Sharp MX-M283 Installation manual

MFP
TT-20352
Models:
Priority:
Date:
Subject:
Description:
Details:
Note:
TECHNICAL
TIP
MX-M283N/MX-M363N/MX-M453N/MX-M503N
MX-M623N/MX-M753N
MX-4100N/MX-4101N/MX-5001N
MX-2610N/MX-3110N/MX-3610N
MX-4110N/MX-4111N/MX-5110N/MX-5111N
Medium
October 2011
How to Integrate User Control with Active Directory
This document shows how to integrate User Control with Active Directory Attributes
Follow the steps in this document to get User Control to use Active Directory to set up the
MFP so that the Page Limit, Authority and Favorite Operation Groups can each be applied
to network users when they log into the MFP.
The procedure is shown below; the rest of the document shows the steps and examples
in more detail.
The following procedure can be used to successfully integrate MFP User Control with Windows Active
Directory by using LDAP Server Access Control on the supported models:
Procedure
1. Determine Active Directory User Attributes to be used as field values in a custom LDAP server setup
for authenticating network users.
2. Create Page Limit, Authority and Favorite Operation Groups on the MFP to meet the customer’s
requirements.
3. Create a new Global Address Book with a Custom LDAP Server setup on the MFP using the desired
active directory user attributes for the group field names from Step 1 under the Linkage with User
Control Function.
4. Enable User Control with login name and password on the MFP using the custom LDAP server as the
Default Network Authentication Server and enable LDAP Server Access Control.
5. Update user attributes in Active Directory for each user to reflect the Page Limit, Authority and
Favorite Operation Groups created on the MFP.
6. Use Device Cloning to save the appropriate settings to the other MFPs if multiple MFPs of the same
type will be used in the same network.
1 OF 46
TECHNICAL TIP TT- 20352
Integrating Sharp MFP User Control
with Active Directory User Attributes
A feature has been added to the newest Sharp products that allow the MFP User Control Function to
integrate with Windows Active Directory User Attributes. This feature is called LDAP Server Access
Control and it permits controlling network users in the same manner as users created locally on the
MFP. The Page Limit Group, Authority Group and Favorite Operation Group can each be applied to
network users when they log into the MFP.
Page Limit Group - Limits the number of prints, scans and copies the user can make.
Authority Group – Controls what functions the user can access on the MFP.
Favorite Operation Group – Customizes the MFP display presented to the user on login.
Currently, the Sharp MX-4100/4101/5001, MX-M283/363/453/503, MX-M623/753, MX-3110/3610 and
MX-4110/5111 series support the LDAP Server Access Control feature.
The following diagram shows the relationship between active directory user attributes and the MFP
custom LDAP server Linkage with User Control Function field values. The default values of these fields
on the MFP are: Page Limit Group = pagelimit; Authority Group = authority and Favorite Operation
Group = favorite.
If these default values were used, new attributes with corresponding names would have to be created
in Active Directory by the domain administrator by extending the schema. This is a complex procedure
rarely undertaken even by domain administrators. However, by utilizing unused user attributes with a
custom LDAP server setup on the MFP, no additional effort is required by the administrator to
incorporate this feature. Changes would only need to be made on the MFP where the default values of
the fields are replaced by the desired unused attributes of the user in active directory as shown below.
In the above case, attributes from the Telephones tab of the user properties are used as links to the
MFP user control function fields. The Page Limit Group field is set to homePhone, Authority Group is
set to pager and Favorite Operation Group is set to ipPhone on the MFP.
(Note: The attribute names are case sensitive and are not the same as the displayed names.)
2 OF 46
TECHNICAL TIP TT- 20352
To apply these groups for user control at the MFP only requires the administrator to assign numeric
values to the user attributes. These values correspond to the index number of the groups when they
are created on the MFP. In the above example, the value of 2 for the homePhone corresponds to the
second Page Limit Group created; the value of 3 for pager corresponds to the third Authority Group
created; and a value of 1 for ipPhone corresponds to the first Favorite Operation Group created.
Each network users experience after logging into the MFP can be varied by changing the values of the
user’s attributes in active directory. Windows Script Host programming can be used to perform batch
updates to user attributes based on the customer’s criteria. The following screens show some of the
possible logins based on LDAP Server Access Control.
1. Network user attempting to copy in color but restricted to black and white copies only.
Figure 1
2. Network user who has requested that the display language and keyboard be in Russian.
Figure 2
3 OF 46
TECHNICAL TIP TT- 20352
3. Network user who has requested that MFP display language be in Spanish.
Figure 3
4. Network user who is not allowed to use any function on the MFP.
Figure 4
The above login screens are based on the following tutorial using a simplistic scenario and a small
number of users for the sake of clarity. All selections made for the various users and groups were
arbitrary and used for illustration purposes only.
4 OF 46
TECHNICAL TIP TT- 20352
The following tutorial details these procedures using two different examples and demonstrates how to
fully leverage the built in features of Sharp MFPs without the need of additional software or hardware.
Example Setups of MFP User Control Integrated with Active Directory
Example 1 – Using Attributes from the Telephone Tab of the AD User
In this scenario, a fictitious company (Testers Inc.) is hosted by a single domain controller (Exch2010)
with a domain name of TESTDOMAIN.COM. All users except the administrator are members of the
TESTUSERS organizational unit within the domain. A new Sharp MX-5001N has been placed and the
company has certain requirements for its employees to use it.
The company wants to have all users log into MFP with their network credentials to restrict usage of the
MFP. Each user in the organization has a department and job title assigned within active directory.
Currently, there are 3 departments (Advertising, Production and Temporary Workers) and 3 job titles
(Manger, Staff and Temporary). Department Managers are to have full and unrestricted access to all
features of the MFP. Staff members in the Advertising department will have full access to the features
of the MFP but color output for printing and copying will be limited. Staff members in the Production
department will be restricted to black and white printing and copying but can scan in color. For security
purposes, temporary workers are not allowed to use any functions of the MFP even though they have
network accounts. Users not assigned a job title or department are also denied access to the MFP.
In addition, some employees speak Russian and others speak Spanish as their first languages. The
company wants these employees to be able to see the MFP display instructions in their native
languages if they request it.
In this example, unique user rather than organizational attributes are used as these are private values
rarely assigned by domain administrators to users. Follow the instructions in the example below to
obtain the company’s goal.
1. Determine Active Directory User Attributes to use as field values.
NOTE: This step should be completed by the network administrator
Each user object in Windows Active Directory has a number of attributes contained in it such as
login name and password. Many (but not all) of these attributes can be viewed using the Windows
Active Directory Computer and User administrative tool on a domain server. All attributes can be
viewed and edited by the ADSIEdit.mcs (Active Directory Services Interface Editor) Snapin tool
available for download from Microsoft®.
In this example, commonly unused attributes that can be viewed and edited with the Windows
Active Directory Computer and User administrative tool are shown below for the Telephones tab.
NOTE: Not all attributes need to be on the same tab but it is more convenient for editing.
5 OF 46
TECHNICAL TIP TT- 20352
The actual names of the attributes are different than the names that are shown on the Telephones
tab.
Display Name
Attribute Name
Normally Unused
Home
homePhone
Yes
Pager
pager
Yes
Mobile
mobile
No
FAX
facsimileTelephoneNumber
No
IP Phone
ipPhone
Yes
6 OF 46
TECHNICAL TIP TT- 20352
The following attributes are accessed using the Other button for the individual attributes shown
above on the Telephones tab. These particular attributes can contain more than one value. If
they are used for field values for the MFP’s Custom LDAP Server setup, they can contain only a
single value.
otherHomePhone
otherPager
otherMobile
otherFacsimileTelephoneNumber
otherIpPhone
For ease of viewing and editing by the network administrator, the homePhone, pager and
ipPhone attributes on the Telephones tab will be used in the MFP Custom LDAP Server setup in
a later step.
2. Create Page Limit, Authority and Favorite Operation Groups on the MFP.
a. Browse to the main web page of the MFP and log in as the Administrator (default password
admin).
b. Click on the User Control, click on Page Limit Group List and then click on the Add button
when the page below appears.
c. Type in a descriptive name for the group in the Group Name field. In this case, type in
Unlimited_Group as this group has no restrictions on page limits. As this is the first group
being created, the Registration Model drop down box will be at the default value of
Unlimited. Leave all page values at Unlimited and click on the Submit button.
7 OF 46
TECHNICAL TIP TT- 20352
NOTE: Creating an Unlimited_Group is not really required. However, it is done here to make
the exercise easier to follow.
8 OF 46
TECHNICAL TIP TT- 20352
d. At the Page Limit Group List page, click on the Add button to create another group. Next,
type Limited_Group for the name of this group. Leave all Black and White Copier, Prints and
Prints (Document Filing) as Unlimited. Select Limited for all color modes for printing and
copying and set the limit to 1000. Leave List Prints and Scanning at Unlimited. Click on the
Submit button when done.
Note that each group is assigned a group number. These numbers will be used for active
directory user attributes to assign page limit restrictions to network users.
9 OF 46
TECHNICAL TIP TT- 20352
e. Next, click on the Authority Group List and click on the Add button to create the first
authority group.
f.
Type in Color for the Group Name and select User as the Registration Model. Leave all
selections for all modes to Approved and click on the Submit button when done.
10 OF 46
TECHNICAL TIP TT- 20352
g. Click on the Add button at the Authority Group List page to add the next authority group.
Type in Black_and_White as the group name and select Guest as the Registration Model.
Ensure that all color modes for copying and printing are set to Prohibited.
h. Under the Document Filing section, select Prohibited for Scan to HDD Color Mode Approval
Setting and Prints (Document Filing) Color Mode Approval Setting. Set all other selections
on this page to Allowed as this group has access to all MFP functions except printing and
copying in color. Click on the Submit button when done.
11 OF 46
TECHNICAL TIP TT- 20352
i.
Click on the Add button at the Authority Group List page to add the last authority group.
Type in Restricted_User as the group name and select Guest as the Registration Model. As
this group will be used to prevent unauthorized access to the MFP, set all modes to
Prohibited. Click on the Submit button when done.
j.
Each authority group name is assigned a group number when created. These numbers will
be used with active directory user attributes to control MFP features available to network
users.
12 OF 46
TECHNICAL TIP TT- 20352
k. Click on the Favorite Operation Group List menu and then click on the Add button to create
the first operation group.
l.
Type in English for the group name, select Follow the System Settings for the Registration
Model and click on the System Settings tab. (As English is the default language used by the
MFP, this group does not have to be created but it is included to make the exercise easier to
follow.)
m. Scroll down the page until the MFP Display Language Setting selection is seen and ensure
American English is selected. For Keyboard Select, select English(US) and set the MFP
Display Pattern Setting to Pattern 1. (NOTE: For purposes of this exercise, these are the
only changes that will be made although numerous items can be configured for a favorite
operation group.) Click on the Submit button when done.
13 OF 46
TECHNICAL TIP TT- 20352
n. Click on the Add button at the Favorite Operation Group List page to create the next
operation group. Type in Russian for the group name, select Follow the System Settings for
the Registration Model and click on the System Settings tab. Scroll down the page until the
MFP Display Language Setting selection is seen and select Russian. For Keyboard Select,
select Russian and set the MFP Display Pattern Setting to Pattern 2.Click on the Submit
button when done.
o. Click on the Add button at the Favorite Operation Group List page to create the next
operation group. Type in Spanish for the group name, select Follow the System Settings for
the Registration Model and click on the System Settings tab. Scroll down the page until the
MFP Display Language Setting selection is seen and select Spanish. For Keyboard Select,
select English(US) and set the MFP Display Pattern Setting to Pattern 3.Click on the Submit
button when done.
14 OF 46
TECHNICAL TIP TT- 20352
p. Finally, click on the Add button at the Favorite Operation Group List page to create the last
operation group. Type in Unauthorized for the group name, select English for the
Registration Model and click on the System Settings tab. Scroll down the page and set the
MFP Display Pattern Setting to Pattern 5. (This is to provide a visual cue when an
unauthorized user logs into the MFP.)
q. Enable the check boxes next to No Display for all custom keys on this page. Click on the
Submit button when done.
r.
As with all other groups, numbers are assigned to the favorite operations groups. These
numbers will be used for active directory user attributes to assign custom display panels to
network users.
15 OF 46
TECHNICAL TIP TT- 20352
3. Create a new Global Address Book with a Custom LDAP Server on the MFP and link it with the
User Control Function.
a. On the main Web page of the MFP, click on Network Settings, click on LDAP Settings and
then click the Add button to create a new Global Address Book.
b. Fill in the appropriate values for the LDAP server being connected to, select Custom for the
Server Type drop down box and enter the attribute names that will be used for Linkage with
User Control Function. In this example, the Page Limit Group field is set to homePhone, the
Authority Group field is set to pager and the Favorite Operations Group field is set to
ipPhone. Complete the rest of the required LDAP settings and click on the Submit button
when done.
16 OF 46
TECHNICAL TIP TT- 20352
c. The newly created Custom LDAP Server (in this case named Authority Server) is added to
the Global Address Book List.
4. Enable User Control on the MFP.
a. On the main Web page of the MFP, click on User Control and then click on Default Settings.
Select Enable from the drop down list and click the radio button next to Authenticate a User
by Login Name and Password. For the Default Network Authentication Server, select the
newly created Global Address Book (in this example Authority Server. Click on the checkbox
next to Perform LDAP server access control. Click on the Submit button when done.
b. While the MFP is now setup for network user authentication, the Page Limit, Authority and
Favorite Operation Groups settings will not be applied to the user until the user attributes
are updated in Active Directory in the next step.
17 OF 46
TECHNICAL TIP TT- 20352
5. Update user attributes in Active Directory
NOTE: This step should be completed by the network administrator.
In this example, the Page Limit and Authority Groups are applied to users based on their job title
and department stored on their Organization tab in Active Directory. By default, all users are
assigned a Favorite Operation Group with the MFP display in English. If the user wants the MFP
display to be in Spanish or Russian, they must make a request to the network administrator. The
relationships of the Active Directory attributes to the various groups created on the MFP in this
example are shown below.
The various group names and index values for the corresponding attributes are shown in the
following tables.
Group Name
Unlimited_Group
Limited_Group
Page Limit Groups
Index values to enter into the Home field
1
2
Group Name
Color
Black_and_White
Restricted_User
Authority Groups
Index values to enter into the Pager field
1
2
3
Group Name
English
Russian
Spanish
Unauthorized
Favorite Operation Groups
Index values to enter into the IP Phone field
1
2
3
4
18 OF 46
TECHNICAL TIP TT- 20352
The user attributes in this example can be edited manually by using the Active Directory Computer
and User administrative tool on the LDAP server.
a. On the LDAP server, start the Active Directory Computer and User administrative tool and
open the container or organizational unit where the users are located (in this example, it is
the TestUsers organizational unit). Highlight the first user, right click, select Properties and
click on the Organization tab.
b. This individual has a job title of Manager and heads up the Advertising department. As a
manager, he is to have access to all features of the MFP. Based on this, he is to be
assigned to the Unlimited_Group Page Limit Group and the Color Authority Group. Unless
otherwise requested by the user, he will be assigned to the English Favorite Operations
Group.
19 OF 46
TECHNICAL TIP TT- 20352
c. Click on the Telephones tab and enter the following values for this user: In the Home field,
enter a value of 1 (Unlimited_Group); In the Pager field, enter a value of 1 (Color); In the IP
Phone field, enter a value of 1 (English.). Click on the OK button when done.
d. Highlight the next user, right click, select Properties and click on the Organization tab to
determine what groups should be assigned to him.
20 OF 46
TECHNICAL TIP TT- 20352
e. This individual has a job title of Staff and is part of the Production department. As a staff
member in this department, he is not allowed any color functions and his output of copies
and prints are limited. As a result, he is to be assigned to the Limited_Group Page Limit
Group and the Black_and_White Authority Group. He has requested that the MFP display
language be in his native language of Spanish so he will be assigned to the Spanish
Favorite Operations Group.
f.
Click on the Telephones tab and enter the following values for this user: In the Home field,
enter a value of 2 (Limited_Group); in the Pager field, enter a value of 2 (Black_and_White);
in the IP Phone field, enter a value of 3 (Spanish). Click on the OK button when done.
g. Continue the above steps until all users have been assigned the correct values based on
the customer’s requirements.
NOTE: Users without a job title or not assigned to a department should have their
appropriate attributes set to the Limited_Group and Restricted_Group for security purposes.
These individuals would have to request access from their department head to the domain
administrator.
NOTE: This process could be automated by using a Windows Script Host file to batch
update the LDAP attributes but that is outside of the scope of this document.
Now when network users log into the MFP, they will have their access to the MFP functions
restricted by their job title and department. The MFP display will also be in the language
requested by that user as shown in Figures 2 – 4 on Pages 2 and 3.
21 OF 46
TECHNICAL TIP TT- 20352
6. Clone User Control, LDAP and Network Settings with Device Cloning.
If additional MFPs in the same network will be using LDAP Server Access Control, use the
following procedure to clone the settings required after testing the original unit.
a. Open the Service Web page of the MFP just configured using the following URL in Windows
Internet Explorer:
http://{IP_Address_of MFP}/service_testpage.html
b. Enter the default password service in the password field and click on the Submit button.
c. Click on the Device Cloning menu item, click on the Select All button and then the Execute
button.
22 OF 46
TECHNICAL TIP TT- 20352
d. Click on the Save button to save the exported *.bin file in a known location on your
computer.
e. Next, log into the Service Web page of the target MFP from the same computer where you
saved the *.bin file. Click on the Device Cloning menu item and the click on the Browse
button in the Import Settings area. Navigate to the saved *.bin file and click on the Open
button.
23 OF 46
TECHNICAL TIP TT- 20352
f.
Click on the Execute button in the Import Settings section to import the clone file into the
target MFP.
g. Repeat the above steps until all MFPs have the same clone file imported. Now network
users will be have the same user experience regardless of which MFP they use in their
network.
24 OF 46
TECHNICAL TIP TT- 20352
Example 2 – Using Attributes Common to all Users
The domain in this scenario (Sharpshow.com) uses a different Active Directory organizational structure
but it has the same requirements as the previous example. The domain administrator has created users
in organizational units based on user roles as well as departments.
The company wants to have all users log into MFP with their network credentials to restrict usage of the
MFP. Each user in the company has a department and job title assigned within active directory.
Currently, there are 3 departments (Advertising, Production and Temporary Workers) and 3 job titles
(Manger, Staff and Temporary). Department Managers are to have full and unrestricted access to all
features of the MFP. Staff members in the Advertising department will have full access to the features
of the MFP but color output for printing and copying will be limited. Staff members in the Production
department will be restricted to black and white printing and copying but can scan in color. For security
purposes, temporary workers are not allowed to use any functions of the MFP even though they have
network accounts.
In addition, some employees speak Russian and others speak Spanish as their first languages. The
company wants these employees to be able to see the MFP display instructions in their native
languages if they request it.
In this example, attributes common to all users are used as opposed to private attributes – that is,
attributes that describe things related to more than one user such as company name and location.
These attributes have an advantage in that multiple users can be selected in the Active Directory
Computer and User administrative tool and the same attribute values can be applied to all users in one
step. The disadvantage is often these attributes are filled in when user accounts are created. Careful
review of all user accounts will be required to ensure that empty attribute fields are available for all
users.
Follow the instructions in the example below to obtain the company’s goal.
1. Determine Active Directory User Attributes to use as field values.
NOTE: This step should be completed by the network administrator
In this example, the following common attributes were found to be unused on the General tab for all
users in the Active Directory structure of the company
Description:
Office:
Web page:
When a single user’s properties are displayed in the Windows Active Directory Computer and User
administrative tool, the General tab is displayed as shown below:
25 OF 46
TECHNICAL TIP TT- 20352
However, when multiple users are selected, only the tabs and attributes common to all selected
users are displayed as shown below. Clicking on the check box next to the attribute name allows
values to be filled in that will be stored for all selected users.
NOTE: Even though it would be possible to apply the same Telephone number, Fax and E-mail
address to all of the selected users, it would be a poor practice to do so.
26 OF 46
TECHNICAL TIP TT- 20352
As discussed before, the actual names of the attributes are different than the names that are
displayed on the tabs.
Display Name
Attribute Name
Normally Unused
Description
description
Yes
Office
physicalDeliveryOfficeName
Yes
Telephone number
telephoneNumber
No
FAX
facsimileTelephoneNumber
No
Web page
wWWHomePage
Yes
E-mail
mail
No
2. Create Page Limit, Authority and Favorite Operation Groups on the MFP.
a. Browse to the main web page of the MFP and log in as the Administrator (default password
admin).
27 OF 46
TECHNICAL TIP TT- 20352
b. Click on the User Control, click on Page Limit Groups List and then click on the Add button
when the page below appears.
c. Type in a descriptive name for the group in the Group Name field. In this case, type in
Unlimited_Group as this group has no restrictions on page limits. As this is the first group
being created, the Registration Model drop down box will be at the default value of
Unlimited. Leave all page values at Unlimited and click on the Submit button.
NOTE: Creating an Unlimited_Group is not really required. However, it is done here to make
the exercise easier to follow.
28 OF 46
TECHNICAL TIP TT- 20352
d. At the Page Limit Group List page, click on the Add button to create another group. Next,
type Limited_Group for the name of this group. Leave all Black and White Copier, Prints and
Prints (Document Filing) as Unlimited. Select Limited for all color modes for printing and
copying and set the limit to 1000. Leave List Prints and Scanning at Unlimited. Click on the
Submit button when done.
Note that each group name is assigned a group number. These numbers will be used for active
directory user attributes to assign page limit restrictions to network users.
29 OF 46
TECHNICAL TIP TT- 20352
e. Next, click on the Authority Group List and click on the Add button to create the first
authority group.
f.
Type in Color for the Group Name and select User as the Registration Model. Leave all
selections for all modes to Approved and click on the Submit button when done.
30 OF 46
TECHNICAL TIP TT- 20352
g. Click on the Add button at the Authority Group List page to add the next authority group.
Type in Black_and_White as the group name and select Guest as the Registration Model.
Ensure that all color modes for copying and printing are set to Prohibited.
h. Under the Document Filing section, select Prohibited for Scan to HDD Color Mode Approval
Setting and Prints (Document Filing) Color Mode Approval Setting. Set all other selections
on this page to Allowed as this group has access to all MFP functions except printing and
copying in color. Click on the Submit button when done.
31 OF 46
TECHNICAL TIP TT- 20352
i.
Click on the Add button at the Authority Group List page to add the last authority group.
Type in Restricted_User as the group name and select Guest as the Registration Model. As
this group will be used to prevent unauthorized access to the MFP, set all modes to
Prohibited. Click on the Submit button when done.
j.
Each authority group name is assigned a group number when created. These numbers will
be used with active directory user attributes to control MFP features available to network
users.
32 OF 46
TECHNICAL TIP TT- 20352
k. Click on the Favorite Operation Group List menu and then click on the Add button to create
the first operation group.
l.
Type in English for the group name, select Follow the System Settings for the Registration
Model and click on the System Settings tab. (As English is the default language used by the
MFP, this group does not have to be created but it is included to make the exercise easier to
follow.)
m. Scroll down the page until the MFP Display Language Setting selection is seen and ensure
American English is selected. For Keyboard Select, select English(US) and set the MFP
Display Pattern Setting to Pattern 1. (NOTE: For purposes of this exercise, these are the
only changes that will be made although numerous items can be configured for a favorite
operation group.) Click on the Submit button when done.
33 OF 46
TECHNICAL TIP TT- 20352
n. Click on the Add button at the Favorite Operation Group List page to create the next
operation group. Type in Russian for the group name, select Follow the System Settings for
the Registration Model and click on the System Settings tab. Scroll down the page until the
MFP Display Language Setting selection is seen and select Russian. For Keyboard Select,
select Russian and set the MFP Display Pattern Setting to Pattern 2.Click on the Submit
button when done.
o. Click on the Add button at the Favorite Operation Group List page to create the next
operation group. Type in Spanish for the group name, select Follow the System Settings for
the Registration Model and click on the System Settings tab. Scroll down the page until the
MFP Display Language Setting selection is seen and select Spanish. For Keyboard Select,
select English(US) and set the MFP Display Pattern Setting to Pattern 3.Click on the Submit
button when done.
34 OF 46
TECHNICAL TIP TT- 20352
p. Finally, click on the Add button at the Favorite Operation Group List page to create the last
operation group. Type in Unauthorized for the group name, select English for the
Registration Model and click on the System Settings tab. Scroll down the page and set the
MFP Display Pattern Setting to Pattern 5. (This is to provide a visual cue when an
unauthorized user logs into the MFP.)
q. Enable the check boxes next to No Display for all custom keys on this page. Click on the
Submit button when done.
r.
As with all other groups, numbers are assigned to the favorite operations groups. These
numbers will be used for active directory user attributes to assign custom display panels to
network users.
35 OF 46
TECHNICAL TIP TT- 20352
3. Create a new Global Address Book with a Custom LDAP Server on the MFP and link it with
User Control Function.
a. On the main Web page of the MFP, click on Network Settings, click on LDAP Settings and
then click on the Add button to create a new Global Address Book.
b. Fill in the appropriate values for the LDAP server being connected to, select Custom for the
Server Type drop down box and enter the attribute names that will be used for Linkage with
User Control Function. In this example, the Page Limit Group field is set to description, the
Authority Group field is set to physicalDeliveryOfficeName and the Favorite Operations
Group field is set to wWWHomePage. Complete the rest of the required LDAP settings and
click on the Submit button when done.
36 OF 46
TECHNICAL TIP TT- 20352
c. The newly created Custom LDAP Server (in this case named Authority Server) is added to
the Global Address Book List.
4. Enable User Control on the MFP.
a. On the main Web page of the MFP, click on User Control and then click on Default
Settings. Select Enable from the drop down list and click the radio button next to
Authenticate a User by Login Name and Password. For the Default Network
Authentication Server, select the newly created Global Address Book (in this example
Authority Server. Click on the checkbox next to Perform LDAP server access control.
Click on the Submit button when done.
b. While the MFP is now setup for network user authentication, the Page Limit, Authority
and Favorite Operation Groups settings will not be applied to the user until the user
attributes are updated in Active Directory in the next step.
37 OF 46
TECHNICAL TIP TT- 20352
5. Update user attributes in Active Directory
NOTE: This step should be completed by the network administrator.
In this example, the Page Limit and Authority Groups are applied to users based on their accounts
created in the Organizational Unit that corresponds to the department they work in. However, all
managers, regardless of department are placed in the Managers organizational unit in Active
Directory.
By default, all users are assigned a Favorite Operation Group with the MFP display in English. If the
user wants the MFP display to be in Spanish or Russian, they must make a request to the network
administrator.
The various group names and index values for the corresponding attributes are shown in the
following tables.
Group Name
Unlimited_Group
Limited_Group
Group Name
Color
Black_and_White
Restricted_User
Group Name
English
Russian
Spanish
Unauthorized
Page Limit Groups
Index values to enter into the Description field
1
2
Authority Groups
Index values to enter into the Office field
1
2
3
Favorite Operation Groups
Index values to enter into the Web page field
1
2
3
4
Due to the layout of the Active Directory structure and the use of attributes common to all users,
rights to the Sharp MFP can be quickly assigned to all users in the network as desired by the
company.
38 OF 46
TECHNICAL TIP TT- 20352
a. On the LDAP server, start the Active Directory Computer and User administrative tool and
open the first organizational unit where the users are located (in this example, it is the
Advertisers organizational unit). Highlight all the users in the organizational unit, right click
and select Properties. On the General tab, click on the checkboxes for Description, Office
and Web page. Fill in the attribute values appropriate for this group. Click on the OK button
when done.
Display Name
Description
Office
Web page
Users in Advertising Organizational Unit
Group Assigned
Limited_Group
Color
English
Value
2
1
1
39 OF 46
TECHNICAL TIP TT- 20352
b. All users in the Advertiser organization will be assigned the attribute values just submitted.
To verify this, highlight a single user, right click and select Properties. Ensure that the
Description, Office and Web page attributes are correct on the General tab. Click on OK
when done.
40 OF 46
TECHNICAL TIP TT- 20352
c. Next, open the Managers organization unit. Highlight all the users in this unit, right click and
select Properties. On the General tab, click on the checkboxes for Description, Office and
Web page. Fill in the attribute values appropriate for the managers as shown below. Click on
the OK button when done.
Display Name
Description
Office
Web page
Users in Managers Organizational Unit
Group Assigned
Unlimited_Group
Color
English
Value
1
1
1
41 OF 46
TECHNICAL TIP TT- 20352
d. Next, open the Production organization unit. Highlight all the users in this unit, right click and
select Properties. On the General tab, click on the checkboxes for Description, Office and
Web page. Fill in the attribute values appropriate for the staff in the Production unit as
shown. Click on the OK button when done.
Display Name
Description
Office
Web page
Users in Production Organizational Unit
Group Assigned
Unlimited_Group
Black_and_White
English
Value
1
2
1
42 OF 46
TECHNICAL TIP TT- 20352
e. Finally, open the Temporary organizational unit. Highlight all the users in this unit, right click
and select Properties. On the General tab, click on the checkboxes for Description, Office
and Web page. Fill in the attribute values appropriate for the managers as shown below.
Click on the OK button when done.
Display Name
Description
Office
Web page
f.
Users in Temporary Organizational Unit
Group Assigned
Limited_Group
Restricted_User
Unauthorized
Value
2
3
4
Changes in display language will have to be done on an individual basis by changing the
value in the Web page attribute when requested by the user.
g. After updating the users’ attributes, all network users will have their access to the MFP
functions restricted as desired by the company. The MFP display will also be in the
language requested by that user as shown on Pages 2 and 3 of this document. Test to
ensure that the correct display and functions are available to each user group.
43 OF 46
TECHNICAL TIP TT- 20352
6. Clone User Control, LDAP and Network Settings with Device Cloning.
If additional MFPs in the same network will be using LDAP Server Access Control, use the
following procedure to clone the settings required after testing the original unit.
a. Open the Service Web page of the MFP just configured using the following URL in
Windows Internet Explorer:
http://{IP_Address_of MFP}/service_testpage.html
b. Enter the default password service in the password field and click on the Submit button.
c. Click on the Device Cloning menu item, click on the Select All button and then the
Execute button.
44 OF 46
TECHNICAL TIP TT- 20352
d. Click on the Save button to save the exported *.bin file in a known location on your
computer.
e. Next, log into the Service Web page of the target MFP from the same computer where
you saved the *.bin file. Click on the Device Cloning menu item and the click on the
Browse button in the Import Settings area. Navigate to the saved *.bin file and click on
the Open button.
45 OF 46
TECHNICAL TIP TT- 20352
f.
Click on the Execute button to import the clone file into the target MFP.
g. Repeat the above steps until all MFPs have the same clone file imported. Now network
users will be have the same user experience regardless of which MFP they use in their
network.
46 OF 46
MFP
TT-20364
Models:
Priority:
Date:
Subject:
Symptom:
Cause:
Solution:
TECHNICAL
TIP
MX-M623U/MX-M753U
MX-M623N/MX-M753N
Medium
November 2011
Delay Between Scans
Scanner is moving after every copy/scan causing delay between jobs
Feature Added with New Firmware
As the countermeasure for the lines when scanning the data from the document feeder,
we have added the mode to search the most uncontaminated scan position.
This feature is ON by default after updating firmware to the version that supports this feature. This feature
can be set to only operate at power on only, or turned off completely.
See Bulletin MFP-SB-523 for detailed instructions on how to adjust this feature.
1 OF 1
MFP
TT-20374
Models:
Priority:
Date:
Subject:
Symptom:
Cause:
Solution:
TECHNICAL
TIP
Current MFP Models
Medium
December 2011
Network Scanner Tool Cannot Detect MFP with Auto Detect or Manual
MFP does not show in scanner list.
Blocked SNMP protocol.
Network Scanner Tool uses the SNMP protocol to detect the scanner.
Check that the MFP has SNMP protocol allowed under Security Settings – Port Control.
Check for any network hardware or software blocking this protocol.
1 OF 1
MFP
TT-20386
Models:
Priority:
Date:
Subject:
Symptom:
Cause:
Solution:
TECHNICAL
TIP
All Sharp MFPs
Medium
January 2012
Acrobat Reduces Page to 96% when Printing
When Printing from Acrobat, pages are reduced to 96%.
Page Scaling Setting within Acrobat.
Change the Page Scaling option to None.
Selecting Shrink to Printable Area or Fit to Printable Area will result in reduction of page to 96%. By
selecting None, the document will be printed at full size 100%.
1 OF 1
MFP
TT-20394
Models:
Priority:
Date:
Subject:
Details:
TECHNICAL
TIP
MX-M623N/MX-M753N/MX-M623U/MX-M753U
Medium
February 2012
Automatic Copy and Printer Calibration
Please see below and on the following page for instructions on how to perform the
Automatic Copy and Printer Calibration
Note: Automatic Copy and Printer calibration should be performed under the following conditions:
1. At installation.
2. At Preventive Maintenance.
3. When process or consumable components have been replaced, such as Drum, Transfer belt, MC
Unit, Transfer roller, Fuser Rollers, LSU, or PCS sensor.
4. When firmware has been upgraded.
5. If U2-xx error has been cleared using Simulation 16.
6. If CCD Gamma has been adjusted, especially after cleaning or replacing scanner components.
7. After replacing the MFP, Scanner, or PCU control PWBs or their EEPROMs.
8. Upon the completion of a routine service call.
Machine Set up: The MFP must be adjusted properly to ensure accuracy of the calibration. These
adjustments must be done at Installation and Preventive Maintenance. Please refer to the Installation
Manual and the Adjustment section of the Service Manual.
Before Calibration: Perform the Copy Quality and Density Check
To ensure accuracy, check the following before performing Automatic Copy and Printer Calibration:
1. Optics. Make sure all optics are cleaned, and calibrate the CCD Gamma as outlined in ADJ 9-A and
ADJ 9-B of the Service Manual.
2. Clean the MC Unit using the cleaning rod. Clean at least three times.
3. Perform the high density image correction forcibly using Simulation 44-6.
4. Perform the half-tone image correction forcibly using Simulation 44-26.
Note: After replacing Drum or Developer, reset halftone gamma using Simulation 44-27 before
running 44-26.
5. When Simulations 44-6 and 44-26 are completed without errors, exit the Simulation mode by
pressing the CA key.
6. Confirm Copy Quality by making a copy of the Color Test Chart (UKOG-0326FC11).
1 OF 2
TECHNICAL TIP TT-20394
Automatic Color Copy and Printer calibration (Combined) Simulation 46-74
In most cases, you should be able to run Simulation 46-74 and perform Copy and Printer calibration at
the same time. In some cases, you may wish to perform these adjustments separately, using
Simulations 46-24 for Copy mode, and 67-24 for print mode.
1. Select a Factory Color Balance Target (If desired) before performing automatic calibration, you can
select a new Factory Definition. Normally, DEF 1 should be selected.

Use Simulation 63-11 to select a new definition for Copy mode (Default is DEF 1)

Use Simulation 67-26 to select a new definition for Printer mode (Default is DEF 1)
2. Unless a Manual calibration has been performed previously, it is highly recommended to match the
Service Target to the Factory Target.

Use Simulation 63-08 to match the Service Color Balance Target to the currently selected
Factory Color Balance Target for Copy mode

Use Simulation 67-28 to match the Service Color Balance Target to the currently selected
Factory Color Balance Target for Printer mode.
3. Perform Copy/Printer Color Balance and Density Adjustment using Simulation 46-74 (ADJ 21-F).
a) Make sure that 11 x 17” Hammermill Color Copier paper is loaded in one of the paper trays. (If other
type 11 x 17” paper is loaded in other trays, either remove the paper or open the trays so the
correct paper is used during calibration)
b) Enter Simulation 46-74 and press EXECUTE. A test page is generated. Place the test page on the
exposure glass face down with the thin line to the left. Place 5 blank pages of 11 x 17” paper on top
of the test page and lower the RSPF/DSPF.
c) Select FACTORY and press EXECUTE on the Display. The test page is scanned, and a reference page
is printed (this page is for visual inspection only and is not intended to be placed on the glass). If no
error messages occur, Copy calibration is complete.
d) Press EXECUTE to begin printer calibration. A test page is generated. Place the test page on the
exposure glass face down with the thin line to the left. Place 5 blank pages of 11 x 17” paper on top
of the test page and lower the RSPF/DSPF.
e) Select FACTORY and press EXECUTE. The test page is scanned, and a reference page is printed (this
page is for visual inspection only and is not intended to be placed on the glass). If no error
messages occur, Printer calibration is complete. Press OK on the display. Copy and Printer
calibration values are entered into memory.
f) The display will read “Please Quit this Mode” press the CA key to exit Simulation 46-74.
4. Confirm Copy Color Balance by making a copy of the Color Test Chart (UKOG-0326FC11).
5. Confirm Printer Color Balance by printing a PCL test print using Simulation 64-5.
This concludes Combined Copy and Printer Calibration using Simulation 46-74.
2 OF 2
MFP
TT-20395
Models:
Priority:
Date:
Subject:
Symptom:
Cause:
Solution:
TECHNICAL
TIP
MX-M623N/MX-M753N/MX-M623U/MX-M753U
Medium
February 2012
MFP Calibration Checklist
Image quality problems occur
MFP is out of adjustment
Refer to the following checklist
In order for calibration to be accurate, the following adjustments should be performed or checked at Install
or PM. (Refer to the adjustment section of the Service Manual for details):
1. ADJ 1-A Confirm Doctor Blade gap is in specification (Must be .040mm to .046mm).
2. ADJ 1-B Confirm Main Pole position is in specification (Must be 18.5mm to 19.5mm).
3. ADJ 1-C Toner Density (Simulation 25-2 at install or PM)
 Door must be left open to prevent change in DV/toner mixture until ready to press
EXECUTE.
 Must remove all DV material with vacuum before installing new DV at PM.
 Must use CA key to lock in values when Simulation 25-2 is completed.
4. ADJ 2A Main Charge Grid Voltage (Simulation 8-2) Measure at CN2 pin 3.
5. ADJ 2B DV Bias Voltage (Simulation 8-1) Measure at CN2 pin 7.
6. ADJ 2C Transfer Current (Simulation 8-6) – Confirm values in Simulation 8-6 are set to default.
7. ADJ 3 Image Skew adjustment (Black) Simulation 64-2
8. ADJ 9A CCD calibration OC MODE
 63-3 using SIT chart (UKOG-0280FCZ1) is more accurate, and is recommended.
 63-5 set to default if SIT chart is not available
9. ADJ 9B CCD Calibration DSPF MODE
 63-3 using SIT chart (UKOG-0280FCZ1) is more accurate, and is recommended.
 63-5 set to default if SIT chart is not available
10. ADJ 9C Shading Adjustment - use the shading adjustment sheet UKOG-0333FCZZ
1 OF 1
MFP
TECHNICAL
TIP
TT-20405
Models:
MX-FXX2 • Option for:
Priority:
MX-2600N/MX-3100N
MX-4100N/MX-4101N/MX-5001N
MX-M283N/MX-M363N/MX-M453N/MX-M503N
MX-M363U/MX-M453U/MX-M503U
MX-M623N/MX-M753N
MX-M623U/MX-M753U
Medium
Date:
March 2012
Subject:
Communications Errors NG and ComE when Sending or Receiving
Symptom:
Solution:
Not able to send or receive due to communication errors.
Slow down modem speed and turn off jbig and v.34 speed.
Set the switches as shown below:
Switch 27 set bits 1-8 to: 00111111
Switch 28 set bits 1-8 to: 11111101
Switch 29 set bits 1-8 to: 00000101
If problems continue turn on the protocol monitor with switch 37 set bit 1 to: 1 to print
always and then contact the hotline with this print out.
Note:
Always use the phone line that is packaged with the option. This is a 2 wire line that has
a red and green wire for tip and ring. Multiple wire phone lines can cause communication
issues. Also never share this phone line with any other device.
1 OF 1
MFP
TT-20412
Models:
Priority:
Date:
Subject:
Description:
Details:
TECHNICAL
TIP
MX-M283N/MX-M363N/MX-M453N/MX-M503N
MX-M623N/MX-M753N
MX-4100N/MX-4101N/MX-5001N
MX-2610N/MX-3110N/MX-3610N
MX-4110N/MX-4111N/MX-5110N/MX-5111N
Medium
April 2012
Authentication and Access Control with Active Directory and HID Cards
MFP users can now be authenticated and controlled using HID access cards and card
readers.
See the instructions and examples on the following pages to see how to set up the HID
card and card reader with Active Directory.
1 OF 19
Network Login Using a USB HID Card Reader
with the Aries and Virgo MFP
On the Sharp C-Jupiter II, Jupiter III, Dragon III, Aries and Virgo series MFPs, you can
link authority groups, favorite operation groups and page limit groups to unused
attribute fields in individual user records in active directory. By using a Custom LDAP
address book with LDAP Server Access Control for authentication, network users can be
controlled in the same fashion as was previously possible only with local MFP accounts.
However, the Aries and Virgo series have a new field (Card ID) added to the LDAP
Server Access Control settings that extends this capability to users with HID cards. This
allows them to login into the MFP using network authentication via a HID card!
Using an HID card has several advantages over the normal network authentication
method using network user names and passwords:







The user is authenticated at the MFP to the network with a single card swipe
without having to type in a password.
The user is authenticated at the MFP to the network, even if the user’s network
password has changed.
Users without a HID card cannot log into the MFP, even if the user has a network
user name and password.
Users with HID cards cannot log into the MFP if the card IDs have not been
entered in to the users’ records in Active Directory.
Once the users HID cards are authenticated to the network for the first time, the
users can still log into the MFP with their same permissions when the LDAP
server is not available.
Printing, copying and scanning permissions are granted on login based on the
entries in the users’ records in Active Directory.
This method requires no users be created or HID cards registered on the MFP.
The following pages show logon screens seen when using HID cards with different
permissions in Active Directory using the Linkage with User Control Function on the
Aries or Virgo MFPs.
A. User granted full control for Color and Black and White mode operations.
B. User granted only Black and White mode operations.
C. User prohibited from using any functions of the MFP.
D. Screen presented when the LDAP server is not available for a user granted full
control. (Pressing the OK button allows access to the MFP panel.)
The following are the steps used to create the custom LDAP server with LDAP Server
Access Control with a HID card for network authentication on a Sharp MX-5111N that
produced the screens shown above.
NOTE: It is assumed that the MFP has been previously installed and properly configured
in the network. Further, full administrative access and knowledge of Active Directory is
available.
A. Create Authority Groups
1. Navigate to the home page of the MFP.
2. Click on the Login button and login as the Administrator.
3. Click on User Control on the left hand menu item and then click on the Authority
Group List sub menu.
4. Click on the Add button and the new Authority Group Registration screen will
appear.
5. Name the Authority Group Full Control and select User as the registration model.
Click on the Submit button when done.
6. Next, add another Authority Group naming it B&W Only and select Color
Prohibited as the registration model. Click on the Submit button.
7. Finally, add another Authority Group naming it No Access and select Guest as the
registration model. Select Prohibit for all functions on this page and click on the
Submit button when done. The Authority Group List should appear as below.
B. Create Favorite Operation Groups
While numerous changes can be made for a Favorite Operation Group, only the
screen background colors will be changed in this example.
1. Click on User Control on the left hand menu item and then click on the Favorite
Operation Group List sub menu.
2. Click on the Add button and the new Favorite Operation Group Registration
screen will appear. Name this group Green – Full Control and click on the System
Settings tab.
3. Scroll down the page to the MFP Display Pattern Settings and select Pattern 4
(green background) from the drop down box and click on the Submit button.
4. Next, add another Favorite Operation Group, name this group Blue – B&W Only
and then click on the System Settings tab. Scroll down the page to the MFP
Display Pattern Settings and select Pattern 2 (blue background) from the drop
down box and click on the Submit button.
5. Finally, add another Favorite Operation Group, name this group Red – No Access
and then click on the System Settings tab. Scroll down the page to the MFP
Display Pattern Settings and select Pattern 6 (red background) from the drop
down box and then click on the Submit button. The Favorite Operation Group
List should now appear as shown on the next page.
C. Create Custom LDAP Server on the MFP
1. Click on Network Settings on the left hand menu item and then click on the LDAP
Settings sub menu.
2. Click on the Add button and the new Global Address Book Settings screen will
appear.
3. Enter the name to use for this address book, the LDAP search root and the IP
address or DNS name of the LDAP server.
NOTE: It is important that the Search Root field has at least the domain root
path entered. If this field is left blank, authentication can be done but the
Linkage with User Control Function will not be applied.
4. Change Server Type from Standard to Custom so that that the default attributes
fields can be edited.
NOTE: LDAP attributes must be capitalized and spelled exactly as shown or the
Linkage with User Control Function will not be applied.
5. As this address book will be used for authentication only, change the Search
Attribute field from cn to sAMAccountName. This attribute returns the user’s
logon name rather than his first and last name from the cn attribute.
NOTE: This is important as the user account is auto created on the MFP when
the user logs on for the first time at the MFP. When printing, the user must
supply his logon name (sAMAccountName) and password. If the default cn
attribute is used in the custom LDAP setup, two accounts for the same user will
be created. As an example, if the user’s cn attribute is Don Clark and his logon
name is clarkd, two users accounts will be created on the MFP – *Don Clark and
*clarkd.
6. It is assumed that the following user attributes were available for use with the
Linkage with User Control Function:
a. physicalDeliveryOfficeName (Displayed as Office on user’s General tab in
Active Directory Users and Computers )
b. wWWHomePage (Displayed as Web page on user’s General tab in Active
Directory Users and Computers)
c. ipPhone (Displayed as IP phone on user’s Telephone tab in Active
Directory Users and Computers)
7. Under the Linkage with User Control Function, type in
physicalDeliveryOfficeName in the field for Authority Group, wWWHomePage in
the field for Favorite Operation Group and ipPhone in the field for Card ID.
8. Complete the port number with the default LDAP port of 389 or the Global
Catalog port of 3268, the LDAP user name and password and authentication type
as needed for the network. For Server Usage, uncheck the box for Address Book
and check the box for User Authentication. Press the Execute button for
Connection Test. If there are no problems, click the Submit button to save the
settings.
D. Update user attributes in Active Directory
NOTE: The following steps should be performed by a qualified Network
Administrator. The Active Directory structure used for this example places users in
organizational units that correspond to their job functions. MFP permissions will be
based on these organizational units. Users in the Advertising and Managers
organizational units will have permissions to use all functions of the MFP and can
print in color or black and white. Users in the Production unit can also use all
functions of the MFP but can only print in black and white mode. Users in the
Temporary unit will not be allowed to use any MFP function.
1. On the Domain Controller, open the Active Directory Users and Computers
administrative tool.
2. Expand the Advertising ou and highlight all users. Right click, select Properties
and click on General tab. Click on the check boxes next to Office and Web page.
Place a 1 in the Office and Web page fields and then click on OK. All users in this
unit will now belong to the Full Control authority group and the Green – Full
Control favorite operations group when they log in at the MFP.
3. Repeat for the above for the users in the Managers ou as they will have the
same authority and favorite operations groups assigned to them.
4. Expand the Production ou and highlight all users. Right click, select Properties
and click on General tab. Click on the check boxes next to Office and Web page.
Place a 2 in the Office and Web page fields and then click on OK. All users in this
unit will now belong to the B&W Only authority group and the Blue – B&W Only
favorite operations group.
5. Expand the Temporary ou and highlight all users. Right click, select Properties
and click on General tab. Click on the check boxes next to Office and Web page.
Place a 3 in the Office and Web page fields and then click on OK. All users in this
unit will now belong to the No Access authority group and the Red - No Access
favorite operations group.
6. Next, users assigned with HID cards that are to be given access to the MFP must
have their HID card number added to their user attributes. In the Active
Directory Users and Computers tool, right click on the user name to add a card
to and select Properties. Click on the Telephones tab and fill in the IP phone field
with the number contained on the HID card. Click on OK when done.
7. Repeat for each user who will have access to the MFP keeping in mind that a
card can only be registered to a single user.
E. Install the Card Reader to the MFP and enable User Control.
All that remains to implement this solution is to install the HID card reader on the
MFP and set the authentication method to HID card only. The following
1. At the MFP, press the Settings button on the Home screen of the display.
2. At the Settings screen, press the Administrative Login button.
3. When the following screen appears, type in the administrator password (default
admin) and then press the OK button.
4. Press the Login button.
5. When the Settings screen reappears, click on the User Control menu to expand it
and then click on Card Type / Card Reader Settings.
6. Click on the checkbox for Use IC Card for Authentication and then press the
Submit button.
7. Scroll down under User Control, select the Card Reader Device Registration menu
item and then click on the Read button.
8. When the following message appears, insert the USB cable from the HID card
reader into the USB connector of the MFP and then press the OK button.
9. After a few moments, the Product ID and Vendor ID fields will be populated with
the values from the card reader. Click on the Submit button after this occurs.
10. Under User Control select Default Settings menu item.
11. Select Enable from the drop down list for User Authentication and leave the
Authentication Method Setting at the default as shown.
12. Scroll down and select the LDAP server created for use as the authentication
server from the drop down list. Check the box next to Perform LDAP server
access control and any other desired options on this screen.
13. Scroll down to the last screen, click on the box next to Automatic Login with a
Card and click on the radio button for Only Card Authentication Approved. Click
on the Submit button when done.
14. The Home screen will then be displayed as shown below and only users with
their HID cards registered in Active Directory or the MFP administrator can log
into the MFP. Their permissions to use the MFP functions will be restricted by the
Authority Group that was assigned to them in Active Directory as shown on
Pages 2 and 3 of this document.
MFP
TT-20414
Models:
Priority:
Date:
Subject:
Description:
Details:
Note:
TECHNICAL
TIP
MX-2310U/MX-3111U
MX-2600N/MX-3100N
MX-4100N/MX-4101N/MX-5001N
MX-2610N/MX-3110N/MX-3610N
MX-4110N/MX-4111N/MX-5110N/MX-5111N
MX-M264N/MX-M314N/MX-M354N
MX-M283N/MX-M363N/MX-M453N/MX-M503N
MX-M623N/MX-M753N
Medium
April 2012
Automatically Print Stored Jobs
How to automatically print jobs when logging into the MFP.
Follow these instructions to set up automatic printing using job retention.
For the purposes of this document it is assumed that the technician knows how to send
print jobs to Document Filing and set up User Control on the MFP.
If print jobs are password protected or if they are in a folder that is password protected
they will not be printed automatically.
1 OF 3
TECHNICAL TIP TT-20414
When User Control is enabled and printing using Retention under the Job Handling tab of
the print driver preferences, jobs can be set to print automatically when logging in.
The user name for the job goes into the Default Job ID field. If the User Name box is
checked and the field is filled out, this will be the user name associated with the print job. If
the MFP is in a domain environment and the box is unchecked the print job will use the
domain login name of the user logged in and printing.
In the MFP web page navigate to User Control, Default Settings. Check the box for
Automatically print stored jobs after login then submit.
2 OF 3
TECHNICAL TIP TT-20414
If using LDAP authentication, there is no need to create users under the user list. Leave the
Default Job ID box unchecked in the print driver. Send jobs into Retention from the print
driver, then log in at the MFP panel using the user’s domain login and the user will be
prompted to print their stored jobs.
Please note that if the files are password protected or if they are in a folder that is password
protected they will not be printed.
If PC is not in a domain environment then the following will be needed in addition to the
above:
Add a user to the User List in the MFP web page. Fill out required information and make
note of the User Name field.
In the print driver at the PC under Print Preferences, Job Handling tab check the box for
Default Job ID and use the same User Name that was added to the web page.
Then at the MFP, log in and the MFP will be prompted to auto print once logged in. Please
note that if the files are password protected or if in a folder that is password protected they
will not be printed
Please note that on newer model MFPs next to the check box for Automatically print stored
jobs after login there is a dropdown with the option to choose Login Name or User Name.
Select User Name for this to work if the Default Job ID box in the print driver is unchecked.
3 OF 3
MFP
TT-20422R
Models:
Priority:
Date:
Subject:
Symptom:
Cause:
Solution:
TECHNICAL
TIP
MX-M283N/MX-M363N/MX-M453N/MX-M503N
MX-M363U/MX-M453U/MX-M503U
MX-M623N/MX-M753N
MX-M623U/MX-M753U
Medium
May 2012
Procedure to Resolve U2-30 Error Code
U2-30 Code on display panel on MFP.
At power on, the MFP must identify its 8 digit serial number. The serial number is
electronically stored in 2 locations, on EEPROMs located On MFP Control PWB and the
PCU PWB. If the MFP fails to identify identical serial numbers in both locations at power
on, U2-30 error will occur.
Follow the troubleshooting procedure on the following pages. If U2-30 cannot be
resolved, call the Hotline to open a case for this issue.
1 OF 4
TECHNICAL TIP TT-20422
Troubleshooting:
1. Try to reset the U2-30 error by executing Simulation 16.
2. The electronic serial number data stored on an EEPROM located on the MFP control PWB (ICU) and
the electronic serial number data stored on an EEPROM located on the PCU PWB (PCU) must match
the actual serial number tag on the left side of the machine. Both electronic serial numbers MUST
match the Serial tag! No exceptions!
3. On the above models, it is no longer possible to view the serial number data in special simulations.
Go to simulation 22-05 and confirm if the serial number is shown on the screen. This serial number
is reported by the PCU PWB EEPROM. If the electronic PCU serial number matches the serial tag,
then most likely there is an issue with the MFP control PWB EEPROM. There is no method available
to view the electronic MFP control PWB EEPROM serial number on the above models.
4. Serial Numbers may not match for the following reasons:
 MFP Control or PCU PWBs have been swapped with other machines. Whenever the MFP or PCU
PWB are removed or replaced, the EEPROMs must be removed and installed onto the
replacement PWB. No exceptions!
 Damage. Great care must be given not to damage the 8 legs on the EEPROMs during removal or
installation. It is recommended to use an EEPROM removal tool.
 EEPROMs installed in wrong PWB. It is critical that the PCU EEPROM is never installed on the
MFP PWB or vice versa. The data on the EEPROMs could be permanently damaged. Before
removing the EEPROMs, please label or mark the EEPROMs in some manner to ensure you
install them on the correct replacement PWB.
 EEPROMs installed backwards. There is an indentation or dimple at one end of the EEPROM
indicating its correct orientation. There is a white outline drawn around the EEPROM on the PWB
with a notch at one end indicating which way the dimple should go. Please note which direction
the dimple faces before removing the EEPROM. The data on the EEPROMs could be permanently
damaged.
 Voltage surge. Power surges could also damage the EEPROMs.
5. If you are able to resolve a serial number mismatch, try to reset with Simulation 16 again.
6. Confirm that no EEPROM legs are broken or partially seated.
7. Confirm EEPROMs are on the correct PWB (If Possible)
8. Try running Simulation 16 one last time to reset.
If all efforts to correct U2-30 error fail, the EEPROMs will have to be sent to the factory to reprogram the
serial number information. This involves a minimum 2 week turnaround time. It is vital that the following
directions be followed TO THE LETTER, or additional delays will occur.
Step 1) Call the hotline and set up a case number (this is needed for tracking purposes). The hotline will
also attempt to help you correct the serial number conflict if possible to avoid delays in getting the
customers down machine up and running. They will also go over necessary information, such as packaging
instructions, documentation, and components that must be sent in to Sharp. Please cooperate with the
hotline personnel. They are there to help you.
Step 2) Documentation: To avoid delays, the following documentation is required by the factory in order to
restore serial number information. There are no exceptions.
 A photo of the serial number tag on the frame of the MFP
 A copy of the invoice from Sharp when the machine was purchased. If you did not purchase the
MFP directly from Sharp, please contact the Dealer that did.
 Please include a note that clearly shows the case number you received in Step 1.
2 OF 4
TECHNICAL TIP TT-20422
Step 3) Original Components: To avoid delays, the following components must be sent to the factory in
order to restore serial number information. There are no exceptions.
 MFP Control PWB EEPROM
 PCU PWB EEPROM
Important notes:
 Before removing each EEPROM, make a note of which direction the dimple is facing. It is critical that
the replacement EEPROM is installed in the correct orientation.
 Before removing each EEPROM, Mark or label each EEPROM. Sharp will NOT be able to identify
which EEPROM came from which PWB. You must label them.
 EEPROMs must be protected by placing the legs of the EEPROM in anti-static foam.
 NEVER ship EEPROMs in an Envelope!
Step 4) Replacement Components: To avoid delays, the following replacement components must be sent to
the factory in order to restore serial number information. There are no exceptions.
 MFP Control PWB EEPROM
 PCU PWB EEPROM
Step 5) Packaging: To avoid delays, please take care that all components are packaged properly and are
well protected. All electronic components must be wrapped in anti-static material. Also take care to label the
package Ship To: information correctly.
Always ship EEPROMs in a carton, never ship EEPROMs in an envelope.
Step 6) Shipping: Please send the Documentation, Original Components, and Replacement Components in a
carton to the following address:
Sharp Electronics Corporation
DSSD Dept. ATTN: TY SMITH
1300 Naperville Drive, Romeoville, IL 60446
Warning:
 Include DSSD Dept. ATTN: TY SMITH, or else the package may not reach the intended recipient for
several days.
 Never ship the components in an envelope, or else severe damage will occur.
 Protect the legs of the EEPROMs in anti-static foam, or else severe damage will occur.
 Wrap the components in anti-static plastic, or else severe damage will occur.
 Do not forget to include all documentation outlined in Step 2.
Factory will analyze the original components to identify root cause of U2-30 error.
Serial number Data will be programmed onto Replacement components, and tests will be made to confirm
that the U2-30 has been eliminated.
Original components will be destroyed.
3 OF 4
TECHNICAL TIP TT-20422
Addendum
Replacement Parts: Please be aware that the part numbers for the EEPROMs are only provided in the PWB
Parts Guide.
For MX-M283/MX-M363/MX-M453/MX-M503:
PWB Parts Guide (EEPROMs):
MFP (ICU) EEPROM:
Section 2, Item 183 (IC 29)
Old Part Number:
VHIAT24256P-1
New Part Number:
VHIBR24256W-1
PCU EEPROM:
Section 7, Item 18 (IC 31)
Old Part Number:
VHIAT24C64P-1
New Part Number:
VHIBR24T64W-1
For MX-M623/MX-M753:
PWB Parts Guide (EEPROMs):
MFP (ICU) EEPROM:
Section 3, Item 154 (IC 26)
Part Number:
VHIAT24256P-1
PCU EEPROM:
Section 2, Item 16 (IC 47)
Part Number:
VHIAT24C64P-1
Note: Part Numbers Subject to change (Always refer to Main Parts Guide and PWB Parts Guide posted on
IDNC for latest information).
As of March, 2012, Interchangeability for EEPROMs is rated as 1. If the new part number is not available,
use the old part number.
4 OF 4