerberos Configuration File will need to be uploaded to the MFP. See section
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 16
    Installation Guide MFP previously installed on the MFP. MFP the MFP Chain configuration information needed varies according to the Domain Controller Validation method selected. Check the box below to indicate the desired method. □ MFP Certificate Validation □ MFP installed on the device. If MFP install
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 17
    Installation Guide 1. IP address or name of an OCSP Responder/Repeater along with the port being used. The default that the MFP should user's card. 1. The useful information on the card is described in User Configuration Information on page 2. Check the box next to the card information to use: □ User
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 18
    PKI Pre-Installation Guide LDAP Attribute 3.2.2.2 Manual Login Configuration If manual login is allowed, a button appears in the lower right corner of the login screen that says "Login". The user will press the Login button and be prompted for their username and password. 1. The default domain to
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 19
    this is the typical answer), check the Default Configuration option. To define a separate LDAP Configuration to use for this lookup, check one of the Custom Configuration options and complete the appropriate section. Check the box below to indicate the LDAP directory setup that will be used: □ LDAP
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 20
    PKI Pre-Installation Guide inserted in the reader, the PKI Authentication application will automatically logout and return to the enter pin screen (if using a SmartCard) or the login screen (if using manual login). This prevents another person from using the device in the event someone walks away
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 21
    installed and the User Authorization setting in that application must be enabled and configured. (See section 3.3 for more information.) To disable any of the standard device functions for all users, see the MFP Configuration Guide be left open for all authenticated users or it can be restricted to
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 22
    Pre-Installation Guide 1. If User Authorization is enabled, it can be used to restrict access to the Fax function. For fax access, select the appropriate authorization setting. □ All Users Can Send Faxes - no restrictions □ Only Users in the Groups specified in item 2 can use send faxes □ All Users
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 23
    Pre-Installation Guide 5 PKI/AD Email Configuration This application is used to enhance the standard email functionality available on the device. The enhanced features available include: • User Authorization to restrict access to certain Active Directory Groups • Greater control of the Email User
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 24
    PKI Pre-Installation Guide IP Address or Name Port: _______ 2. SMTP servers may require some type of authentication before allowing an email to be sent. Select the authentication required by the SMTP Server. □ Anonymous □ User's Credentials □ Service Account Distinguished Name Password To be
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 25
    Pre-Installation Guide 3. Default scan options (such as format, paper size, duplex, etc) are configured on the device for all emails sent from the device. The user can also be given the option to change the options. Is the user allowed to change the scan options? □ Yes □ No 4. By default, after
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 26
    PKI Pre-Installation Guide □ LDAP - Default Configuration (as specified in section 2.5) □ LDAP - Configuration 1 (as specified in section 8.1) □ LDAP - Configuration 2 (as specified in section 8.2) □ LDAP - Configuration 3 (as specified in section 8.3) 2. Regardless of the LDAP configuration used,
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 27
    Pre-Installation Guide 4. The application can be configured to allow the user to search the global address list or book (also known as the GAL). Specify which LDAP Configuration should be used for this capability. □ LDAP - Default Configuration (as specified in section 2.5) □ LDAP - Configuration
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 28
    PKI Pre-Installation Guide 5.6.2 Email Encryption Emails can only be encrypted when the encryption certificate can be found for each of the recipients - this limits encrypted emails to those users in the global address book. The encryption certificate on the card (if available) is used for the
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 29
    PKI Pre-Installation Guide Email Signing Disabled Always Sign Prompt User Email Encryption Disabled Disabled Disabled Result Email is sent without signing or encryption. Email is sent with digital signature but no encryption. User is prompted with: Do Not Sign the Email Sign the Email Disabled
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 30
    PKI Pre-Installation Guide 6 PKI/AD Scan to Network Configuration The PKI Scan To Network application provides the ability to scan pages and store the resulting image onto a network fileshare. This application cannot be used in Pin Only mode. 6.1 General Settings 1. An icon is displayed on the
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 31
    . The value replacing "%u" is: □ User Principal Name □ Email Address □ EDI-PI □ LDAP Lookup using LDAP Configuration: □ LDAP - Default Configuration (as specified in section 2.5) □ LDAP - Configuration 1 (as specified in section 8.1) □ LDAP - Configuration 2 (as specified in section 8.2) □ LDAP
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 32
    PKI Pre-Installation Guide 6. Default Filename. The default filename for the scanned file can be specified. The default value is scanned-image. Default Filename 7. Rename File. The default filename can optionally be renamed by the user at scan time. The default value is to allow the user to
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 33
    PKI Pre-Installation Guide 2. Department Fileshare Display Name: UNC Path: Replacement Value: Replacement Lookup: Replacement Attribute: Dept A Files \\fileserver\deptshares\depta Not Used Not Used Not Used 3. Fileshare based on User's Windows ID Display Name: S: Drive UNC Path: \\fileserver
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 34
    Installation Guide 7 Finding Configuration Information The sections describe various methods for obtaining some of the configuration LEXMARK.COM TargetDomainName: SMARTCARD.BP.LEXMARK.COM AltTargetDomainName: SMARTCARD.BP.LEXMARK .exe" is installed. Run this program from the command line as follows:
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 35
    suffice and this step can be skipped. However, if your Kerberos setup involves multiple realms or requires other advanced settings, a Kerberos Configuration file must be created and downloaded to the MFP. The Kerberos configuration file is an industry standard formatted file. An example is below
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 36
    IETF specification and those supporting the Microsoft implementations. This configuration flag informs the firmware to use the Microsoft format for PKINIT protocol commands. pkinit_win2k = yes pkinit_win2k_require_binding = no } [domain_realm] Define a mapping between domain names found in the user
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 37
    Installation Guide mil = #####_DOMAIN.NAME.MIL_##### If this configuration file is needed, use the above template to create the file and have it ready at install support tools. LDP may already be loaded on a workstation. LDP has a less friendly user can typically be downloaded from an internal
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 38
    PKI Pre-Installation Guide 8 Custom LDAP Configurations Up to three custom LDAP Configurations in addition to the default LDAP configuration provided for Address Book Lookups can be specified on the device. If the default LDAP configuration can be used for all lookups, this section can skipped.
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 39
    something like "ou=installation,dc=branch,dc=mil") 9. Access rights needed to access the LDAP directory: □ Anonymous □ User's Credentials (Cannot be used in Pin Only mode) □ Service Account Distinguished Name Password: _________ To be provided at installation _________ Version 2.0.0 Page 35
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 40
    something like "ou=installation,dc=branch,dc=mil") 9. Access rights needed to access the LDAP directory: □ Anonymous □ User's Credentials (Cannot be used in Pin Only mode) □ Service Account Distinguished Name Password: _________ To be provided at installation _________ Version 2.0.0 Page 36
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 41
    something like "ou=installation,dc=branch,dc=mil") 9. Access rights needed to access the LDAP directory: □ Anonymous □ User's Credentials (Cannot be used in Pin Only mode) □ Service Account Distinguished Name Password: _________ To be provided at installation _________ Version 2.0.0 Page 37
  • Lexmark X782e | PKI-Enabled Pre-Installation Guide - Page 42
    Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or other countries. © 2007 Lexmark International, Inc. 740 West New Circle Road Lexington, KY 40550 www.lexmark.com
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
PKI-Enabled MFP
Pre-Installation Guide
Version 2.0.0
www.lexmark.com