Home » Lexmark Manuals » Multifunction Devices » Lexmark X925 » Manual Viewer

Lexmark X925 Lexmark Document Distributor - Page 43

Configuring LDD servers for Kerberos authentication, Return to Edit security Setup

Add to My Manuals
Save this manual to your list of manuals

Page 43 highlights

Installing Lexmark Document Distributor 43 MY.REALM = { kdc = MY.KDC.ADDRESS } When a configuration file is used, tickets should be marked forwardable by default. Tickets must be forwardable in order to forward them to the LDD system. For more information about configuration files, see the Kerberos documentation. • To use a simple Kerberos setup, use the Simple Kerberos Setup section: 1 In the KDC Address field, type the key distribution center (KDC) address. 2 In the KDC Port field, type the number of the port (1-88) used by the Kerberos server. The default is 88. 3 In the Realm field, type the realm used by the Kerberos server. 4 Click Submit. c Click Test Setup to verify that the Kerberos configuration file for the selected device is functional. d Click Return to Edit security Setup. 4 Add a security template: a In the "Step 2: Set up a Security Template" section, click Security Template. b Click Add a Security Template. c Type a security template name. d Select the Kerberos_Building_Block authentication setup. e Click Save Template > Return to Security Setup. 5 Configure access controls for profiles: a In the "Step 3: Apply your Security Template to one or more Access Controls." section, click Access Controls. b Apply the security template to either all profiles or a specific profile: • To apply the security template to all profiles on the printer, including eSF applications, select the security template you created beside Use Profiles. • To apply the security template to an individual profile: 1 Determine the access control number of the profile: Note: Keep the printer Embedded Web Server open while accessing LMC. a From the Device Groups tab in LMC, select the device group that contains the printer and the solution. b Select the Profiles task. c In the main window, select the tab that corresponds to the device class of the printer. d Find the number beside Access Control. Note: If 0 appears beside Access Control, then no access control number has been assigned to the profile. For more information, contact the developer of the solution. 2 From the Access Controls page in the printer Embedded Web Server, locate the setting between Solution 1 and Solution 10 that corresponds to the access control number assigned to the profile, and select the security template you created. c Click Submit. Depending on the overall authentication setup on the printer, the user is required to provide authentication either before accessing the home screen or when accessing an LDD profile from the printer. Configuring LDD servers for Kerberos authentication When using Kerberos authentication, you may need to configure Kerberos on each LDD server in your system.

Section	Page
Contents	2
Lexmark Document Distributor overview	8
Understanding the stages of a job	8
Document capture	8
Document processing	8
Document routing	8
Confirmation	9
Understanding the Lexmark Document Distributor system	9
System components	9
Reliability, scalability, and disaster recovery	10
Workflow solutions	11
Client software	12
Lexmark Management Console	12
Security overview	12
System setup overview	13
Supported printers	13
Supported ECM platforms	17
Installing Lexmark Document Distributor	18
Minimum and recommended system requirements	18
Avoiding conflicts with other software	21
Ports used by the LDD system	21
Activating LDD licenses	22
Understanding installation types	26
Installing a workgroup system	27
Configuration type for workgroup systems	27
Installation overview for a workgroup system	27
Installing system components in a workgroup system	27
Installing an enterprise system	28
Configuration types for enterprise systems	28
System sizing guidelines	31
Installation overview for an enterprise system	32
Using Oracle database with LDD	33
Installing the database and load balancer without clustering (configurations 1, 1-N, and 1-1-N)	33
Installing the database and load balancer with clustering (configurations X-N, and X-Y-N)	35
Installing servers	38
Installing LDD components silently	39
Upgrading to LDD 4.6	40
Using Kerberos authentication	42
Configuring Kerberos authentication on printers	42
Configuring LDD servers for Kerberos authentication	43
Monitoring and maintaining the system	45
Using Lexmark Management Console	45
Accessing Lexmark Management Console	45
Changing the administrator user name	46
Changing the administrator password	46
Enabling LDAP server authentication for LMC	46
Assigning privileges to groups	47
Device Groups tab tasks	49
Software Client Groups tab tasks	50
Devices tab tasks	51
Solutions tab tasks	52
E-Forms tab tasks	52
Services tab tasks	52
System tab tasks	53
Finding basic information	53
Understanding the Home tab	53
Understanding the status bar	54
System status information on the status bar and Home tab	54
Viewing information summaries for LDD elements	55
Viewing jobs or system logs	55
Customizing columns for jobs and system logs	56
Viewing device group profile settings	56
Viewing software client group profiles	56
Viewing forms associated with a solution	56
Viewing version information	57
Managing the LDD system	57
Viewing and changing server status	57
Viewing and managing scheduled tasks	57
Configuring the confirmation page	58
Adding servers to the system after initial installation	59
Changing the IP address on a configuration 1 system	59
Rebooting the LDD system	60
Restarting the Lexmark Solutions Application Server	61
Uninstalling LDD components	62
Updating the Advanced Prompting Bundle	63
Managing system performance	63
Accessing the System Health dashboard	63
Monitoring system health	63
Adjusting limits on concurrent jobs	64
Tuning the load balancer for unequal servers	65
Assigning servers to only run LMC or process jobs	65
Configuring chunk size for device discovery and policy updates	66
Configuring communications	66
Configuring connection to an SMTP server	66
Configuring NPA device communication	67
Configuring SNMP for discovering printers	67
Configuring device security	67
Managing licenses	68
Finding the host ID	68
Viewing or downloading existing licenses	68
Upgrading the license of an existing server	69
Adding an MFP, e-forms virtual printer, or software client license to an existing server	71
Re-hosting licenses	73
Using the Solution Status Page	74
Accessing the Solution Status Page	74
Understanding status information	74
Repairing common server problems	77
Adding printers to a server	77
Adding licenses to a server	78
Removing printers	79
Managing reports	79
Running a report	79
Scheduling a report	80
Using built-in reports	81
Adding a report	82
Editing report settings	83
Removing a report	83
Configuring default report options	83
Creating custom reports	84
Using special LDD parameters	84
Querying the database	84
Using included subreports	85
Backup and disaster recovery	86
Scheduling automatic backups	86
Recovering backup data with a new installation	87
Installing new servers during recovery	88
Connecting existing servers during recovery	88
Recreating LDD printer ports after an address change	89
Manually backing up databases	90
Managing solutions	91
Understanding the solution deployment process	91
Understanding solution settings	91
Uploading solutions to the LDD system	91
Configuring global solution settings	92
Editing local settings for a deployed or assigned solution	92
Configuring an eSF application associated with a solution	93
Managing solution-related files	93
Removing solutions	93
Managing device groups and devices	95
Creating and populating device groups	95
Understanding device groups	95
Creating a device group	95
Creating a device group from an existing device group	96
Configuring timeout for policy updates	96
Creating a new discovery profile	96
Importing a list of printers to a device group	97
Discovering printers	98
Discovering missing printers	98
Viewing all printers with outdated policies	99
Scheduling a discovery task	99
Deploying solutions to a device group	99
Customizing the home screen for a device group	100
Updating policies for device groups	104
Scheduling policy updates	104
Enabling secure communication between servers and printers in a device group	105
Disabling validation of eSF application deployment	105
Using the Devices tab	106
Searching for devices	106
Editing the home screen layout on specific devices	106
Viewing device profiles	107
Updating device policies	107
Removing devices from the system	107
Managing software clients	109
Understanding software clients and software client groups	109
Understanding dynamic prompting support	110
Understanding software client setup	110
Creating and populating software client groups	111
Creating a software client group	111
Adding software clients to a software client group	111
Importing software clients to a software client group	112
Assigning solutions to a software client group	112
Installing client software	112
Installing client software on a Microsoft Cluster Server	113
Adding LDD printers on a client workstation or print server	113
Increasing LDD print queue availability using printer pooling	115
Testing and using Lexmark Document Distributor solutions	116
Using a solution from a printer	116
Using LDD print queues	117
Using Select'N'Send	118
Using the Select'N'Send GUI	118
Using Select'N'Send from the command line	120
Scheduling scripts	120
Viewing logs	122
Viewing installation logs	122
Viewing the server log	122
Viewing the Embedded Solutions Diagnostic Log	123
Troubleshooting	124
Solving problems with LMC	124
The browser displays a 5yy error when accessing LMC	124
LMC responds very slowly	124
LMC does not finish loading or data is missing	125
An error occurs when uploading a formset	125
Reports are not displayed when run	125
User cannot access some tasks in LMC	125
User can still access tasks even after privileges are removed	125
The Solutions tab and the eSF Configuration task for device groups do not function	125
Jobs do not respond after an error occurred	125
Solving problems with discovery	126
Discovery and policy updates running slowly	126
Discoveries frequently time out	126
Some printers on the network cannot be discovered	126
Solving server and printer problems	127
One or more servers cannot be set online	127
One or more servers cannot be set offline	127
Error in importing a license	127
LDSS Server is unavailable message appears on the printer control panel	128
The server log contains Quartz errors	129
Kerberos authentication is not working	129
An expected icon does not appear on the home screen after solution deployment	130
Policy updates failed for a printer	131
The printer only returns to the home screen after attempting to execute an LDD profile	131
The solution stops responding	132
The solution cannot connect to the network	132
Solving problems with client software	133
Cannot create new Lexmark Document Server ports	133
System processes terminate unexpectedly when creating a Lexmark Document Server port	133
Cannot create or configure a Lexmark Document Server port in Windows Vista or Windows Server 2008	133
Jobs are not sent to the LDD system when using LDD printers	134
Select'N'Send cannot send files to LDD	134
Solutions are receiving inaccurate page counts	134
Notices	136
Edition notice	136
Trademarks	136
UNITED STATES GOVERNMENT RIGHTS	136
The Apache Software License, Version 1.1	137
Apache License Version 2.0, January 2004	137

Match case Limit results 1 per page

MY.REALM = {

kdc = MY.KDC.ADDRESS

}

When a configuration file is used, tickets should be marked forwardable by default. Tickets must be

forwardable in order to forward them to the LDD system.

For more information about configuration files, see the Kerberos documentation.

•

To use a simple Kerberos setup, use the Simple Kerberos Setup section:

In the KDC Address field, type the

key distribution center

(KDC) address.

In the KDC Port field, type the number of the port (

–

) used by the Kerberos server. The default is

In the Realm field, type the realm used by the Kerberos server.

Click

Submit

Click

Test Setup

to verify that the Kerberos configuration file for the selected device is functional.

Click

Return to Edit security Setup

Add a security template:

In the “Step 2: Set up a Security Template” section, click

Security Template

Click

Add a Security Template

Type a security template name.

Select the

Kerberos_Building_Block

authentication setup.

Click

Save Template

Return to Security Setup

Configure access controls for profiles:

In the “Step 3: Apply your Security Template to one or more Access Controls.” section, click

Access Controls

Apply the security template to either all profiles or a specific profile:

•

To apply the security template to all profiles on the printer, including eSF applications, select the security

template you created beside Use Profiles.

•

To apply the security template to an individual profile:

Determine the access control number of the profile:

Note:

Keep the printer Embedded Web Server open while accessing LMC.

From the Device Groups tab in LMC, select the device group that contains the printer and the solution.

Select the

Profiles

task.

In the main window, select the tab that corresponds to the device class of the printer.

Find the number beside Access Control.

Note:

appears beside Access Control, then no access control number has been

assigned to the profile. For more information, contact the developer of the solution.

From the Access Controls page in the printer Embedded Web Server, locate the setting between Solution

1 and Solution 10 that corresponds to the access control number assigned to the profile, and select the

security template you created.

Click

Submit

Depending on the overall authentication setup on the printer, the user is required to provide authentication either

before accessing the home screen or when accessing an LDD profile from the printer.

Configuring LDD servers for Kerberos authentication

When using Kerberos authentication, you may need to configure Kerberos on each LDD server in your system.

Installing Lexmark Document Distributor