Home » Dell Manuals » Printers » Dell B3465dnf Mono » Manual Viewer

Dell B3465dnf Mono Smart Access Card Solution Administrators Guide - Page 18

Configuring the application settings, Securing access to the application

Add to My Manuals
Save this manual to your list of manuals

Page 18 highlights

Configuring the applications 18 Configuring the application settings Configuring digital signing 1 Access the application configuration settings from the Embedded Web Server. 2 Configure the following setting: • Sign E‑mail-Do one of the following: - Select Prompt User to let users choose to digitally sign their e-mail. - Select Disabled to disable digital signing. - Select Always Sign to require all e‑mail to be digitally signed. Note: For users to digitally sign e‑mail, they must have a valid digital signing certificate. 3 Click Apply. Configuring e‑mail encryption 1 Access the application configuration settings from the Embedded Web Server. 2 Configure the following settings: • Encrypt E‑mail-Do one of the following: - Select Prompt User to let users choose to encrypt their e‑mail. - Select Disabled to disable encryption. - Select Always Encrypt to require all e‑mail to be encrypted. Note: For users to send encrypted e‑mail to a recipient, the recipient must be in the global address book and must have a valid encryption certificate. • Encryption Algorithm-Select an algorithm to use for encrypting e‑mail. The most common setting is "Triple DES." • LDAP‑Primary Certificate-Specify the LDAP attribute to search for a recipient's encryption certificate. The most common setting is "userSMIMECertificate." • LDAP‑Alternate Certificate-Specify the LDAP attribute to search if a recipient's encryption certificate is not found in the primary attribute. The most common setting is "userCertificate." • Signing Algorithm-Select the algorithm to use for digital signature. The most common setting is "SHA1." • User can only send to self-Select this check box to allow users to send e‑mail only to themselves. 3 Click Apply. Securing access to the application This application runs in place of the standard e‑mail function on the printer. For the security features of the application to work correctly, you must use Smart Card Authentication Client to secure access to the printer e‑mail function. When users attempt to access the secured e‑mail function, they will be prompted to authenticate. When Smart Card Authentication Client is associated with the e‑mail function, it must be configured to specify where the printer should retrieve an authenticated user's e‑mail address when the user sends an e‑mail. The user's e‑mail address will be placed in the "From" field of the sent e‑mail.

Section	Page
Contents	2
Overview	4
Configuring the applications	5
Configuring printer settings for use with the applications	5
Changing the panel login timeout	5
Installing certificates manually	5
Installing certificates automatically	6
Configuring TCP/IP settings	6
Setting the date and time	6
Configuring Smart Card Authentication Client	8
Securing access to the printer	8
Setting up a security template	8
Securing access to the home screen	9
Securing access to individual applications and functions	10
Configuring login screen settings	11
Configuring manual login setup settings	12
Configuring Smart Card setup settings	12
Configuring advanced settings	14
Configuring User Validation Mode settings	15
Configuring Secure Scan To E-mail	15
Configuring printer e-mail settings	15
Configuring the application settings	18
Securing access to the application	18
Configuring Scan to Network	19
Using a Kerberos ticket for authentication	19
Configuring Secure Print Jobs Release	21
Configuring and securing the application	21
Using the applications	23
Using Secure Scan To E-mail	23
Sending secure e-mail	23
Using Scan to Network	24
Scanning documents at the printer	24
Using Secure Print Jobs Release	25
Printing held jobs	25
Troubleshooting	26
Smart Card Authentication Client login issues	26
“A card reader was not detected on this device” error message	26
Make sure a supported Smart Card reader is attached	26
Allow users to log in manually	26
“Unsupported USB Device” error message when a Smart Card reader is attached to the printer	26
Make sure that the Smart Card reader is supported	26
Make sure that the required firmware version is installed	26
Make sure that all required applications are installed and running	26
“An error occurred while reading the card. Remove your card and try again” error message	26
Check the system log for relevant details	26
“Your card has been locked out from future login attempts” error message	27
Reset or replace the card	27
“An error occurred while checking your PIN. Remove your card and try again” error message	27
Check the system log for relevant details	27
User is unable to log in manually	27
Make sure the Manual Login Domain(s) field are specified	27
User is logged out almost immediately after logging in	27
Increase the panel login timeout interval	27
The printer home screen fails to return to a locked state when not in use	28
Make sure all required applications are installed and running	28
Make sure the home screen or home screen icons are secured	28
Smart Card Authentication Client authentication issues	28
“Authentication failed” error message	28
Check the system log for relevant details	28
“Kerberos configuration file has not been uploaded” error message	28
Make sure the Kerberos configuration file is installed	28
“Kerberos configuration file is not properly formatted” error message	29
Modify the installed Kerberos configuration file	29
“Unable to authenticate. Check Kerberos configuration file to verify Windows support enabled” error ...	29
Make sure the Windows domain is specified	29
“Unable to generate certificate from card” or “Unable to read certificate information from card” err ...	29
Check the certificate on the Smart Card	29
“The domain controller did not respond within the required time; the domain controller timeout may n ...	30
Increase the domain controller timeout	30
Make sure the domain controller IP address or host name is correct	30
Make sure the domain controller is available	30
Make sure Port 88 is not blocked by a firewall	30
“The domain controller issuing certificate has not been installed” error message	31
Make sure the correct certificates are installed on the printer	31
“The realm on the card was not found in the Kerberos configuration file” or “User’s realm was not fo ...	31
Add the missing realm or modify the incorrect realm	31
“Unable to authenticate. Verify the realm was specified in UPPERCASE” error message	31
Make sure the Kerberos realm is in uppercase	31
“Unable to contact the domain controller for the user’s realm” error message	32
Check the domain, realm, and domain controller in the Kerberos configuration file	32
“Domain controller and device clocks are different beyond an acceptable range. Check the device's da ...	32
Check the date and time on the printer	32
“Unable to validate certificate from domain controller” error message	32
Make sure the correct certificates are installed on the printer	32
Check the domain controller validation method	33
“An error occurred during domain controller chain validation” or “At least one of the certificates i ...	33
Check the certificates installed on the printer	33
“The OCSP responder URL or certificate has not been configured” error message	33
Check the OCSP responder URL and responder certificate	33
“An error occurred while trying to connect to the OCSP responder” error message	34
Check the OCSP responder URL	34
Increase the responder timeout	34
“The status of at least one of the certificates in the domain controller certificate chain is unknow ...	34
Check the certificates installed on the printer	34
Allow users to log in if the certificate status is unknown	34
“The OCSP responder certificate, stored on the printer, does not match the one returned by the respo ...	35
Check the OCSP responder certificate	35
Check the certificate returned from the OCSP responder	35
“An error occurred while trying to validate the domain controller certificate against the OCSP respo ...	35
Check the domain controller certificate	35
Check the OCSP responder	35
“The user is not authorized to use this device. Make sure the user belongs to an Active Directory gr ...	35
Add the user to an authorized Active Directory group	35
Add the user’s group to the authorization list for the printer	36
Secure Scan To E-mail issues	36
“The e-mail cannot be sent because your e-mail address could not be retrieved” error message	36
Make sure the printer e-mail function is secured	36
Make sure user e-mail addresses are retrieved correctly	36
Check the LDAP settings	36
“Your e-mail cannot be sent because your signing certificate could not be retrieved” error message	36
Check the signing certificate on the user’s Smart Card	36
“No signing certificate is available to sign your e-mail. Press Next to continue without digital sig ...	37
“The e-mail cannot be sent because an error occurred trying to retrieve user certificates from the L ...	37
Check the address book setup	37
Make sure the address book function is secured	37
Check the LDAP settings	37
Make sure the printer is connected to the network	37
“Cannot encrypt e-mail for one or more recipients. Choose one of the following” or “Encryption certi ...	37
“No encryption certificates could be found for any of the addresses you entered. Press Next to send ...	38
“Unable to connect to the e-mail server” error message	38
Make sure the printer is connected to a domain	38
Check the SMTP Server Authentication setting	39
Provide the server host name if the SMTP server uses Kerberos	39
Make sure Port 25 is not blocked	39
Make sure the printer is connected to the network	39
“Send me a copy” is not available	39
Make sure all user information is placed in the login session	39
Secure Print Jobs Release issues	40
“Unable to determine user id. Contact your system administrator” error message	40
Make sure the session user ID is set correctly	40
Make sure the application is secured	40
“There are no jobs available for [user]” error message	40
Make sure the session user ID is set correctly	40
Make sure jobs were sent to the correct printer and have not expired	40
Jobs print immediately	40
Make sure the user selects the print-and-hold feature	40
LDAP issues	41
LDAP lookups fail	41
Make sure Port 389 (non-SSL) and Port 636 (SSL) are not blocked by a firewall	41
Verify that the address book setup contains the host name for the LDAP server	41
Disable reverse DNS lookups	41
If the LDAP server requires SSL, then enable SSL for LDAP lookups	41
Narrow the LDAP search base	42
Verify that the LDAP attributes being searched for are correct	42
Licensing issues	42
License error	42
Make sure that the license is up-to-date	42
Appendix	43
Accessing application configuration settings using the Embedded Web Server	43
Exporting and importing a configuration using the Embedded Web Server	43
Licensing applications	44
Checking which version of the Embedded Solutions Framework is installed on a printer	44
Notices	45
Edition notice	45
Trademarks	45
GOVERNMENT END USERS	45
GNU Lesser General Public License	45
Dell End-User License Agreement	45
Additional copyrights	48

Match case Limit results 1 per page

Configuring the application settings

Configuring digital signing

Access the application configuration settings from the Embedded Web Server.

Configure the following setting:

•

Sign E

‑

mail

—Do one of the following:

–

Select

Prompt User

to let users choose to digitally sign their e-mail.

–

Select

Disabled

to disable digital signing.

–

Select

Always Sign

to require all e

‑

mail to be digitally signed.

Note:

For users to digitally sign e

‑

mail, they must have a valid digital signing certificate.

Click

Apply

Configuring e

‑

mail encryption

Access the application configuration settings from the Embedded Web Server.

Configure the following settings:

•

Encrypt E

‑

mail

—Do one of the following:

–

Select

Prompt User

to let users choose to encrypt their e

‑

mail.

–

Select

Disabled

to disable encryption.

–

Select

Always Encrypt

to require all e

‑

mail to be encrypted.

Note:

For users to send encrypted e

‑

mail to a recipient, the recipient must be in the global address book

and must have a valid encryption certificate.

•

Encryption Algorithm

—Select an algorithm to use for encrypting e

‑

mail. The most common setting is “Triple

DES.”

•

LDAP

‑

Primary Certificate

—Specify the LDAP attribute to search for a recipient's encryption certificate. The most

common setting is “userSMIMECertificate.”

•

LDAP

‑

Alternate Certificate

—Specify the LDAP attribute to search if a recipient's encryption certificate is not

found in the primary attribute. The most common setting is “userCertificate.”

•

Signing Algorithm

—Select the algorithm to use for digital signature. The most common setting is “SHA1.”

•

User can only send to self

—Select this check box to allow users to send e

‑

mail only to themselves.

Click

Apply

Securing access to the application

This application runs in place of the standard e

‑

mail function on the printer. For the security features of the application

to work correctly, you must use Smart Card Authentication Client to secure access to the printer e

‑

mail function. When

users attempt to access the secured e

‑

mail function, they will be prompted to authenticate.

When Smart Card Authentication Client is associated with the e

‑

mail function, it must be configured to specify where

the printer should retrieve an authenticated user’s e

‑

mail address when the user sends an e

‑

mail. The user’s e

‑

mail

address will be placed in the “From” field of the sent e

‑

mail.

Configuring the applications