Lexmark X864 PKI-Enabled Device Installation and Configuration Guide - Page 14

User Session and Access Control, Advanced Settings

Get Lexmark X864 PDF manuals and user guides View all Lexmark X864 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

User Session and Access Control 1 From the Embedded Web Server, click Settings > Embedded Solutions > PKI Authentication > Configure. 2 Under User Session and Access Control, select a Session Userid to determine how the Windows User ID will be obtained when a user attempts to log in: • None-The userid is not set. You can select this option if the userid is not needed by other applications. • User Principal Name-The SmartCard principal name, or the credential provided by manual login is used to set the userid (userid@domain). • EDI-PI-The userid portion of the SmartCard principal name, or the credential provided by manual login is used to set the userid (userid). • LDAP Lookup-The userid is retrieved from Active Directory. 3 Select Use SSL for User Info if you want to use an SSL connection when performing an LDAP lookup to retrieve additional user information from the domain controller. 4 Select Share Session with LDD if you want to allow user information to be shared with Lexmark Document Distributor (LDD). Note: This may be required for LDD solutions to function properly. 5 Use Other User Attributes to list LDAP attributes that should be added to a user's session. This information would normally be used by other applications (such as LDD). Multiple values can be entered, separated by commas. 6 Use the Group Authorization List to allow only users in certain Active Directory groups access to specific printer functions, such as color printing. Multiple groups can be entered, separated by commas. Leave blank if not using group authorization. 7 From Device Access Control, select which Access Control should be used to authenticate and authorize users. Solution-specific access control 1 is the default and recommended setting. 8 Continue to Advanced Settings, or click Apply at the bottom of the screen to save changes. Advanced Settings Not all networks will require the advanced settings. Adjust them as needed to allow the printer to communicate on your network. 1 From the Embedded Web Server, click Settings > Embedded Solutions > PKI Authentication > Configure. 2 Select Disable Reverse DNS Lookups if they are not supported on your network. 3 To use only the information provided by the specified LDAP server, select Disable LDAP Referrals. Note: Leaving LDAP referrals enabled can increase LDAP search times. 4 If DNS is not enabled on the network, or if some servers are multi-homed, click Browse to locate a Hosts File with hostname-IP address mappings. 5 Click Apply. Configuring PKI-enabled devices 14

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
User Session and Access Control
1
From the Embedded Web Server, click
Settings
>
Embedded Solutions
>
PKI Authentication
>
Configure
.
2
Under User Session and Access Control, select a Session Userid to determine how the Windows User ID will be
obtained when a user attempts to log in:
None
—The userid is not set. You can select this option if the userid is not needed by other applications.
User Principal Name
—The SmartCard principal name, or the credential provided by manual login is used to
set the userid (userid@domain).
EDI-PI
—The userid portion of the SmartCard principal name, or the credential provided by manual login is
used to set the userid (userid).
LDAP Lookup
—The userid is retrieved from Active Directory.
3
Select
Use SSL for User Info
if you want to use an SSL connection when performing an LDAP lookup to retrieve
additional user information from the domain controller.
4
Select
Share Session with LDD
if you want to allow user information to be shared with
Lexmark Document
Distributor
(LDD).
Note:
This may be required for LDD solutions to function properly.
5
Use Other User Attributes to list LDAP attributes that should be added to a user's session. This information would
normally be used by other applications (such as LDD). Multiple values can be entered, separated by commas.
6
Use the Group Authorization List to allow only users in certain Active Directory groups access to specific printer
functions, such as color printing. Multiple groups can be entered, separated by commas. Leave blank if not using
group authorization.
7
From Device Access Control, select which Access Control should be used to authenticate and authorize users.
Solution-specific access control 1 is the default and recommended setting.
8
Continue to Advanced Settings, or click
Apply
at the bottom of the screen to save changes.
Advanced Settings
Not all networks will require the advanced settings. Adjust them as needed to allow the printer to communicate on
your network.
1
From the Embedded Web Server, click
Settings
>
Embedded Solutions
>
PKI Authentication
>
Configure
.
2
Select
Disable Reverse DNS Lookups
if they are not supported on your network.
3
To use only the information provided by the specified LDAP server, select
Disable LDAP Referrals
.
Note:
Leaving LDAP referrals enabled can increase LDAP search times.
4
If DNS is not enabled on the network, or if some servers are multi-homed, click
Browse
to locate a Hosts File with
hostname-IP address mappings.
5
Click
Apply
.
Configuring PKI-enabled devices
14