Operating Instructions - Notes on Security Functions: SH

Operating Instructions - Notes on Security Functions: SH
Operating Instructions
Notes on Security Functions
For safe and correct use, be sure to read the Safety Information in "Manuals and Safety Information for This Machine" before using the machine.
Introduction
This manual contains detailed instructions and notes on the operation and use of this machine. For your safety and
benefit, read this manual carefully before using the machine. Keep this manual in a handy place for quick reference.
Important
Contents of this manual are subject to change without prior notice. In no event will the company be liable for direct,
indirect, special, incidental, or consequential damages as a result of handling or operating the machine.
Notes:
Some illustrations in this manual might be slightly different from the machine.
Certain options might not be available in some countries. For details, please contact your local dealer.
TABLE OF CONTENTS
About This Booklet..............................................................................................................................................2
Logging In and Login Password........................................................................................................................3
Login (Using the Driver).................................................................................................................................3
User Lockout Function....................................................................................................................................5
Changing the Login Password.......................................................................................................................5
Checking Which Functions are Available........................................................................................................9
Access Permission for Stored Files..................................................................................................................11
Assigning Users and Access Permission for Stored Files..........................................................................12
Specifying Access Privileges for Files Stored using the Scanner and Fax Functions..............................14
Assigning the User and the Access Permission for the User's Stored Files..............................................18
Specifying Access Privileges for the Printer Function's Stored Print Files.................................................21
Notes on Particular Functions..........................................................................................................................23
Printing..........................................................................................................................................................23
Received Fax................................................................................................................................................23
Displaying the Job List Screen.....................................................................................................................23
Scan to Folder..............................................................................................................................................23
Address Book...............................................................................................................................................24
Trademarks.......................................................................................................................................................25
1
About This Booklet
This booklet describes procedures, and provides important notes, for using this product in an
operational environment certified according to "Common Criteria for Information Technology Security
Evaluation".
Read this booklet thoroughly before using the product.
2
Logging In and Login Password
The machine's user authentication has been enabled.
To operate the machine, each user must enter a valid user login name and password on the
authentication screen displayed when the machine is accessed.
Logging in refers to the process by which you obtain access to the machine in order to operate it.
Logging out refers to the process by which you relinquish access to the machine.
To prevent unauthorized use of the machine, be sure to log out by pressing the [Login/Logout] key once
you have finished your operation.
For added security, the machine has an auto-logout timer by which it automatically logs you out if you
do not operate the control panel within a given time.
Login user names are case sensitive on the machine. Note that this also applies when using Windows
authentication.
• For details about logging in and out, see "When the Authentication Screen is Displayed" in "Guide
to the Machine", About This Machine.
Login (Using the Driver)
This section explains how to log in using the driver.
Enter your login user name and password as registered in the machine. You need only do this the first
time you access the machine.
The procedure is explained using Windows XP as an example.
Specifying the Printer Driver Properties
This section explains how to log in using the printer driver.
1. Open the printer properties dialog box, and then click the [Advanced Options] tab.
2. Select the [User Authentication] check box.
3. If you want to encrypt the login password, select the [With Encryption] check box and
then click [Driver Encryption Key...].
Enter the driver encryption key already set on the machine.
4. Click [OK] to close the "Driver Encryption Key" dialog box.
5. Click [OK] to close the printer properties dialog box.
6. From the [Printers and Faxes] window, open the printing preferences dialog box.
3
7. Specify the user authentication setting.
If you are using the PCL 5e printer driver, click the [Valid Access] tab, and then click
[Authentications...].
If you are using the PCL 6 printer driver, click the [Detailed Settings] tab, click [Job Setup], and then
click [Authentication...] in the [Job Setup] area.
8. Enter a login user name and login password already set on the machine or the server for
user authentication.
Be sure to enter the same login user name and login password that is registered on the machine or
the server.
If you do not enter a valid login user name and login password, printing will not start.
9. Click [OK] to close the "Authentication" dialog box.
10. Click [OK] to close the printing preferences dialog box.
• Depending on the application in use, the properties specified in this procedure may not take effect.
• If you log in using the driver, you do not need to log out when you finish.
Login (Using the LAN-Fax Driver)
This section explains how to log in using the LAN-Fax driver.
• [User code:] and [Specify sender] settings on the [User Settings] dialog box are invalid when you
use the user authentication function.
1. Open the printer properties dialog box, and then click the [Advanced Options] tab.
2. Select the [General user authentication] check box.
3. If you want to encrypt the login password, select the [Encryption] check box.
Enter the driver encryption key set on the machine.
To encrypt the password, depending on your machine, the optional network data protection unit
may need to be installed.
4. Click [OK] to close the printer properties dialog box.
5. Open the document you want to send from an application.
6. Select [LAN-Fax] as the printer and then start the print job.
The [LAN-Fax] dialog box appears.
7. Click [User Settings...].
The [User Settings] dialog box appears.
4
8. Enter the login user name and login password already set on the machine or server for
user authentication.
If you enter an invalid login user name and login password, sending and/or printing does not start.
9. Click [OK] to close the dialog box.
User Lockout Function
This machine has a User Lockout function.
If an incorrect password is entered the number of times specified by the administrator, the User Lockout
function prevents further login attempts under the same user name.
Even if the locked out user enters the correct password later, authentication will fail and it will not be
possible to use the machine.
For details about releasing a locked out user, ask your administrator.
Changing the Login Password
This section explains how to change the login password used for user authentication.
You can use alphanumeric characters and symbols when registering login user passwords.
You can register up to 128 single-byte characters.
The passwords are case-sensitive. Keep this in mind when registering them.
• Do not disclose the password to outsiders. Similarly, do not write the password down and leave it
where others can see it.
• Change the password periodically.
• Make the password difficult to guess.
Password Policy
This machine has a password policy.
Only passwords meeting the specified criteria for level of complexity and minimum number of
characters can be registered.
For details about the criteria, ask the administrator.
Passwords can contain the following characters:
• Upper case letters: A to Z (26 characters)
• Lower case letters: a to z (26 characters)
• Numbers: 0 to 9 (10 characters)
• Symbols: (space) ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _` { | } ~ (33 characters)
5
Some characters are not available, regardless of whether their codes are entered using the
keyboard or the control panel.
Changing the Login Password Using the Control Panel
This section explains how to change the login password using the control panel.
1. Press the [User Tools/Counter] key.
2. Press [System Settings].
3. Press [Administrator Tools].
4. Press [Address Book Management].
5. Select the user.
6
6. Press [Auth. Info].
7. Press [Change] for "Login Password".
8. Enter a login password, and then press [OK].
9. If a password reentry screen appears, enter the login password, and then press [OK].
10. Press [OK].
11. Press [Exit] twice.
12. Press the [User Tools/Counter] key.
Changing the Login Password Using Web Image Monitor
This section explains how to change the login password using Web Image Monitor.
1. Open a Web browser.
2. Enter "https://(the machine's IP address or host name)/" in the address bar.
3. Click [Login].
Enter the login user name and login password.
4. Click [Address Book].
5. Select the user.
6. Click [Change].
7. Click [Change] next to [Login Password].
7
8. Enter the new password in the password and confirm password fields.
9. Click [OK].
10. Click [OK].
11. Click [Logout].
Changing the Login Password for the Printer Driver
This section explains how to change the login password for the printer driver.
1. From the [Printers and Faxes] window, open the printing preferences dialog box.
2. Specify the user authentication setting.
If you are using the PCL 5e printer driver, click the [Valid Access] tab, and then click
[Authentications...].
If you are using the PCL 6 printer driver, click the [Detailed Settings] tab, click [Job Setup], and then
click [Authentication...] in the [Job Setup] area.
3. Enter a login password already set on the machine or the server for user authentication.
Be sure to enter the same login password that is registered on the machine or the server.
If you do not enter a valid login password, printing will not start.
4. Click [OK] to close the "Authentication" dialog box.
5. Click [OK] to close the printing preferences dialog box.
Changing the Login Password for the LAN-Fax Driver
This section explains how to change the login password for the LAN-Fax driver.
1. Open the document you want to send from an application.
2. Select [LAN-Fax] as the printer and then start the print job.
The [LAN-Fax] dialog box appears.
3. Click [User Settings...].
The [User Settings] dialog box appears.
4. Enter the login password already set on the machine or server for user authentication.
If you enter an invalid login password, sending and/or printing does not start.
5. Click [OK] to close the dialog box.
8
Checking Which Functions are Available
Using User Authentication, access to the machine by individuals and groups of users is limited according
to the login user name and password.
Each individual or group of users can use only the functions made available to them by the administrator
according to user authentication.
Functions Available to Users
Functions available to users are those related to using the machine's copier/document server,
printer, scanner, and facsimile functions, such as printing, storing, and sending files.
Settings related to the management and adjustment of the machine, such as [System Settings],
[Copier / Document Server Features], [Printer Features], [Scanner Features], and [Facsimile
Features], are available to the administrator only.
If the available functions are limited by user authentication, you can check which functions are
available to you using the following procedure:
1. Press the [User Tools/Counter] key.
2. Press [System Settings].
3. Press [Administrator Tools].
4. Press [Address Book Management].
5. Select the user.
6. Press [Auth. Info].
9
7. In "Available Functions", check the functions you can use.
If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
8. Press [OK].
9. Press [Exit].
10. Press the [User Tools/Counter] key.
10
Access Permission for Stored Files
The access permission for each file stored in the machine can be specified by the user who stores the file.
Such a user is called file creator (owner).
The file creator (owner) can specify who is allowed to access his/her stored files.
For other users, only the files they are allowed to access are displayed. The access permission can be
changed by the file creator (owner) and administrator only.
Access Permission
There are four types of access permission with different levels of privilege.
Access Permission
Read-only
Edit
Edit / Delete
Full Control
Description
In addition to checking the content of and information about stored
files, you can also print and send the files.
You can change the print settings for stored files.
This includes permission to view files.
You can delete stored files.
This includes permission to view and edit files.
You can specify the user and access permission.
This includes permission to view, edit, and edit/delete files.
Password for Stored Files
• Passwords for stored files can be specified by the file creator (owner). You can obtain greater
protection against the unauthorized use of files.
• For details about specifying a password, see "Using the Document Server" in "Document
Server", Copy and Document Server Reference.
• Files can be stored by any user who is allowed to use the Document Server, copy function, scanner
function, or fax function.
• You can also check the contents of stored files via "Document Server" in Web Image Monitor.
• Access permission to Stored Print files sent from the printer driver and stored on the machine can
only be specified in Web Image Monitor. For details, see "Specifying Access Privileges for the
Printer Function's Stored Print Files".
• The default access permission for the file creator (owner) is "Read-only". You can also specify the
access permission.
11
• For details about deleting stored files, see "Deleting a Stored Document" in "Document Server",
Copy and Document Server Reference.
Assigning Users and Access Permission for Stored Files
This can be specified by the file creator (owner).
Specify the users and their access permissions for each stored file.
By making this setting, only users granted access permission can access stored files.
• If files become inaccessible, reset their access permission as the file creator (owner). This can also
be done by the file administrator. If you want to access a file but do not have access permission,
ask the file creator (owner).
• To change the access privileges of a document's owner or another user with [Full Control]
privileges for a document, use the [Change Access Priv.] setting of the document.
For details about logging in and out, see "When the Authentication Screen is Displayed" in "Guide to the
Machine", About This Machine.
1. Press the [Document Server] key.
2. Select the file.
3. Press [File Management].
12
4. Press [Change Access Priv.].
5. Press [Program/Change/Delete].
6. Press [New Program].
7. Select the users or groups you want to assign permission to.
You can select more than one user.
By pressing [All Users], you can select all the users.
8. Press [Exit].
13
9. Select the user who you want to assign access permission to, and then select the
permission.
Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].
10. Press [Exit].
11. Press [OK].
• To ensure machine security, do not grant [Edit], [Edit / Delete], or [Full Control] permission to
general users.
Specifying Access Privileges for Files Stored using the Scanner and Fax
Functions
If user authentication is set for the scanner and fax functions, you can specify access privileges for stored
files when storing them in the Document Server. You can also change the access privileges for the file.
For details about logging in and out, see "When the Authentication Screen is Displayed" in "Guide to the
Machine", About This Machine.
Specifying Access Privileges When Storing Files
This section explains how to specify the access privileges and then store a file in the Document Server
under the scanner or fax function.
The scanner screen is used to illustrate the procedure.
1. Press the [Scanner] key.
14
2. Press [Store File].
3. Press [Access Privileges].
4. Press [New Program].
5. Select the users or groups you want to assign permission to.
You can select more than one user.
By pressing [All Users], you can select all the users.
6. Press [Exit].
7. Select the user who you want to assign access permission to, and then select the
permission.
Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].
8. Press [Exit].
15
9. Press [OK].
10. Store files in the Document Server.
Changing Access Privileges for Previously Stored Files
This section explains how to change access privileges for a file stored in the Document Server under the
scanner or fax function.
The scanner screen is used to illustrate the procedure.
1. Press the [Scanner] key.
2. Press [Select Stored File].
3. Select the file.
4. Press [Manage / Delete File].
16
5. Press [Change Access Priv.].
6. Press [Program/Change/Delete].
7. Press [New Program].
17
8. Select the users or groups you want to assign permission to.
You can select more than one user.
By pressing [All Users], you can select all the users.
9. Press [Exit].
10. Select the user who you want to assign access permission to, and then select the
permission.
Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].
11. Press [Exit].
12. Press [OK].
Assigning the User and the Access Permission for the User's Stored Files
This can be specified by the file creator (owner).
Specify the users and their access permission to files stored by a particular user.
Only those users granted access permission can access stored files.
This makes managing access permission easier than specifying and managing access permissions for
each stored file.
For details about logging in and out, see "When the Authentication Screen is Displayed" in "Guide to the
Machine", About This Machine.
1. Press the [User Tools/Counter] key.
18
2. Press [System Settings].
3. Press [Administrator Tools].
4. Press [Address Book Management].
19
5. Select the user.
6. Press [Protection].
7. Under "Protect File(s)", press [Program/Change/Delete] for "Permissions for Users/
Groups".
If the setting to be specified does not appear, press [ Next] to scroll down to other settings.
20
8. Press [New Program].
9. Select the users or groups to register.
You can select more than one user.
By pressing [All Users], you can select all the users.
10. Press [Exit].
11. Select the user who you want to assign access permission to, and then select the
permission.
Select the access permission from [Read-only], [Edit], [Edit / Delete], or [Full Control].
12. Press [Exit].
13. Press [OK].
14. Press [Exit].
15. Press the [User Tools/Counter] key.
Specifying Access Privileges for the Printer Function's Stored Print Files
Access permission to Stored Print files sent from the printer driver and stored on the machine can only be
specified in Web Image Monitor.
1. Open a Web browser.
2. Enter "https://(the machine's IP address or host name)/" in the address bar.
21
3. Click [Login].
Enter the login user name and login password.
4. Click [Printer: Print Jobs].
5. Click [Details] next to the Stored Print file with the access privilege you wish to change.
6. Click [Change] next to [Access Privilege].
If an authentication screen appears, enter the password.
7. Select the user's access privilege.
As the access privilege, select [Read-only], [Edit], [Edit/Delete], or [Full Control]. To apply the
specified setting to all users, select the access privilege from [All Users] in [Public].
8. Click [OK].
9. Click [Back].
10. Click [Back].
11. Click [Logout].
22
Notes on Particular Functions
This section provides notes on particular functions.
Printing
A third party may remove or review paper documents printed by this machine. Collect prints
immediately.
Received Fax
Received faxes programmed to be stored on the hard disk can be viewed, printed, and deleted only by
the users authorized to access each stored file.
Only the authorized users can check such faxes and distribute them to other users.
For details about checking received faxes, see "Confirming/Printing/Deleting Received and Stored
Documents" in "Changing/Confirming Communication Information", Facsimile Reference.
To assign a user to manage stored faxes, see "Reception Settings" in "Facsimile Features", Facsimile
Reference.
Displaying the Job List Screen
Using the Job List Screen, you can manage the stored jobs.
You can use this function in various circumstances, such as for deleting erroneous jobs and printing
urgent jobs before others.
If user authentication has been enabled, only jobs stored by the logged-in user appear in the list for
viewing and deleting.
For details about using the job list, see "Job List" in "Printing Stored Documents", Printer Reference.
Scan to Folder
When you send files by Scan to Folder, select the destination from the registered folders only.
For details about sending files by Scan to Folder, see "Sending Scan Files to Folders", Scanner
Reference.
23
Address Book
Using the Extended Security function, the machine prevents general users from registering destination
addresses in the address book.
You cannot send files by manually entering fax numbers, e-mail addresses, or folder destinations in Fax
or Scanner functions either. Users are only allowed to send files to destinations registered in the address
book.
To specify a destination for a fax using the LAN-Fax driver, see "Entering Destinations Directly" in the
Help.
24
Trademarks
Microsoft, Windows, Windows Server, Windows Vista are either registered trademarks or trademarks
of Microsoft Corporation in the United States and/or other countries.
The proper names of the Windows operating systems are as follows:
• The product names of Windows XP are as follows:
Microsoft® Windows® XP Professional
Microsoft® Windows® XP Home Edition
Microsoft® Windows® XP Media Center Edition
Microsoft® Windows® XP Tablet PC Edition
• The product names of Windows Vista are as follows:
Microsoft® Windows Vista® Ultimate
Microsoft® Windows Vista® Business
Microsoft® Windows Vista® Home Premium
Microsoft® Windows Vista® Home Basic
Microsoft® Windows Vista® Enterprise
• The product names of Windows 7 are as follows:
Microsoft® Windows® 7 Home Premium
Microsoft® Windows® 7 Professional
Microsoft® Windows® 7 Ultimate
Microsoft® Windows® 7 Enterprise
• The product names of Windows Server 2003 are as follows:
Microsoft® Windows Server® 2003 Standard Edition
Microsoft® Windows Server® 2003 Enterprise Edition
• The product names of Windows Server 2003 R2 are as follows:
Microsoft® Windows Server® 2003 R2 Standard Edition
Microsoft® Windows Server® 2003 R2 Enterprise Edition
• The product names of Windows Server 2008 are as follows:
Microsoft® Windows Server® 2008 Standard
Microsoft® Windows Server® 2008 Enterprise
• The product names of Windows Server 2008 R2 are as follows:
Microsoft® Windows Server® 2008 R2 Standard
Microsoft® Windows Server® 2008 R2 Enterprise
25
Other product names used herein are for identification purposes only and might be trademarks of their
respective companies. We disclaim any and all rights to those marks.
26
© 2012
Operating Instructions Notes on Security Functions
Printed in France
EN GB
EN US
EN AU M052-7037
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement