Lexmark X782e PKI-Enabled Pre-Installation Guide - Page 14

User Authentication

Get Lexmark X782e PDF manuals and user guides View all Lexmark X782e manuals
Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

PKI Pre-Installation Guide 3.1.6 Display Printer Status When there is an error or warning on the MFP, a "Status/Supplies" button is displayed on the welcome screen in the lower right corner. The PKI Authentication application can be configured to display the error or warning on the login screen. The user would still need to login to see the graphic or more detailed information, but this allows the basic warnings (Tray 1 Low) or errors (Load Paper Tray 1) to be seen or resolved without needing to login. Do you want the printer status available from the login screen? □ Yes □ No 3.2 User Authentication The PKI Authentication application provides two methods for logging onto the device: PIN Only Active Directory The user must enter his/her PIN number before obtaining access to the device; manual logins are not allowed. The user must enter insert his/her card and enter the PIN number OR the user must enter his/her username and password. This information is sent to a Windows Domain Controller for validation. Once the information is authenticated the user is granted access to the device. Check the box below to indicate the desired logon method. □ PIN Only □ Active Directory 3.2.1 PIN Only No additional configuration information is needed for the PIN Only logon method. Using this mode, manual login is not supported and user's certificate is not verified. The PKI Email application is the only other PKI application that can be used. 3.2.2 Active Directory Windows Active Directory requires a SmartCard or Username/Password to be used for authentication. If using a SmartCard, the User Principal Name and certificate on the user's card is sent to a Domain Controller to be validated. The Domain Controller sends a response back to the MFP; the response contains the Domain Controller's certificate which the MFP must then validate. If using the manual login option, the username and password are sent to the Domain Controller to be validated. In either case, the PKI Authentication application needs to validate the user against an Active Directory Domain Controller. The domain controller acts as a Kerberos Key Distribution Center (KDC) to validate the user. 1. IP address or name of the Active Directory Domain Controller to use for validation. Multiple domain controllers may be specified. List at least one below. Version 2.0.0 Page 10

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
PKI Pre-Installation Guide
Version 2.0.0
Page 10
3.1.6 Display Printer Status
When there is an error or warning on the MFP, a “Status/Supplies” button is displayed on the
welcome screen in the lower right corner.
The PKI Authentication application can be configured
to display the error or warning on the login screen.
The user would still need to login to see the
graphic or more detailed information, but this allows the basic warnings (Tray 1 Low) or errors
(Load Paper Tray 1) to be seen or resolved without needing to login.
Do you want the printer
status available from the login screen?
Yes
No
3.2 User Authentication
The PKI Authentication application provides two methods for logging onto the device:
PIN Only
The user must enter his/her PIN number before obtaining access to the
device; manual logins are not allowed.
Active
Directory
The user must enter insert his/her card and enter the PIN number OR
the user must enter his/her username and password.
This information
is sent to a Windows Domain Controller for validation. Once the
information is authenticated the user is granted access to the device.
Check the box below to indicate the desired logon method.
PIN Only
Active Directory
3.2.1 PIN Only
No additional configuration information is needed for the
PIN Only
logon method.
Using this
mode, manual login is not supported and user’s certificate is not verified.
The PKI Email
application is the only other PKI application that can be used.
3.2.2 Active Directory
Windows Active Directory requires a SmartCard or Username/Password to be used for
authentication.
If using a SmartCard, the User Principal Name and certificate on the user’s card
is sent to a Domain Controller to be validated.
The Domain Controller sends a response back to
the MFP; the response contains the Domain Controller’s certificate which the MFP must then
validate.
If using the manual login option, the username and password are sent to the Domain
Controller to be validated.
In either case, the PKI Authentication application needs to validate the user against an Active
Directory Domain Controller.
The domain controller acts as a Kerberos Key Distribution Center
(KDC) to validate the user.
1.
IP address or name of the Active Directory Domain Controller to use for validation.
Multiple domain controllers may be specified.
List at least one below.