Home » Dell Manuals » Printers » Dell B3465dnf Mono » Manual Viewer

Dell B3465dnf Mono Smart Access Card Solution Administrators Guide - Page 5

Configuring printer settings for use with the applications

Add to My Manuals
Save this manual to your list of manuals

Page 5 highlights

Configuring the applications 5 Configuring the applications Configuring printer settings for use with the applications Even if the printer has been set up previously, make sure all settings have been configured to enable the security features of each application to work correctly. Changing the panel login timeout To help prevent unauthorized access if a user leaves the printer unattended with a Smart Card inserted or while logged in, you can limit the amount of time a user stays logged in without activity. If the user does not touch the screen within the specified time, then the session ends and the user is logged out, even if a Smart Card is still inserted. 1 From the Embedded Web Server, click Settings or Configuration. 2 Click Security > Miscellaneous Security Settings > Login Restrictions. 3 Set the Panel Login Timeout value (in seconds). The recommended value is 30 seconds. 4 Click Submit. Installing certificates manually Note: In select printer models, you can automatically download the CA. For more information, see "Installing certificates automatically" on page 6. Before configuring Kerberos or domain controller settings, you must install the appropriate certificates on the printer. At minimum, you must install the certificate of the Certificate Authority (CA) that issued the domain controller certificate. The CA certificate is used for domain controller validation. Additional certificates can be installed if needed. For example, if you plan to use chain validation to validate the domain controller certificate, then you must install the entire certificate chain. Each certificate must be in a separate PEM (.cer) file. For each certificate you want to install, do the following: 1 From the Embedded Web Server, click Settings or Configuration. 2 Click Security > Certificate Management > Certificate Authority Management > New. 3 Upload the file containing the certificate, and then click Submit. Note: The file must be in PEM (.cer) format. The contents of the file should resemble the following: -----BEGIN CERTIFICATE----MIIE1jCCA76gAwIBAgIQY6sV0KL3tIhBtlr4gHG85zANBgkqhkiG9w0BAQUFADBs ... l3DTbPe0mnIbTq0iWqKEaVne1vvaDt52iSpEQyevwgUcHD16rFy+sOnCaQ== -----END CERTIFICATE-----

Section	Page
Contents	2
Overview	4
Configuring the applications	5
Configuring printer settings for use with the applications	5
Changing the panel login timeout	5
Installing certificates manually	5
Installing certificates automatically	6
Configuring TCP/IP settings	6
Setting the date and time	6
Configuring Smart Card Authentication Client	8
Securing access to the printer	8
Setting up a security template	8
Securing access to the home screen	9
Securing access to individual applications and functions	10
Configuring login screen settings	11
Configuring manual login setup settings	12
Configuring Smart Card setup settings	12
Configuring advanced settings	14
Configuring User Validation Mode settings	15
Configuring Secure Scan To E-mail	15
Configuring printer e-mail settings	15
Configuring the application settings	18
Securing access to the application	18
Configuring Scan to Network	19
Using a Kerberos ticket for authentication	19
Configuring Secure Print Jobs Release	21
Configuring and securing the application	21
Using the applications	23
Using Secure Scan To E-mail	23
Sending secure e-mail	23
Using Scan to Network	24
Scanning documents at the printer	24
Using Secure Print Jobs Release	25
Printing held jobs	25
Troubleshooting	26
Smart Card Authentication Client login issues	26
“A card reader was not detected on this device” error message	26
Make sure a supported Smart Card reader is attached	26
Allow users to log in manually	26
“Unsupported USB Device” error message when a Smart Card reader is attached to the printer	26
Make sure that the Smart Card reader is supported	26
Make sure that the required firmware version is installed	26
Make sure that all required applications are installed and running	26
“An error occurred while reading the card. Remove your card and try again” error message	26
Check the system log for relevant details	26
“Your card has been locked out from future login attempts” error message	27
Reset or replace the card	27
“An error occurred while checking your PIN. Remove your card and try again” error message	27
Check the system log for relevant details	27
User is unable to log in manually	27
Make sure the Manual Login Domain(s) field are specified	27
User is logged out almost immediately after logging in	27
Increase the panel login timeout interval	27
The printer home screen fails to return to a locked state when not in use	28
Make sure all required applications are installed and running	28
Make sure the home screen or home screen icons are secured	28
Smart Card Authentication Client authentication issues	28
“Authentication failed” error message	28
Check the system log for relevant details	28
“Kerberos configuration file has not been uploaded” error message	28
Make sure the Kerberos configuration file is installed	28
“Kerberos configuration file is not properly formatted” error message	29
Modify the installed Kerberos configuration file	29
“Unable to authenticate. Check Kerberos configuration file to verify Windows support enabled” error ...	29
Make sure the Windows domain is specified	29
“Unable to generate certificate from card” or “Unable to read certificate information from card” err ...	29
Check the certificate on the Smart Card	29
“The domain controller did not respond within the required time; the domain controller timeout may n ...	30
Increase the domain controller timeout	30
Make sure the domain controller IP address or host name is correct	30
Make sure the domain controller is available	30
Make sure Port 88 is not blocked by a firewall	30
“The domain controller issuing certificate has not been installed” error message	31
Make sure the correct certificates are installed on the printer	31
“The realm on the card was not found in the Kerberos configuration file” or “User’s realm was not fo ...	31
Add the missing realm or modify the incorrect realm	31
“Unable to authenticate. Verify the realm was specified in UPPERCASE” error message	31
Make sure the Kerberos realm is in uppercase	31
“Unable to contact the domain controller for the user’s realm” error message	32
Check the domain, realm, and domain controller in the Kerberos configuration file	32
“Domain controller and device clocks are different beyond an acceptable range. Check the device's da ...	32
Check the date and time on the printer	32
“Unable to validate certificate from domain controller” error message	32
Make sure the correct certificates are installed on the printer	32
Check the domain controller validation method	33
“An error occurred during domain controller chain validation” or “At least one of the certificates i ...	33
Check the certificates installed on the printer	33
“The OCSP responder URL or certificate has not been configured” error message	33
Check the OCSP responder URL and responder certificate	33
“An error occurred while trying to connect to the OCSP responder” error message	34
Check the OCSP responder URL	34
Increase the responder timeout	34
“The status of at least one of the certificates in the domain controller certificate chain is unknow ...	34
Check the certificates installed on the printer	34
Allow users to log in if the certificate status is unknown	34
“The OCSP responder certificate, stored on the printer, does not match the one returned by the respo ...	35
Check the OCSP responder certificate	35
Check the certificate returned from the OCSP responder	35
“An error occurred while trying to validate the domain controller certificate against the OCSP respo ...	35
Check the domain controller certificate	35
Check the OCSP responder	35
“The user is not authorized to use this device. Make sure the user belongs to an Active Directory gr ...	35
Add the user to an authorized Active Directory group	35
Add the user’s group to the authorization list for the printer	36
Secure Scan To E-mail issues	36
“The e-mail cannot be sent because your e-mail address could not be retrieved” error message	36
Make sure the printer e-mail function is secured	36
Make sure user e-mail addresses are retrieved correctly	36
Check the LDAP settings	36
“Your e-mail cannot be sent because your signing certificate could not be retrieved” error message	36
Check the signing certificate on the user’s Smart Card	36
“No signing certificate is available to sign your e-mail. Press Next to continue without digital sig ...	37
“The e-mail cannot be sent because an error occurred trying to retrieve user certificates from the L ...	37
Check the address book setup	37
Make sure the address book function is secured	37
Check the LDAP settings	37
Make sure the printer is connected to the network	37
“Cannot encrypt e-mail for one or more recipients. Choose one of the following” or “Encryption certi ...	37
“No encryption certificates could be found for any of the addresses you entered. Press Next to send ...	38
“Unable to connect to the e-mail server” error message	38
Make sure the printer is connected to a domain	38
Check the SMTP Server Authentication setting	39
Provide the server host name if the SMTP server uses Kerberos	39
Make sure Port 25 is not blocked	39
Make sure the printer is connected to the network	39
“Send me a copy” is not available	39
Make sure all user information is placed in the login session	39
Secure Print Jobs Release issues	40
“Unable to determine user id. Contact your system administrator” error message	40
Make sure the session user ID is set correctly	40
Make sure the application is secured	40
“There are no jobs available for [user]” error message	40
Make sure the session user ID is set correctly	40
Make sure jobs were sent to the correct printer and have not expired	40
Jobs print immediately	40
Make sure the user selects the print-and-hold feature	40
LDAP issues	41
LDAP lookups fail	41
Make sure Port 389 (non-SSL) and Port 636 (SSL) are not blocked by a firewall	41
Verify that the address book setup contains the host name for the LDAP server	41
Disable reverse DNS lookups	41
If the LDAP server requires SSL, then enable SSL for LDAP lookups	41
Narrow the LDAP search base	42
Verify that the LDAP attributes being searched for are correct	42
Licensing issues	42
License error	42
Make sure that the license is up-to-date	42
Appendix	43
Accessing application configuration settings using the Embedded Web Server	43
Exporting and importing a configuration using the Embedded Web Server	43
Licensing applications	44
Checking which version of the Embedded Solutions Framework is installed on a printer	44
Notices	45
Edition notice	45
Trademarks	45
GOVERNMENT END USERS	45
GNU Lesser General Public License	45
Dell End-User License Agreement	45
Additional copyrights	48

Match case Limit results 1 per page

Configuring the applications

Configuring printer settings for use with the applications

Even if the printer has been set up previously, make sure all settings have been configured to enable the security

features of each application to work correctly.

Changing the panel login timeout

To help prevent unauthorized access if a user leaves the printer unattended with a Smart Card inserted or while logged

in, you can limit the amount of time a user stays logged in without activity. If the user does not touch the screen within

the specified time, then the session ends and the user is logged out, even if a Smart Card is still inserted.

From the Embedded Web Server, click

Settings

Configuration

Click

Security

Miscellaneous Security Settings

Set the Panel Login Timeout value (in seconds). The recommended value is 30 seconds.

Click

Submit

Installing certificates manually

Note:

In select printer models, you can automatically download the CA. For more information, see

“Installing

certificates automatically” on page

Before configuring Kerberos or domain controller settings, you must install the appropriate certificates on the printer.

At minimum, you must install the certificate of the

Certificate Authority

(CA) that issued the domain controller

certificate. The CA certificate is used for domain controller validation. Additional certificates can be installed if needed.

For example, if you plan to use chain validation to validate the domain controller certificate, then you must install the

entire certificate chain. Each certificate must be in a separate PEM (.cer) file.

For each certificate you want to install, do the following:

From the Embedded Web Server, click

Settings

Configuration

Click

Security

Certificate Management

Certificate Authority Management

New

Upload the file containing the certificate, and then click

Submit

Note:

The file must be in PEM (.cer) format. The contents of the file should resemble the following:

-----BEGIN CERTIFICATE-----

MIIE1jCCA76gAwIBAgIQY6sV0KL3tIhBtlr4gHG85zANBgkqhkiG9w0BAQUFADBs

…

l3DTbPe0mnIbTq0iWqKEaVne1vvaDt52iSpEQyevwgUcHD16rFy+sOnCaQ==

-----END CERTIFICATE-----

Configuring the applications