Home » Lexmark Manuals » Multifunction Devices » Lexmark MB2442 » Manual Viewer

Lexmark MB2442 Embedded Web Server Administrator s Guide - Page 39

Use Active Directory Device Credentials

Add to My Manuals
Save this manual to your list of manuals

Page 39 highlights

Lexmark Confidential until announced Securing printers 39 • If Anonymous LDAP Bind or Use Active Directory Device Credentials is disabled, then provide the authentication credentials used to bind the printer with the LDAP server. - Device Username • For LDAP setup, type the fully qualified distinguished name (DN) of a user registered to the LDAP server. • For LDAP+GSSAPI setup, type the DN of a user registered to the Kerberos server. - Device Realm-The realm used for the Kerberos server. This setting is available only in the LDAP +GSSAPI setup. - Device Password-Type the password for the user. Advanced Options • Use SSL/TLS-If the LDAP server requires SSL, then select SSL/TLS. • Require Certificate-If the LDAP server requires a certificate, then select Yes. • Userid Attribute-Type the LDAP attribute to search for when authenticating users' credentials. The default value is sAMAccountName, which is common in a Windows operating system environment. For other directories, you can type uid, cn, or a user-defined attribute. For more information, contact your system administrator. • Mail Attribute-Type the LDAP attribute that contains the users' e-mail addresses. The default value is mail. • Fax number Attribute-Type the LDAP attribute that contains the users' fax number. The default value is facsimiletelephonenumber. • Full Name Attribute-Type the LDAP attribute that contains the users' full names. The default value is cn. • Home Directory Attribute-Type the LDAP attribute that contains the users' home directory. The default value is homeDirectory. • Group Membership Attribute-Type the LDAP attribute required for group search. The default value is memberOf. • Search Base-The node in the LDAP server where user accounts reside. You can type multiple search bases, separated by commas. Note: A search base consists of multiple attributes separated by commas, such as cn (common name), ou (organizational unit), o (organization), c (country), and dc (domain). • Search Timeout-Enter a value from 5 to 30 seconds or 5 to 300 seconds, depending on your printer model. • Follow LDAP Referrals-Search the different servers in the domain for the logged‑in user account. Search Specific Object Classes • person-Search the "person" object class. • Custom Object Classes-Type the name of the custom object class to search. Note: A maximum of three custom object classes can be searched. Type the other object class in the other Custom Object Class field. Address Book Setup The following settings are used to configure the address book used when scanning to an e‑mail address. • Displayed Name-Select the LDAP attribute that you want to show on the address book. • Max Search Results-Type the maximum search results shown on the address book. • Use user credentials-Use the logged‑in user credentials to connect to the LDAP server.

Section	Page
Contents	2
Change history	4
Overview	6
Supported printers	6
Supported web browsers	7
Accessing the Embedded Web Server	7
Parts of the Embedded Web Server	7
Understanding helper text	8
Managing printers	9
Checking the status of parts and supplies from the Embedded Web Server	9
Generating reports and logs	9
Configuring supply notifications	10
Managing contacts	10
Adding contacts	10
Adding groups	11
Editing contacts or groups	11
Deleting contacts or groups	11
Scanning	12
Configuring the scan settings	12
Configuring the copy settings	12
Configuring the e-mail settings	13
Configuring the FTP settings	16
Configuring the flash drive settings	18
Creating a shortcut	20
Managing Scan Center destinations	20
Configuring a network destination	20
Configuring an e-mail destination	21
Configuring a fax destination	21
Configuring a remote printer destination	21
Faxing	23
Configuring the fax settings	23
Setting the fax mode	23
Configuring analog fax	23
General Fax Settings	23
Fax Send Settings	23
Fax Receive Settings	25
Fax Cover Page	26
Fax Log Settings	26
Speaker Settings	26
Configuring the fax server	27
General Fax Settings	27
Fax Server E-mail Settings	27
Fax Server Scan Settings	28
Networking	29
Configuring the HTTP/FTP Settings	29
Selecting the active network adapter	29
Connecting to a wireless network	30
Securing printers	31
Securing network connections	31
Configuring TCP/IP port access settings	31
Configuring IP Security settings	31
Configuring 802.1x authentication	32
Setting the restricted server list	33
Managing devices remotely	33
Using HTTPS for printer management	33
Setting up SNMP	33
Configuring SNMP versions 1 or 2c settings	33
Configuring SNMP version 3 settings	33
Configuring SNMP traps	34
Configuring security audit log settings	34
Updating firmware	35
Managing login methods	36
Restricting public access to functions, applications, printer management, and security options	36
Using local accounts	36
Creating local accounts	36
Editing and deleting local accounts	36
Creating local account groups	37
Editing or deleting local account groups	37
Using LDAP or LDAP+GSSAPI	37
Creating an LDAP or LDAP+GSSAPI login method	38
Editing or deleting LDAP or LDAP+GSSAPI login methods	40
Using Kerberos	40
Creating a Kerberos login method	40
Setting the date and time	41
Using Active Directory	42
Creating an Active Directory login method	42
Editing or deleting an Active Directory login method	42
Creating LDAP, LDAP+GSSAPI, or Active Directory groups	44
Editing or deleting LDAP, LDAP+GSSAPI, or Active Directory groups	44
Understanding access controls	45
Managing certificates	47
Configuring printer certificate defaults	47
Creating a printer certificate	47
Installing certificates manually	48
Installing certificates automatically	48
Viewing, downloading, and deleting a certificate	48
Managing other access functions	49
Scheduling access to USB devices	49
Setting login restrictions	49
Configuring confidential printing	49
Enabling solutions LDAP settings	50
Showing secured applications or functions on the home screen	50
Enabling print permission	51
Enabling the security reset jumper	51
Securing data	52
Configuring printer settings	52
Erasing printer memory	53
Erasing printer hard disk memory	54
Configuring printer hard disk encryption	54
Restoring factory default settings	54
Statement of Volatility	54
Troubleshooting	56
Login troubleshooting	56
User is locked out	56
Update the allowed number of login failures and lockout time	56
Reset or replace the smart card	56
User is logged out automatically	56
Increase the Screen Timeout value	56
User cannot access applications or functions	56
Make sure that the user is assigned to a group that has access to the applications and functions	56
KDC and MFP clocks are out of sync	56
Make sure that the date and time settings on the printer are correct	56
Domain controller certificate is not installed	57
Make sure that the correct certificate is installed on the printer	57
KDC is not responding within the required time	57
Make sure that the IP address or host name of the KDC is correct	57
Make sure that the KDC is available in the configuration file	57
Make sure that the server and firewall settings are configured to allow communication between the printer and the KDC server on port 88	57
LDAP troubleshooting	57
LDAP lookups fail	57
Make sure that the server and firewall settings are configured to allow communication between the printer and the LDAP server on port 389 and port 636	57
If reverse DNS lookup is not used in your network, then disable it in the Kerberos settings	57
If the LDAP server requires SSL, then enable SSL for LDAP lookups	57
Narrow the LDAP search base to the lowest possible scope that includes all necessary users	57
Make sure that all LDAP attributes that are being searched for are correct	57
Scanning problems	58
Cannot scan to the selected destination	58
Make sure that the destination is valid	58
If the printer and destination are in different domains, then make sure that the domain information is specified	58
Make sure that the printer is connected to the network	58
Make sure that the user name and password are correct	58
Make sure that the user has permission to save scans to the destination	58
Make sure that a file with the default file name does not exist in the destination	58
Configure the firewall to allow communication with the subnet in which the printer is located	58
Make sure that the printer and destination have the same subnet	58
Make sure that the LDAP settings are configured properly in your printer setup and in the setup dialog	58
Contact your system administrator	58
License error	59
Contact your Lexmark representative	59
An error occurs when opening a secure PDF file	59
Make sure that the PDF version for the device is not set to A-1a	59
Faxing problems	59
Cannot receive fax from one sender	59
Make sure that the sender used the correct fax number	59
Check if the fax has no caller ID and station name	59
Check if the sender fax number is not blocked	59
Generate fax logs and identify the status message	59
Cannot receive fax from all senders	59
Make sure that the printer is configured to receive faxes	59
If using a distinctive ring service, then confirm that the printer is configured properly to pick up the correct ring pattern	60
Reduce the Max Receive speed	60
Check the fax forwarding setting	60
Make sure that no other phone number is competing with the printer	60
Generate fax logs and identify the status message	60
Cannot send fax to one destination	60
Make sure that you entered the correct fax number	60
Reduce the maximum send speed	60
Generate fax logs and identify the status message	61
Cannot send to all fax destinations	61
Make sure that the printer is not configured for Fax Server mode	61
Make sure that the printer is configured to send faxes	61
Check if you are using a PABX telephone system	61
Check if you have entered the proper dialing prefix	61
Reduce the Max Send speed	61
Make sure that you have entered a station ID and station number	61
Generate fax logs and identify the status message	62
Networking problems	62
Printer is not communicating on the network	62
Check the network status	62
Check the printer port access	62
Check the Restricted Server List	62
Make sure that communication is not blocked by a firewall or workplace VPN	62
Notices	63
Edition notice	63
GOVERNMENT END USERS	63
Trademarks	63
GifEncoder	64
ZXing 1.7	64
Apache License Version 2.0, January 2004	64

Match case Limit results 1 per page

•

Anonymous LDAP Bind

Use Active Directory Device Credentials

is disabled, then provide the

authentication credentials used to bind the printer with the LDAP server.

–

Device Username

•

For LDAP setup, type the fully qualified distinguished name (DN) of a user registered to the LDAP

server.

•

For LDAP+GSSAPI setup, type the DN of a user registered to the Kerberos server.

–

Device Realm

—The realm used for the Kerberos server. This setting is available only in the LDAP

+GSSAPI setup.

–

Device Password

—Type the password for the user.

Advanced Options

•

Use SSL/TLS

—If the LDAP server requires SSL, then select

SSL/TLS

•

Require Certificate

—If the LDAP server requires a certificate, then select

Yes

•

Userid Attribute

—Type the LDAP attribute to search for when authenticating users’ credentials. The

default value is

sAMAccountName

, which is common in a Windows operating system environment. For

other directories, you can type

uid

, or a user-defined attribute. For more information, contact your

system administrator.

•

Mail Attribute

—Type the LDAP attribute that contains the users’ e-mail addresses. The default value is

mail

•

Fax number Attribute

—Type the LDAP attribute that contains the users’ fax number. The default value

facsimiletelephonenumber

•

Full Name Attribute

—Type the LDAP attribute that contains the users’ full names. The default value is

•

Home Directory Attribute

—Type the LDAP attribute that contains the users’ home directory. The default

value is

homeDirectory

•

Group Membership Attribute

—Type the LDAP attribute required for group search. The default value is

memberOf

•

Search Base

—The node in the LDAP server where user accounts reside. You can type multiple search

bases, separated by commas.

Note:

A search base consists of multiple attributes separated by commas, such as cn (common name),

ou (organizational unit), o (organization), c (country), and dc (domain).

•

Search Timeout

—Enter a value from 5 to 30 seconds or 5 to 300 seconds, depending on your printer

model.

•

Follow LDAP Referrals

—Search the different servers in the domain for the logged

‑

in user account.

Search Specific Object Classes

•

person

—Search the “person” object class.

•

Custom Object Classes

—Type the name of the custom object class to search.

Note:

A maximum of three custom object classes can be searched. Type the other object class in the

other Custom Object Class field.

Address Book Setup

The following settings are used to configure the address book used when scanning to an e

‑

mail address.

•

Displayed Name

—Select the LDAP attribute that you want to show on the address book.

•

Max Search Results

—Type the maximum search results shown on the address book.

•

Use user credentials

—Use the logged

‑

in user credentials to connect to the LDAP server.

Lexmark Confidential until announced

Securing printers