Home » Ricoh Manuals » Printers » Ricoh InfoPrint Pro C900AFP » Manual Viewer

Ricoh InfoPrint Pro C900AFP InfoPrint Manager - Page 145

Identifying users and groups: wildcarding, Working with ACLs and groups, trainees, operators

Get Ricoh InfoPrint Pro C900AFP PDF manuals and user guides

View all Ricoh InfoPrint Pro C900AFP manuals

Add to My Manuals
Save this manual to your list of manuals

Page 145 highlights

the other groups, there are no default users created during installation. See InfoPrint Job Ticketer: Administrator's Guide for more information. 2. You can modify these groups as needed. In the example above, you could have simply added your operators to the default oper group and modified any permissions that weren't set to the level that you wanted them. 3. All fields, such as User IDs, group names, hostnames, and DNS suffixes, are case sensitive. You can add users to multiple groups, but you cannot make one group a member of another group. For example, if you hire five new print operators, you might create a group for them called trainees, since you only want them to have limited permissions until they are finished with their training. When they finish their training, you cannot add trainees as a member of the operators group. You will have to add their user IDs to the operators group one at a time. In addition, you will have to either delete the trainees group or delete the members from it-otherwise those users will have conflicting levels of permission. When users are members of more than one group and each group has a different level of permission for a particular object, the most restrictive permission applies. In the example above, if you forgot to remove the new employees from the trainees group at the end of their training, they wouldn't be able to perform the tasks their job required- they would still be restricted. Identifying users and groups: wildcarding When you add users to ACLs or Security groups, you identify them by their user ID and the computer that they work on in this format: username@computername. The permissions you assign will only apply when that person accesses InfoPrint Manager from that workstation. If, however, you or any of your users want to be able to work with InfoPrint Manager objects from various workstations, you might not want to add multiple user ID/computer name combinations for the same person-you can use wildcarding instead. When you use wildcarding, you replace the computer name or user ID with the wildcard character (*) when you add a member to an ACL or Security Group. The wildcard character stands for "any computer" or "any user ID." So, if you create an ACL member called administrator@*, no matter what computer you log on to as administrator, you have the same permissions. If you use the wildcard character before the computer name, for example *@computer, any user who logs on to computer1 can do the actions that the ACL member has permission for. Working with ACLs and groups Use the AIX SMIT utility to manage the security of your print system. Open an AIXterm window and enter smit on the command line. The line InfoPrint Printing System will appear as an option. By following the menu item to the right with your cursor, you can navigate the this directory structure of menu choices: Tab #1 InfoPrint Printing Systems→ Tab #2 Security→ Tab #3 Groups→ Choices Add Group Show Group Add User to Group Remove User from Group Chapter 11. Managing security for InfoPrint Manager for AIX 131

Section	Page
Figures	5
Tables	7
About this publication	9
The InfoPrint publication library	9
InfoPrint Manager common publication library	9
InfoPrint Manager for AIX publication library	10
InfoPrint Manager for Windows publication library	10
Related information	11
Manual (man) pages for InfoPrint commands, utilities, and transforms	12
Part 1. Administrative procedures: Configuring InfoPrint Manager	15
Chapter 1. Creating and managing servers	17
Preparing to create additional servers in a distributed environment	17
Creating additional servers or starting existing servers	18
Configuring servers with a mixed language environment	18
Shutting down a server	19
Chapter 2. Installing and configuring printer devices and related hardware	21
Configuring and Using InfoPrint Manager with the InfoPrint Color 130 Plus	21
System requirements	21
Defining the InfoPrint Color 130 Plus to InfoPrint Manager	22
Configuring the PSF TCP/IP printer in InfoPrint Manager	23
Verifying the size and location of the Input Manager workspace	23
Identifying where to store AFP resources	23
Specifying the color rasterized image processor (RIP) on this server	25
Changing the color rendering value	25
Configuring the InfoPrint 2000 model MS1 (non-AFCCU)	26
Matching media on the printer	27
Telling InfoPrint Manager what media is ready at the printer	27
Submitting jobs to the InfoPrint 2000 printer	29
InfoPrint mode	29
Passthru mode	29
Limitations that apply to the InfoPrint 2000 printer	30
Configuring InfoPrint Manager to use the InfoPrint 2090ES, 2105ES, 2060ES, 2075ES, 2085, and 2105 printers	31
Configuring as AIX or PSF Other printers to use Send and Save	31
Using Send and Save in InfoPrint Manager	31
Logging accounting information	33
Troubleshooting	33
Configuring as TCP/IP printers to use Booklet Maker	33
Booklet Maker	34
Configuring InfoPrint Manager to use the InfoPrint 2190, InfoPrint 2210, and InfoPrint 2235	34
Configuring as AIX or PSF Other printers to use Send and Save	34
Using Send and Save in InfoPrint Manager	35
Logging accounting information	36
Configuring as TCP/IP printers to use Booklet Maker	36
Booklet Maker	37
Configuring InfoPrint Manager to use the InfoPrint 4000 and 4100	37
Displaying the InfoPrint Manager Operations GUI from the Enhanced Operator Console	37
Limitations of actual screen frequencies and angles on InfoPrint 4000 and 4100 printers	38
Configuring InfoPrint Manager to use the InfoPrint Workgroup Printers (15xx, 16xx, 17xx, 18xx and future models)	39
Configuring as AIX or PSF Other printers to use Print and Hold	39
Using Print and Hold in Workgroup Printers (15xx, 16xx, 17xx, 18xx and future models)	39
Logging accounting information	41
Configuring as TCP/IP printers to use Booklet Maker	41
Booklet Maker	41
Configuring the Halftone Management System	42
Starting the Halftone Management System server	42
Starting the Halftone Management System client	43
Calibrating a densitometer	43
Calibrating a printer using the Halftone Management System	44
Defining InfoPrint servers to the Halftone Management System client	44
Defining custom patch sets	45
Calibrating a halftone	45
Measuring optical density with a densitometer	47
Specifying a halftone for printing on the InfoPrint AIX server	47
Printing from InfoPrint Submit Express	47
Printing from the AIX command line	47
Chapter 3. Working with SNMP printers	49
SNMP support	49
About SNMP communication	49
Smart-defaulting actual destination attributes	49
Detecting, reporting, and recovering from printer problems	50
Accessing device information	51
Changing device information	52
Setting up and using SNMP	53
Determining if a printer works with SNMP	53
Using the InfoPrint Manager Administration Interface	54
Procedures	54
Effects on performance with SNMP	56
Server start-up	56
Actual destination queries	56
SNMP polling	56
Chapter 4. Configuring media	59
Determining the media that are in the servers	59
Using the InfoPrint Manager Administration Interface	59
Using the AIX command line	59
Creating a media object	59
Using the InfoPrint Manager Administration Interface	59
Using the AIX command line	60
Viewing or changing attributes of a medium	61
Using the InfoPrint Manager Administration Interface	61
Using the AIX command line	61
Associating a medium with an actual destination	61
Using the InfoPrint Manager Administration Interface	61
Chapter 5. InfoPrint Email support	63
Configuring InfoPrint Email	63
Defining the SMTP Email server to InfoPrint	63
Creating an InfoPrint Email destination	64
Submitting Email jobs	64
Submitting a basic email job	65
Submitting attributes through a file with the -Z option	65
Submitting files with a Korn shell script	66
Submitting text files with a Korn shell script	67
Using the InfoPrint Select client	68
Color Email	68
Submitting color Email attributes through a file	69
Chapter 6. User-exit programs (PSF, Generalized Fax, and Email DSS only)	71
What type of user-exits does InfoPrint Manager support?	71
What sample user-exit programs are available?	71
Creating and using your own user-exit programs	73
Creating your own user-exit programs	73
Compiling and installing the user-exit program	73
Compile and install your user-exit program	74
Activating the user-exit program	75
User-exit program structures	76
Common input and output fields	76
The header page and trailer page user-exit programs	80
The separator page user-exit program	80
The accounting, post-print accounting, and audit user-exit programs	81
The input data user-exit program	84
The output data user-exit program	87
User-exit programs for the line-data transform	87
Input record exit	88
Using the line-data transform user input record exits	90
Output record exit	91
Resource exit	92
Non-zero return codes	94
Attributes of the line-data input file	94
Chapter 7. Creating and managing auxiliary sheets and user-exit programs	97
Preparing to work with auxiliary sheets	97
Terms relating to auxiliary sheets	97
InfoPrint default auxiliary-sheet objects	98
Examples of Brief-Style and Full-Style Auxiliary Sheets	100
Start Sheet Examples	100
Separator Sheet Examples	100
End Sheet Examples	101
Accounting Sheet Examples	101
Audit Sheet Examples	102
Sequence of user-exit programs	103
Directory locations of user-exit programs supplied with InfoPrint	103
Creating and configuring auxiliary-sheet objects (PSF, Generalized Fax, and Email DSS only)	105
Creating new auxiliary-sheet objects using the pdcreate command	105
Associating auxiliary-sheet objects with PSF printers	105
Associating auxiliary sheets for accounting or audit information	106
Associating the post-print accounting user-exit program with an actual destination	106
Associating an input data user-exit program with an actual destination	107
Associating an output data user-exit program with an actual destination	107
Using Interrupt Message Pages	107
Activating IMPs	108
Allowing the auxiliary-sheet-selection job attribute with the BSD DSS	108
Chapter 8. Gathering accounting and auditing data about print jobs	111
Working with InfoPrint AIX server accounting information	111
How does the pdaccount command collect InfoPrint AIX server accounting information?	111
How do you manage the contents of the InfoPrint AIX server accounting logs?	114
Usage considerations by DSS for accounting information	116
Working with PSF accounting, post-print accounting, and auditing user-exit programs	118
What do these user-exit programs provide?	118
How do you format PSF DSS accounting, post-print accounting, and audit data for viewing?	120
How do you manage the contents of the PSF DSS accounting data file?	121
Chapter 9. Creating and managing resource-context objects	123
The search order for AFP resources	124
CMRs and data objects search order	126
The search order for CMRs	126
The search order for data objects	126
Reuse of CMRs and data objects across printer jobs	127
File extensions for resources	127
How InfoPrint Manager provides resource access for PSF DSS printers	129
Creating a new resource-context object	130
Changing a directory path for a resource-context object	130
Assigning resource-context objects to an actual destination	131
Using the AIX command line	131
Assigning a resource-context object to a default-document object	131
Using the AIX command line	131
Chapter 10. Using InfoPrint Manager notifications	133
Understanding notification profiles	133
Event identifiers	134
Delivery method and delivery address	134
Working with Select notifications	136
Using the 'exit' delivery method	137
Default notification profiles	138
Using notification profiles with default jobs	139
Changing notification profiles	140
For jobs, default jobs, servers, queues, and actual destinations	140
Getting help for notification messages	140
Other notification methods	141
Notify-operator attribute	141
Chapter 11. Managing security for InfoPrint Manager for AIX	143
Types of permission	143
Security groups	144
Identifying users and groups: wildcarding	145
Working with ACLs and groups	145
Chapter 12. Setting InfoPrint Manager and AIX environment variables	147
Preparing to work with InfoPrint Manager and AIX environment variables	147
Where are environment variables found?	147
How are environment variables set?	147
What restrictions apply?	148
Querying environment variables	148
Editing the /etc/environment file	149
Editing a .profile file	149
Setting an environment variable from the command line	150
Verifying the setting of environment variables	150
Verifying the setting of the PATH environment variable	150
Verifying the setting of the PDBASE environment variable	150
Verifying the setting of the MANPATH environment variable	150
Chapter 13. Monitoring memory and space on your AIX system	151
Monitoring memory use on your InfoPrint AIX server	151
Monitoring file system use (automatically)	152
Configuring your notification profile for disk-space-low events	153
Monitoring file system use (manually)	154
Using the disk usage tool	154
Using the df command	154
File systems and directories to clean up	154
File systems used by all InfoPrint installations	154
Segment Size parameter	155
Chapter 14. Using the InfoPrint Manager System Migration (ismu) Utility	157
Supported operating environments	157
Prerequisites	158
Migrating your InfoPrint Manager settings	158
Automatic process	158
Automatic tasks during migration	159
Manual process	161
Specific tasks during migration	162
Part 2. Administrative procedures: Customizing for special jobs	169
Chapter 15. Working with transforms	171
Customizing the PCL, PostScript, and PDF transforms	171
Sample configuration file	172
Daemon configuration files	172
Improving performance in the PDF RIP	172
Hierarchy of transform options	173
Stapling and punch options available from the ps2afp transform	174
Specifying finishing in the ps2afpd.cfg file	175
Staple and punch operations supported by the ps2afp transform	176
Collate options available from the ps2afp transform	179
Customizing the TIFF, JPEG, and GIF transforms	179
Sample configuration file	180
Transform environment variables	180
Hierarchy of transform options	180
Customizing the img2afp transform	181
Limitations of the img2afp transform	183
Examples	184
Working with the transform for line data	184
About line data	184
What Is line data?	185
ANSI and machine carriage controls	185
Variable-length and fixed-length files	186
How the imageout keyword affects processing	187
Customizing the line data transform	187
Using the PDF Parallel RIP	189
Installing the PDF Parallel RIP client	189
Customizing the PDF Parallel transform	191
Sample configuration file for the pdfprs client	191
RIP Daemon configuration files	192
Configuring for a dual engine halftone printer	193
Hierarchy of transform options	194
Troubleshooting the parallel PDF RIP client	194
Working with the InfoPrint PPML transform program	195
Customizing the PPML transform	195
Sample PPML configuration file	195
Hierarchy of PPML transform options	196
Working with the XML transforms	197
Using the XML transforms with InfoPrint Manager	197
How do the XML transforms work?	198
Running the XML transforms	199
Capabilities and limitations	199
General capabilities and limitations for transforming all data	199
Capabilities and limitations for transforming data to AFP	199
Capabilities for transforming data to PDF	200
Customization tasks for the XML transforms	201
Common customization tasks	201
Color management resource transform support	205
Submitting job using transforms for color management	205
Chapter 16. Understanding transform objects and the configurable transform subsystem	207
Transforms	207
Defining a transform sequence	208
Configuring transforms	209
Creating transforms	209
Associating a transform with an actual destination	213
Examples of creating transform objects	214
Creating a transform object to copy to a file without printing	214
Creating a transform object to convert data and print only smaller files	216
Creating a transform object that updates the job's page count	218
Using the transform_update utility	219
Chapter 17. Managed IPDS Dialog support	221
Enabling MID support	221
Considerations to activate MID support	221
Chapter 18. Printing PCL or PostScript to PSF destinations: Specifying which paper bin to use	223
Determining bin mappings	223
PCL printing	223
PostScript printing	226
Gathering paper tray information	226
Identifying paper trays to InfoPrint Manager	227
Testing tray mappings	228
Editing configuration files	228
Creating a transform with bin mappings	229
Chapter 19. Submitting PSF printer input to a PCL or PPDS printer	231
Setting up PCL tray mappings	231
Chapter 20. Enabling capture for CMRs	235
Chapter 21. Working with fonts	237
Fonts for printing transformed PostScript and PDF data	237
Font-mapping files	237
PostScript font-mapping file considerations	237
Creating a PostScript font-mapping file	237
Using font-mapping files with the ps2afp or the pdf2afp command	237
Specifying font substitution through initialization files	238
Adding non-IBM fonts to AIX for a PostScript job	239
Adding Type 1 fonts to a personal font library	239
Using OpenType Fonts	240
Using the Resource Installer to install OpenType fonts	240
Using font capture with OpenType fonts	241
Enabling font capture for inline fonts	241
Using multiple fonts with limited printer memory	242
Using Unicode extended code pages	242
Updating the global search path on an InfoPrint AIX server	243
Using OpenType fonts with line data	243
Limitations when printing line data with OpenType fonts	243
Line data using OpenType fonts supports using the Byte Order Mark (BOM) and little endian data	244
Fonts for printing ditroff data	244
AFP code pages for AFP fonts	244
AFP characters mapped to ditroff characters	245
Mapping for code pages T1001038, T1001108, and T1001109	245
Special symbols added for code page T1001038	251
Special symbols added for code page T1001108	251
Special symbol added for code page T1001109	252
Adding other troff fonts	252
ditroff font files	252
Fonts for printing DBCS ASCII and EUC data	252
Fonts required to print a double-byte transformed file	253
Installing DBCS fonts on AIX	253
Setting up font resources for DBCS ASCII and EUC printing	253
Fonts for printing line data	254
Printing with the DBCS Simulation Fonts with the font metric adjustment triplet	255
Installing the Japanese PostScript font feature	255
Chapter 22. Using global resource identifiers	257
How can you use GRIDs?	257
What GRID files ship with InfoPrint?	257
Where does InfoPrint search for GRID files?	259
Understanding the general syntax rules and allowable values for GRID files	259
Syntax rules applying to all types of GRID files	259
Allowable values for the charset.grd file	260
Allowable values for the codepage.grd file	260
Allowable values for the fgid.grd file	260
Allowable values for the cpgid.grd file	261
Modifying GRID files	261
Modifying the charset and code page GRID files	261
Modifying the FGID and CPGID GRID files	262
Verifying the GRID files	263
Preventing InfoPrint from using GRID files	264
Using the 'no resident' version of the sample grid files	264
Chapter 23. Configuring and using cut-sheet emulation	265
Using cut sheet emulation	265
Using InfoPrint Submit Express	265
Using InfoPrint Job Ticketer	265
Using the PSF actual destination properties notebook	266
Using the pdpr command	266
Defaults and limitations of cut sheet emulation support	266
Chapter 24. Generating and submitting color mapping table source and output files	267
Parts of a color mapping table	267
Using source groups	267
Using target groups	268
Creating a color mapping table	269
Submitting jobs using a color mapping table	271
Submitting jobs through the AIX command line	271
Configuring an actual destination	272
Chapter 25. Configuring InfoPrint systems for interoperability	273
Understanding interoperating environments	273
Reasons for setting up an interoperating environment	273
Multiserver configuration examples	274
Important issues in interoperating environments	274
Configuring a primary AIX server with a secondary AIX server	275
Configuring a primary AIX server with a secondary Windows server	275
Setting up the InfoPrint AIX server for interoperability	276
Starting NFS and connecting the secondary server	276
Adding users to and modifying permissions for FST security groups	277
Setting up the ipwinadmin id on a Windows domain controller	278
Creating the 'ntuser' ID on the InfoPrint AIX server	278
Ensuring correct AIX file permissions for interoperability	278
Configure Windows servers for interoperability	279
Installing MS Services for UNIX on the InfoPrint Windows servers	279
Grant appropriate user rights to the domain user on all InfoPrint Manager Windows servers	280
Verifying access to the AIX namespace that allows interoperability on Windows	280
Configuring the 'ntuser' ID for interoperability on the InfoPrint Windows servers	281
Verifying the authority of the ipwinadmin ID	282
Chapter 26. Setting up high speed printers for spacing	283
Enabling SNMP on an InfoPrint 2000 for AFP printing	283
Enabling SNMP on an InfoPrint 3000 or an InfoPrint 4000 printer that uses the operator console	283
Enabling SNMP on a printer that uses the Enhanced Operator Console	284
Chapter 27. Configuring the InfoPrint 5000 Models AD1/AD2, AD3/AD4, AS1, AS3, C900AFP and MD3/MD4 to print PDF and PostScript	285
Printing PDF and PostScript files on the InfoPrint 5000 printer models AD1/AD2, AD3/AD4, AS1, AS3, C900AFP and MD3/MD4 with h	285
Verifying bos.cifs_fs fileset is installed	285
Connecting to the InfoPrint 5000 hot folder	285
Running scripts before printing PDF and PostScript files	285
Chapter 28. Using InfoPrint Manager with the InfoPrint Color 130 Plus	287
Setting up	287
Building a data stream	287
Transforming color images	287
Using and changing color and resource attributes	288
Using color attributes	288
color-profile	288
color-profiles-supported	288
color-bits-per-plane	289
color-bits-per-plane-supported	289
color-rendering-intent	289
color-toner-saver	290
color-toner-saver-supported	290
Using resource attributes	290
resource-context-presentation-object-container	290
presentation-object-container-extraction-mode	290
Using the InfoPrint Manager Administration GUI to change color and resource attributes	291
Starting the InfoPrint Manager Administration GUI	291
Changing the attributes	291
Sending an AFP job to the printer using the AIX command line	292
Setting up assumptions	292
Using AIX commands	292
Submitting the job	292
Sending an AFP job with color images to the printer using InfoPrint Submit Express	293
Setting up assumptions	293
Submitting the job	293
Creating a new job ticket	293
Sending a job to the printer using InfoPrint Select	294
Setting up assumptions	294
Submitting the job	295
Adding a Select printer to your workstation	295
Printing from Applications	295
Printing from the Command Line	295
Changing color and resource attributes	296
Sending a job using Download for z/OS	296
Chapter 29. Using the LPD gateway with InfoPrint Manager for AIX	297
Submitting print jobs through the LPD from an AIX system	297
Submitting print jobs through the LPD from a non-AIX UNIX system	297
Submitting print jobs from a non-AIX UNIX system with the InfoPrint (lprafp) LPR client	298
Submitting print jobs through the LPD from a Windows system	298
Install and configure lprafp for Windows from the Web	298
Chapter 30. Printing data sets from an MVS system through MVS Download	299
Preparing to work with MVS Download	299
Why use MVS Download?	299
What is the MVS Download daemon?	299
How do you make AFP resources available?	300
How are print options passed to InfoPrint?	300
What does the mvsprpsm.sh shell script do?	300
What does the log file generated by the mvsprpsm.sh shell script contain?	301
How do I get page count displayed for AFP Download Plus jobs?	301
Performance considerations with the Direct Download method	301
Modifying the InfoPrint mvsprpsm.sh shell script	302
Specifying AFP resource directories	303
Changing how the shell script generates the file name	303
Using multiple printers with MVS Download	303
Specifying a default page definition	304
Passing the parameter list from the mvsprsd daemon to the shell script	304
Translating print options to InfoPrint attributes and values	306
Using the mvsprsd command to start the daemon	308
Using MVS Download support for multiple data set jobs	309
Description of multiple data set support on both PSF/MVS and InfoPrint Manager for AIX	309
Procedure for installing multiple data set support with Download for z/OS	310
Procedure for installing multiple data set support with AFP Download Plus	311
Limitations of multiple data set support	312
Technical description of multiple data set support	312
Resubmitting or deleting MVS Download orphaned files	313
Resubmitting an orphaned file	313
Chapter 31. Using AFP Upload	315
Software prerequisites	315
General information about the host server program	315
Specifying the SYSPRINT DD statement	316
Supported configuration parameters	316
Specifying the configuration parameters	317
Specifying PL/I run-time options	318
Transmitting AFP file attributes to MVS	318
Using specific InfoPrint Manager attributes	318
Using the destination-pass-through attribute	319
Examples: Using the destination-pass-through attribute	320
Using InfoPrint Manager commands with AFP Upload	321
When the connection to the MVS host fails	321
Troubleshooting problems with AFP Upload on TCP/IP networks	321
Places where error information is recorded	321
Common errors with AFP Upload using TCP/IP networks	322
Specifying to run the host server program in a startable address space	324
Specifying to run the host server program as a job	324
Example to run the host server program in a	324
Example to run the host server program as a job	325
Chapter 32. Customizing error logs in the InfoPrint Manager AIX server	327
Customizing an InfoPrint Manager server error log	327
Customizing a Notification daemon error log	328
Part 3. Operator and user procedures	331
Chapter 33. Finishing options	333
Setting up finishing options for IPDS-only printers	333
Telling InfoPrint Manager what options the finisher supports	333
Setting up InfoPrint Manager and clients to use finishing options	333
Using the pdpr command	333
Using a form definition	334
Using InfoPrint Submit Express or InfoPrint Job Ticketer	334
Using InfoPrint Select	334
Using MVS Download	335
Using InfoPrint Manager hot folders	335
Using InfoPrint Manager LPD and an LPR client	335
Selecting the correct finishing options	336
Paper fed LEF	336
Paper fed SEF	337
Staple positions for new InfoPrint printers	338
Staple positions for InfoPrint 2060ES, InfoPrint 2075ES, and InfoPrint 2090ES	339
Staple positions for InfoPrint 2105ES	339
Setting up finishing options for PS/PCL printers	340
Telling InfoPrint Manager what options the finisher supports	340
Setting up InfoPrint Manager and clients to use finishing options	340

Match case Limit results 1 per page

the other groups, there are no default users created during installation. See

InfoPrint Job Ticketer: Administrator's Guide

for more information.

You can modify these groups as needed. In the example above, you could have

simply added your operators to the default

oper

group and modified any

permissions that weren't set to the level that you wanted them.

All fields, such as User IDs, group names, hostnames, and DNS suffixes, are

case sensitive.

You can add users to multiple groups, but you cannot make one group a member

of another group. For example, if you hire five new print operators, you might

create a group for them called

trainees

, since you only want them to have limited

permissions until they are finished with their training. When they finish their

training, you cannot add

trainees

as a member of the

operators

group. You will

have to add their user IDs to the operators group one at a time. In addition, you

will have to either delete the

trainees

group or delete the members from

it—otherwise those users will have conflicting levels of permission.

When users are members of more than one group and each group has a different

level of permission for a particular object, the most restrictive permission applies.

In the example above, if you forgot to remove the new employees from the

trainees

group at the end of their training, they wouldn't be able to perform the

tasks their job required- they would still be restricted.

Identifying users and groups: wildcarding

When you add users to ACLs or Security groups, you identify them by their user

ID and the computer that they work on in this format:

username

computername

The permissions you assign will only apply when that person accesses InfoPrint

Manager from that workstation.

If, however, you or any of your users want to be able to work with InfoPrint

Manager objects from various workstations, you might not want to add multiple

user ID/computer name combinations for the same person—you can use

wildcarding instead. When you use wildcarding, you replace the computer name

or user ID with the wildcard character (*) when you add a member to an ACL or

Security Group. The wildcard character stands for “any computer” or “any user

ID.” So, if you create an ACL member called

administrator@*

, no matter what

computer you log on to as

administrator

, you have the same permissions. If you

use the wildcard character before the computer name, for example

*@computer

any user who logs on to computer1 can do the actions that the ACL member has

permission for.

Working with ACLs and groups

Use the AIX SMIT utility to manage the security of your print system. Open an

AIXterm window and enter

smit

on the command line. The line InfoPrint Printing

System will appear as an option. By following the menu item to the right with

your cursor, you can navigate the this directory structure of menu choices:

Tab #1

Tab #2

Tab #3

Choices

InfoPrint Printing Systems

→

Security

→

Groups

→

Add Group

Show Group

Add User to Group

Remove User from

Group

Chapter 11. Managing security for InfoPrint Manager for AIX

131