User`s Guide


Add to my manuals
200 Pages

advertisement

User`s Guide | Manualzz

Océ

User’s Guide

VarioLink 3622/4222/5022

[Security Operations]

2009.01

Ver. 1.06

Océ-Technologies B.V.

Copyright

©2008,Océ-Technologies B.V. Venlo, The Netherlands.

All rights reserved. No part of this work may be reproduced, copied, adapted, or transmitted in any form or by any means without written permission from Océ.

Océ-Technologies B.V. makes no representation or warranties with respect to the contents hereof and specifi cally disclaims any implied warranties of merchantability or fi tness for any particular purpose.

Further, Océ-Technologies B.V. reserves the right to revise this publication and to make changes from time to time in the content hereof without obligation to notify any person of such revision or changes.

Contents

Contents

1 Security

1.1

1.2

1.2.1

1.3

1.4

1.5

Introduction ........................................................................................................................................... 1-2

Compliance with the ISO15408 Standard ................................................................................................1-2

Operating Precautions..............................................................................................................................1-2

INSTALLATION CHECKLIST ....................................................................................................................1-3

Security Functions ................................................................................................................................ 1-4

Check Count Clear Conditions .................................................................................................................1-4

Data to be Protected ............................................................................................................................ 1-6

Precautions for Operation Control...................................................................................................... 1-7

Roles and Requirements of the Administrator..........................................................................................1-7

Password Usage Requirements ...............................................................................................................1-7

Network Connection Requirements for the Machine ...............................................................................1-8

User information control server control requirements ..............................................................................1-8

Security function operation setting operating requirements ....................................................................1-8

Operation and control of the machine......................................................................................................1-8

Machine Maintenance Control..................................................................................................................1-8

Miscellaneous ....................................................................................................................................... 1-9

Password Rules ........................................................................................................................................1-9

Precautions for Use of Various Types of Applications .............................................................................1-9

Encrypting communications .....................................................................................................................1-9

IPP printing .............................................................................................................................................1-10

Types of Data Cleared by Overwrite All Data Function ..........................................................................1-11

2 Administrator Operations

2.1

2.1.1

2.1.2

2.2

2.2.1

2.2.2

2.3

2.3.1

2.4

2.4.1

2.5

2.5.1

2.5.2

2.6

2.6.1

Accessing the Administrator Settings ................................................................................................ 2-2

Accessing the Administrator Settings ......................................................................................................2-2

<From the Control Panel> ........................................................................................................................2-3

Accessing the User Mode ........................................................................................................................2-5

<From the Control Panel> ........................................................................................................................2-5

<From Web Connection> .........................................................................................................................2-7

Enhancing the Security Function ........................................................................................................ 2-9

Items cleared by HDD Format ................................................................................................................2-10

Setting the Enhanced Security Mode .....................................................................................................2-11

<Setting can be made only from the control panel> ..............................................................................2-11

Preventing Unauthorized Access ...................................................................................................... 2-14

Setting Prohibited Functions When Authentication Error .......................................................................2-14

<Setting can be made only from the control panel> ..............................................................................2-15

Canceling the Operation Prohibited State ....................................................................................... 2-17

Performing Release Setting ....................................................................................................................2-17

<Setting can be made only from the control panel> ..............................................................................2-17

Setting the Authentication Method ................................................................................................... 2-19

Setting the Authentication Method.........................................................................................................2-19

<Setting can be made only from the control panel> ..............................................................................2-19

Setting the External Server .....................................................................................................................2-22

<Setting can be made only from the control panel> ..............................................................................2-22

System Auto Reset Function ............................................................................................................. 2-24

Setting the System Auto Reset function.................................................................................................2-24

<Setting can be made only from the control panel> ..............................................................................2-24

VarioLink 3622/4222/5022 x-1

Contents

2.7

2.7.1

2.8

2.8.1

2.9

2.9.1

2.9.2

User Setting Function......................................................................................................................... 2-26

Making user setting ................................................................................................................................2-27

<From the Control Panel> ......................................................................................................................2-27

<From Web Connection> .......................................................................................................................2-32

Account Track Setting Function........................................................................................................ 2-34

Making account setting ..........................................................................................................................2-34

<From the Control Panel> ......................................................................................................................2-34

<From Web Connection> .......................................................................................................................2-38

User Box Function .............................................................................................................................. 2-40

Setting the User Box ..............................................................................................................................2-40

<From the Control Panel> ......................................................................................................................2-40

<From Web Connection> .......................................................................................................................2-44

Changing the user attributes and account attributes .............................................................................2-46

<From the Control Panel> ......................................................................................................................2-46

<From Web Connection> .......................................................................................................................2-50

2.10

Changing the Administrator Password ............................................................................................ 2-53

2.10.1

Changing the Administrator Password...................................................................................................2-53

<Setting can be made only from the control panel> ..............................................................................2-53

2.11

Protecting Data in the HDD ............................................................................................................... 2-56

2.11.1

Setting the HDD Lock Password ............................................................................................................2-56

<Setting can be made only from the control panel> ..............................................................................2-57

2.11.2

Changing the HDD Lock Password........................................................................................................2-59

<Setting can be made only from the control panel> ..............................................................................2-59

2.11.3

Setting the Image Data Encryption Passphrase.....................................................................................2-62

<Setting can be made only from the control panel> ..............................................................................2-62

2.11.4

Changing the Image Data Encryption Passphrase.................................................................................2-67

<Setting can be made only from the control panel> ..............................................................................2-67

2.12

Protecting Data Stored in the Flash Memory................................................................................... 2-72

2.12.1

Setting the Flash Memory Lock Password.............................................................................................2-72

<Setting can be made only from the control panel> ..............................................................................2-72

2.12.2

Changing the Flash Memory Lock Password.........................................................................................2-75

<Setting can be made only from the control panel> ..............................................................................2-75

2.13

Overwrite All Data Function............................................................................................................... 2-78

2.13.1

Setting the Overwrite All Data function ..................................................................................................2-78

<Setting can be made only from the control panel> ..............................................................................2-79

2.14

SSL Setting Function .......................................................................................................................... 2-81

2.14.1

Setting the SSL.......................................................................................................................................2-81

<Setting can be made only from Web Connection> ..............................................................................2-81

2.14.2

Changing the Encryption Strength Setting .............................................................................................2-84

<Setting can be made only from Web Connection> ..............................................................................2-84

2.14.3

Changing the Mode Using SSL ..............................................................................................................2-85

<Setting can be made only from Web Connection> ..............................................................................2-85

2.14.4

Removing a Certificate ...........................................................................................................................2-86

<Setting can be made only from Web Connection> ..............................................................................2-86

2.15

S/MIME Communication Setting Function ....................................................................................... 2-87

2.15.1

Setting the S/MIME Communication ......................................................................................................2-87

<From the Control Panel> ......................................................................................................................2-87

<From Web Connection> .......................................................................................................................2-90

2.15.2

Registering the certificate.......................................................................................................................2-92

<From Web Connection> .......................................................................................................................2-92

2.16

SNMP Setting Function ...................................................................................................................... 2-94

2.16.1

Changing the auth-password and priv-password ..................................................................................2-94

<From the Control Panel> ......................................................................................................................2-94

<From Web Connection> .......................................................................................................................2-98

2.16.2

SNMP access authentication function .................................................................................................2-100

2.16.3

SNMP v3 setting function.....................................................................................................................2-100

2.16.4

SNMP network setting function............................................................................................................2-101

VarioLink 3622/4222/5022 x-2

Contents

2.17

TCP/IP Setting Function................................................................................................................... 2-102

2.17.1

Setting the IP Address..........................................................................................................................2-102

<From the Control Panel> ....................................................................................................................2-102

<From Web Connection> .....................................................................................................................2-102

2.17.2

Registering the DNS Server..................................................................................................................2-103

<From the Control Panel> ....................................................................................................................2-103

<From Web Connection> .....................................................................................................................2-103

2.18

NetWare Setting Function................................................................................................................ 2-104

2.18.1

Making the NetWare Setting.................................................................................................................2-104

<From the Control Panel> ....................................................................................................................2-104

<From Web Connection> .....................................................................................................................2-104

2.19

SMB Setting Function....................................................................................................................... 2-105

2.19.1

Setting the NetBIOS Name...................................................................................................................2-105

<From the Control Panel> ....................................................................................................................2-105

<From Web Connection> .....................................................................................................................2-105

2.20

AppleTalk Setting Function.............................................................................................................. 2-106

2.20.1

Making the AppleTalk Setting...............................................................................................................2-106

<From the Control Panel> ....................................................................................................................2-106

<From Web Connection> .....................................................................................................................2-106

2.21

E-Mail Setting Function.................................................................................................................... 2-107

2.21.1

Setting the SMTP Server (E-Mail Server)..............................................................................................2-107

<From the Control Panel> ....................................................................................................................2-107

<From Web Connection> .....................................................................................................................2-107

2.22

Setting PC-FAX receiving ................................................................................................................ 2-108

2.22.1

Setting PC-FAX receive ........................................................................................................................2-108

<From the Control Panel> ....................................................................................................................2-108

2.23

Setting TSI distribution..................................................................................................................... 2-109

2.23.1

Setting TSI distribution .........................................................................................................................2-109

<From the Control Panel> ....................................................................................................................2-109

2.23.2

Setting TSI distribution and register TSI distribution............................................................................2-109

<From the Control Panel> ....................................................................................................................2-109

2.23.3

Setting TSI distribution and register TSI distribution............................................................................2-110

<From the Control Panel> ....................................................................................................................2-110

3 User Operations

3.1

3.1.1

3.2

3.2.1

3.3

3.3.1

3.4

3.4.1

3.4.2

3.4.3

3.4.4

User Authentication Function.............................................................................................................. 3-2

Performing user authentication ................................................................................................................3-2

<From the Control Panel> ........................................................................................................................3-3

<From Web Connection> .........................................................................................................................3-7

Change Password Function................................................................................................................. 3-9

Performing Change Password..................................................................................................................3-9

<From the Control Panel> ........................................................................................................................3-9

<From Web Connection> .......................................................................................................................3-12

Secure Print Document Function ...................................................................................................... 3-13

Accessing the Secure Print Document...................................................................................................3-13

<Setting can be made only from the control panel> ..............................................................................3-14

User Box Function .............................................................................................................................. 3-17

Setting the User Box ..............................................................................................................................3-17

<From the Control Panel> ......................................................................................................................3-17

<From Web Connection> .......................................................................................................................3-21

Changing the User Box Password and user attributes and account attributes .....................................3-23

<From the Control Panel> ......................................................................................................................3-23

<From Web Connection> .......................................................................................................................3-28

Accessing the User Box and User Box file.............................................................................................3-32

<From the Control Panel> ......................................................................................................................3-33

<From Web Connection> .......................................................................................................................3-35

Sending S/MIME box files ......................................................................................................................3-37

<From the Control Panel> ......................................................................................................................3-37

VarioLink 3622/4222/5022 x-3

Contents

3.5

Outline of document save .................................................................................................................. 3-39

What Document save can do .................................................................................................................3-39

Initial screen of Document save .............................................................................................................3-39

Document save screen ...........................................................................................................................3-40

File style..................................................................................................................................................3-41

4 Application Software

4.1

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.2

4.2.1

4.2.2

4.2.3

4.2.4

4.3

4.3.1

4.4

4.4.1

4.5

4.5.1

4.5.2

Data Administrator ............................................................................................................................... 4-2

Gaining access from Data Administrator..................................................................................................4-2

<From the PC> .........................................................................................................................................4-2

Setting the user authentication method ...................................................................................................4-5

<From the PC> .........................................................................................................................................4-5

Changing the authentication mode ..........................................................................................................4-7

<From the PC> .........................................................................................................................................4-7

Making the user settings ........................................................................................................................4-10

<From the PC> .......................................................................................................................................4-10

Making the account settings ..................................................................................................................4-11

<From the PC> .......................................................................................................................................4-11

Registering the certificate.......................................................................................................................4-12

<From the PC> .......................................................................................................................................4-12

Box Operator....................................................................................................................................... 4-14

Accessing User Box ...............................................................................................................................4-14

<From the PC> .......................................................................................................................................4-14

Creating a User Box ...............................................................................................................................4-16

<From the PC> .......................................................................................................................................4-16

Changing User Box properties (user attributes, account attributes) ......................................................4-18

<From the PC> .......................................................................................................................................4-18

Accessing the User Box file....................................................................................................................4-20

<From the PC> .......................................................................................................................................4-20

HDD TWAIN driver .............................................................................................................................. 4-21

Accessing from the HDD TWAIN driver ..................................................................................................4-21

<From the PC> .......................................................................................................................................4-21

Direct Print .......................................................................................................................................... 4-23

Printing through Direct Print ...................................................................................................................4-23

<From the PC> .......................................................................................................................................4-23

HDD Backup Utility ............................................................................................................................. 4-25

Backup....................................................................................................................................................4-25

<From the PC> .......................................................................................................................................4-25

Restore ...................................................................................................................................................4-29

<From the PC> .......................................................................................................................................4-29

VarioLink 3622/4222/5022 x-4

1

Security

Security

1

1

1.1

Security

Introduction

Thank you for purchasing our product.

This User’s Guide contains the operating procedures and precautions to be used when using the security functions offered by the VarioLink 3622/4222/5022 machine. To ensure the best possible performance and effective use of the machine, read this manual thoroughly before using the security functions. The Administrator of the machine should keep this manual for ready reference. The manual should be of great help in finding solutions to operating problems and questions.

This User’s Guide (Ver. 1.06) describes bizhub 501/421/361/ineo 501/421/361/VarioLink 3622/4222/5022

Multi Function Peripheral Control Software (A0R50Y0-0100-G00-11, BIOS control controller: A0R50Y0-

1D00-G00-10).

Compliance with the ISO15408 Standard

When the Enhanced Security Mode on this machine is set to [ON], more enhanced security functions are available.

The security functions offered by the VarioLink 3622/4222/5022 machine comply with ISO/IEC15408 (level:

EAL3).

Operating Precautions

The machine gives an alarm message or an alarm sound (peep) when a wrong operation is performed or a wrong entry is made during operation of the machine. (No "peep" alarm sound is issued if a specific sound setting in Sound Setting of Accessibility Setting is set to [OFF].) If the alarm message or alarm sound is given, perform the correct operation or make the correct entry according to the instructions given by the message or other means.

The Administrator of the machine should make sure that each individual general user exits from the current mode to return to the basic screen whenever the access to that mode is completed or if the user leaves the machine with the mode screen left displayed.

The Administrator of the machine should exit from the current mode to return to the basic screen whenever the access to that mode is completed or if he or she leaves the machine with the mode screen left displayed.

The Web Connection functions can be used only if the setting is made to accept "Cookie."

VarioLink 3622/4222/5022 1-2

Security

1

INSTALLATION CHECKLIST

This Installation Checklist contains items that are to be check by the Service Engineer installing this machine.

The Service Engineer should check the following items, then explain each checked item to the Administrator of the machine.

To Service Engineer

Make sure that each of these items is properly carried out by checking the box on the right of each item.

1.

2.

3.

Perform the following steps before installing this machine.

Check with the Administrator to determine if the security functions of this machine should be enhanced. If the functions should be enhanced, check the following.

If the security functions are not to be enhanced, quit the operation without checking the following.

I swear that I would never disclose information as it relates to the settings of this machine to anybody, or perform malicious or intentional act during setup and service procedures for the machine.

When giving the User’s Guide Security Operations to the Administrator of the machine, check that the User’s Guide is the security-compatible version and explain to the Administrator that it is security-compatible.

After this machine is installed, refer to the Service Manual and perform the following steps.

Check that the Firmware version (MFP controller and its Checksum, BIOS and its checksum) indicated in the Service Manual matches the values shown in the Firmware Version screen.

If there is a mismatch in the Firmware version number, explain to the Administrator of the machine that upgrade of the MFP controller Firmware is necessary and perform the Firmware upgrade.

Explain to the Administrator of the machine that upgrade of the BIOS Firmware is necessary and perform the Firmware upgrade.

Set CE Authentication to [ON] and set the CE Password.

After this machine is installed, refer to this User’s Guide and perform the following steps.

Check that the Administrator Password has been set by the Administrator of the machine.

Check that data has been backed up by the Administrator of the machine using the HDD Backup

Utility if necessary.

Check that Release Time Settings has been set to 5 min. or more by the Administrator of the machine.

Check that the HDD Lock Password , has been set by the Administrator of the machine.

Check that the Flash Memory Lock Password has been set by the Administrator of the machine.

Check that User Authentication has been set to [ON (MFP)] or [ON (External Server)] (Active Directory only) by the Administrator of the machine.

Check that the self-signed certificate for SSL communications has been registered by the Administrator of the machine.

Check that data has been restored by the Administrator of the machine using the HDD Backup

Utility if necessary.

Let the Administrator of the machine set Enhanced Security Mode to [ON].

The languages, in which the contents of the User’s Guide Security Operations have been evaluated, are Japanese and English.

Explain the way how to get the manual in the language, in which it is evaluated.

Explain to the administrator that the settings for the security functions for this machine have been specified.

Completed

When the above steps have been properly carried out, the Service Engineer should make a copy of this page and give the original of this page to the Administrator of the machine. The copy should be kept at the corresponding Service Representative for filing.

Product Name

Customer

Service Representative

Company Name User Division Name

-

Person in charge

VarioLink 3622/4222/5022 1-3

Security

1.2

1.2.1

1

Security Functions

Setting the Enhanced Security Mode to [ON] will validate the security function of this machine. For details of the settings of different security functions to be changed by turning [ON] the Enhanced Security Mode, see

"Enhancing the Security Function" on page 2-9

.

Setting the Enhanced Security Mode to [ON] will enhance the authentication function. Access control is then provided through password authentication for any access to the Administrator Settings, User Authentication mode, Account Track mode, User Box, a User Box data file and a Secure Print Document file. Access is thereby granted only to the authenticated user.

A password that can be set must meet the requirements of the Password Rules. The machine does not ac-

cept setting of an easily decipherable password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

If a wrong password is entered, during password authentication, a predetermined number of times (once to three times) set by the Administrator of the machine or more, the machine determines that it is unauthorized access through Prohibited Functions When Authentication Error, prohibiting any further entry of the password. By prohibiting the password entry operation, the machine prevents unauthorized use or removal of data, thereby ensuring secured used of the machine.

To cancel the password entry operation prohibited condition, the Administrator must perform the Release

Setting. When the Administrator performs the Release Setting for the operation prohibited condition, a sound operation control in utmost security is achieved under the control of the Administrator.

Setting the HDD Lock Password provides the following security function. That is, even if the HDD is illegally replaced with another, the HDD authentication function prohibits access to the HDD, when the HDD Lock

Password is yet to be set or there is a mismatch in the passwords. In addition, should the HDD be removed unawares, the HDD Lock Password locks the HDD protecting data contained in the HDD. Setting the Flash

Memory Lock Password provides the following security function. That is, even if the flash memory is illegally replaced with another, the flash memory authentication function prohibits access to the flash memory when the Flash Memory Lock Password is not set or there is a mismatch in the passwords. In addition, should the flash memory be removed unawares, the Flash Memory Lock Password locks the flash memory protecting data contained in the flash memory. Furthermore, by mounting the optional Security Kit SC-505 and setting the Image Data Encryption Passphrase, the image data stored in the HDD is encrypted, thereby protecting the image data in the HDD. Note, however, that the HDD Lock Password, Flash Memory Lock Password, and

Image Data Encryption Passphrase cannot prevent the HDD and flash memory from being physically removed.

When the machine is to be discarded, or use of a leased machine is terminated at the end of the leasing contract, the Overwrite All Data function overwrites and erases all data stored in all spaces of the HDD. The function also resets all passwords saved in the NVRAM and flash memory to factory settings, preventing leak of

data. For details of items to be cleared by Overwrite All Data function, see

"Types of Data Cleared by

Overwrite All Data Function" on page 1-11

.

Check Count Clear Conditions

The following are the conditions for clearing or resetting the check count of the number of wrong entries at the time of authentication by the Enhanced Security Mode.

<Administrator Settings>

Authentication of Administrator Settings is successful.

<User Authentication Mode>

User Authentication mode is successful.

Release of Prohibited Functions When Authentication Error is executed.

<Account Track Mode>

Account Track mode is successful.

Release of Prohibited Functions When Authentication Error is executed.

<Secure Print Document>

Authentication of Secure Print Document is successful.

Release of Prohibited Functions When Authentication Error is executed.

<Box>

-

-

-

Authentication of User Box is successful.

Authentication for execution of change of User Box Name and User Box Password is successful.

Release of Prohibited Functions When Authentication Error is executed.

VarioLink 3622/4222/5022 1-4

Security

<SNMP Password (auth-Password, priv-Password)>

Authentication of SNMP is successful.

Release of Prohibited Functions When Authentication Error is executed.

1

VarioLink 3622/4222/5022 1-5

Security

1.3

1

Data to be Protected

The underlying concept of this machine toward security is "to protect data that can be disclosed against the intention of users."

-

-

The following types of image files that have been stored in the machine and made available for use by its users are protected while the machine is being used.

Image files stored by Secure Print

Image files stored in Personal User Box, Public User Box and Group User Box

-

-

-

-

-

-

The following types of data stored in the HDD are protected when use of a leased machine is terminated at the end of the leasing contract, the machine is to be discarded, or when the HDD is stolen.

Image files stored by Secure Print

Image files stored in Personal User Box, Public User Box and Group User Box

Image files of a job in the queue

Image files other than Secure Print file and User Box file

Data files left in the data space used as image files

Temporary data files generated during print image file processing

Destination recipient data (e-mail address, telephone number)

This machine offers specific functions as data protection methods: the SSL function that ensures confidentiality of images transmitted and received over the network and the S/MIME function that is used for encrypting image files.

When transmitting and receiving highly confidential image data among different pieces of IT equipment within an office LAN, the machine carries out communications with the correct destination via encrypted and reliable paths, assuming an office environment that responds to most stringent security requirements.

VarioLink 3622/4222/5022 1-6

Security

1.4

1

Precautions for Operation Control

This machine and the data handled by this machine should be used in an office environment that meets the following conditions.

Roles and Requirements of the Administrator

The Administrator should take full responsibility for controlling the machine, thereby ensuring that no improper operations are performed.

<To Achieve Effective Security>

A person who is capable of taking full responsibility for controlling the machine should be appointed as the Administrator to make sure that no improper operations are performed.

When using an SMTP server (mail server) or an DNS server, each server should be appropriately managed by the Administrator and should be periodically checked to confirm that settings have not been changed without permission.

Password Usage Requirements

The Administrator must control the Administrator Password, HDD Lock Password, Image Data Encryption

Passphrase, Flash Memory Lock Password, auth-Password and priv-Password appropriately so that they may not be leaked. These passwords should not be ones that can be easily guessed. The user, on the other hand, should control the User Box Password, Secure Print Password, and User Password appropriately so that they may not be leaked. Again, these passwords should not be ones that can be easily guessed. For the

Public User Box shared among a number of users, the User Box Password should be appropriately controlled so that it may not be leaked to anyone who is not the user of the Public User Box.

<To Achieve Effective Security>

Make absolutely sure that only the Administrator knows the Administrator Password, HDD Lock Password, Image Data Encryption Passphrase, Flash Memory Lock Password, auth-Password and priv-

Password.

The Administrator must change the Administrator Password, HDD Lock Password, Image Data Encryption Passphrase, Flash Memory Lock Password, auth-Password and priv-Password at regular intervals.

-

-

-

-

-

The Administrator should make sure that any number that can easily be guessed from birthdays, employee identification numbers, and the like is not set for the Administrator Password, Account

Password, HDD Lock Password, Image Data Encryption Passphrase, Flash Memory Lock Password, auth-Password and priv-Password. Do not set any number that consists of 7 digits or less.

If a User Password or User Box Password has been changed, the Administrator should have the corresponding user change the password as soon as possible.

The Administrator should change the Account Password set for each account at regular intervals and, should one be changed, he or she should immediately inform users who implement Account Track of the new Account Password.

If the Administrator Password has been changed by the Service Engineer, the Administrator should change the Administrator Password as soon as possible.

The Administrator should have users ensure that the User Authentication, Secure Print Document, and

User Box are known only by the user concerned.

-

-

-

-

The Administrator should have users who implement Account Authentication ensure that the Account

Password set for the account is known by the users implementing Account Authentication only.

The Administrator should make sure that only the users who share a Public User Box and Group User

Box know the password set for it.

The Administrator should have users change the passwords set for the User Authentication and User

Box at regular intervals.

The Administrator should make sure that any user does not set any number that can easily be guessed from birthdays, employee identification numbers, and the like for the passwords set for the User Authentication, Secure Print Document, and User Box.

VarioLink 3622/4222/5022 1-7

Security

1

Network Connection Requirements for the Machine

Packets being transmitted over the LAN installed in the office, in which the machine is installed, should be protected from unauthorized manipulation. If the LAN is to be connected to an outside network, no unauthorized attempt to establish connection from the external network should be permitted.

<To Achieve Effective Security>

-

-

-

If the LAN, in which the machine is installed, is connected to an outside network, install a firewall or similar network device to block any access to the machine from the outside network and make the necessary settings.

Configure the LAN installed in the office, in which the machine is installed, by using a switching hub and other devices to ensure that the packets are protected from unauthorized manipulation.

Provide an appropriate network control at all times to make sure that no other copying machine is connected without prior notice to the office LAN to which this machine is connected.

User information control server control requirements

The server administrator is required to apply patches and control accounts for the user information control server connected to the LAN within the office, in which this machine is installed, to ensure operation control that achieves appropriate access control.

Security function operation setting operating requirements

The Administrator should make sure of correct operation control so that the machine is used with the Enhanced Security Mode set to [ON].

Operation and control of the machine

The Administrator of the machine should perform the following operation control.

The Administrator of the machine should log off from the Administrator Settings whenever the operation in the Administrator Settings is completed. The Administrator of the machine should also make sure that each individual user logs off from the User Authentication mode after the operation in the User Authentication mode is completed, including operation of the Secure Print Document file, User Box, and

User Box file.

The Administrator of the machine should set the HDD Lock Password and Flash Memory Lock Password according to the environment in which this machine is used. If the optional Security Kit SC-505 is mounted on the machine, the Administrator should also set the Image Data Encryption Passphrase.

Machine Maintenance Control

The Administrator of the machine should perform the following maintenance control activities.

Provide adequate control over the machine to ensure that only the Service Engineer is able to perform physical service operations on the machine.

Provide adequate control over the machine to ensure that any physical service operations performed on the machine by the Service Engineer are overseen by the Administrator of the machine.

VarioLink 3622/4222/5022 1-8

Security

1.5

1

Miscellaneous

Password Rules

According to certain Password Rules, registration of a password consisting of a string of a single character or change of a password to one consisting of a string of a single character is rejected for the User Password,

Administrator Password, Account Password, User Box Password, Secure Print Password, HDD Lock Password, Flash Memory Lock Password, and Image Data Encryption Passphrase. For the Administrator Password, HDD Lock Password, Flash Memory Lock Password, and Image Data Encryption Passphrase, the same password as that currently set is not accepted.

Study the following table for more details of the number of digits and characters that can be used for each password.

Types of passwords

Administrator Password

HDD Lock Password

*

Flash Memory Lock Password

Image Data Encryption Passphrase

No. of digits

8 digits

20 digits

Characters

• Numeric characters: 0 to 9

• Alpha characters: upper and lower case letters

• Symbols: !, #, $, %, &, ', (, ), *, ,, -, ., /, :, ;, <, =, >, ?, @, [,

\, ], ^, _, `, {, |, }, ~

Selectable from among a total of 92 characters

• Numeric characters: 0 to 9

• Alpha characters: upper and lower case letters

• Symbols: !, #, $, %, &, ', *, +, -, ., /, =, <, @, ^, _, `, {, |, },

~, ?

Selectable from among a total of 84characters

*

Selectable from among a total of 83 characters as HDD

Lock Password. "?" is not selectable.

• Numeric characters: 0 to 9

• Alpha characters: upper and lower case letters

• Symbols: !, #, $, %, &, ', (, ), *, ,, -, ., /, :, ;, <, =, >, ?, @, [,

\, ], ^, _, `, {, |, }, ~, ", +, SPACE

Selectable from among a total of 95 characters

User Password

Account Password

User Box Password

Secure Print Password

SNMP Password

• auth-Password

• priv-Password

8 digits or more

8 digits

8 digits or more • Numeric characters: 0 to 9

• Alpha characters: upper and lower case letters

• Symbols: !, #, $, %, &, ', (, ), *, ,, -, ., /, :, ;, <, =, >, ?, @, [,

], ^, _, `, {, |, }, ~, ", +

Selectable from among a total of 93 characters

!

Detail

Note that use of the characters "

",

" "+," and "space" may be partly limited.

Precautions for Use of Various Types of Applications

When Web Connection or an application of various other types is used, the password control function of the application stores the password that has been entered in your PC. If you want the password not stored, disable the password control function of the application.

When using the Web Connection or an application of various other types, use one that shows "*" or "

●" for the password entered.

Internet Explorer or other type of web browser, "SSL v3" or "TLS v1" should be used, not "SSL v2," for the

SSL setting.

Encrypting communications

-

-

-

-

The following are the cryptographic algorithms of key exchange and communications encryption systems supported in generation of encryption keys.

TLS_RSA_WITH_RC4_128_MD5

TLS_RSA_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_AES_128_CBC_SHA

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

TLS_DHE_RSA_WITH_AES_256_CBC_SHA

VarioLink 3622/4222/5022 1-9

Security

1

2

Note

No algorithms can be selected during generation of encryption keys. SSL v3 is automatically selected for the SSL setting according to the application and browser. Do not therefore change the setting manually to SSL v2.

Use the following browsers to ensure SSL encryption communication with appropriate strength. Use of any of the following browsers achieves SSL encryption communication that ensures confidentiality of the image data transmitted and received.

Windows 98, Me, NT4.0, 2000, XP, Server2003

Recommended is Microsoft "Internet Explorer 6" or later.

If "Internet Explorer 5.x" is used, Microsoft XML parser "MSXML 3.x" or later must be installed.

Recommended is Netscape Navigator 7.02 or later.

Recommended is Mozilla Firefox 1.0 or later.

Macintosh MacOS 8.x, 9.x, MacOS X

Recommended is Netscape Navigator 7.02 or later.

Recommended is Mozilla Firefox 1.0 or later.

Linux

Recommended is Netscape Navigator 7.02 or later.

Recommended is Mozilla Firefox 1.0 or later.

-

-

-

-

SSL encryption communication with confidentiality properly maintained can be achieved in image data transmitted and received in any of the following applications.

Box Operator

HDD TWAIN

Direct Print

HDD Backup Utility

!

Detail

SSL encryption communication is not applicable to transmission of Secure Print in Direct Print.

IPP printing

IPP (Internet Printing Protocol) is a function that allows Secure Print Documents and image data stored in boxes to be printed via the Internet by using the HTTP (HyperText Transfer Protocol) of the TCP/IP Protocol.

IPPS (IPP over SSL/TLS) is the type of IPP that performs the SSL encryption communication.

<IPP setting on Windows Vista>

Windows Vista, which offers enhanced security functions, gives a certificate error message if the SSL certificate is one that is not issued by a certification body. In such cases, it becomes necessary to register with Windows Vista the certificate of this machine as that issued by a reliable party for the computer account.

First, register Host Name and IP address of this machine in the DNS server in advance. Then, in TCP/IP

Settings of Web Connection, set the DNS Host Name and DNS Default Domain Name registered with the

DNS server.

It should also be noted that, for the certificate to be imported, a certificate for SSL encryption communication should be registered in Web Connection and exported in advance as the certificate including the public key.

1

From "Continue to this website," call the Web Connection window to the screen.

2

Click "Certificate Error" to display the certificate. Then, click "Install Certificate" to install the certificate.

3

Display the physical stores. Then, deploy the certificate, which has earlier been exported, in "Local

Computer" of "Trusted Root Certification Authorities" to thereby import the certificate.

VarioLink 3622/4222/5022 1-10

Security

1

<IPPS printing settings in Windows Vista>

Through additional printer setting, type "https://Host Name.Domain Name/ipp."

For [Host Name] and [Domain Name], specify the names set with the DNS server.

<Installing printer driver>

To perform IPP printing, the printer driver must be installed. From "Add Printer Wizard," select "Connect to a printer on the Internet or on your intranet" and type the URL of this machine in the following format in the

"URL" field.

http:// <IP address of this machine> /ipp

E.g.: If the machine IP address is 192.168.1.20

Type http://192.168.1.20/ipp

To set IPPS printing:

Type https:// <IP address of the machine> /ipp.

!

Detail

The printer, for which the settings have been made, can be used in the same manner as the ordinary local printer.

Types of Data Cleared by Overwrite All Data Function

The Overwrite All Data function clears the following types of data.

Types of Data Cleared

User registration data

Box registration data/file

Secure Print ID/Password/file

Image files

Destination recipient data files

HDD Lock Password

Flash Memory Lock Password

Image Data Encryption Passphrase

Administrator Password

SNMP Password

Account registration data

S/MIME certificate data

SSL certificate

Network Setting

Description

Deletes all user-related data that has been registered

Deletes all User Box-related information and files saved in User Box

Deletes all Secure Print Document-related information and files saved

• Image files saved other than Secure Print Document files, ID &

Print files and User Box files

• Image files of jobs in job queue state

Deletes all destination recipient data including e-mail addresses and telephone numbers

Clears the currently set password

Clears the currently set password

Clears the currently set Image Data Encryption Passphrase

Clears the currently set password, resetting it to the factory setting

Clears the currently set password, resetting it to the factory setting

(MAC address)

Deletes all account track-related data that has been registered

Deletes the currently set S/MIME certificate

Deletes the currently set SSL certificate

Clears the currently set network settings (DNS Server setting, IP Address setting, SMTP Server setting, NetWare Setting, NetBIOS setting and AppleTalk Printer Name setting), resetting it to the factory setting

VarioLink 3622/4222/5022 1-11

2

Administrator Operations

Administrator Operations

2

2

2.1

2.1.1

Administrator Operations

Accessing the Administrator Settings

This machine implements authentication of the user of the Administrator Settings function through the 8-digit

Administrator Password that verifies the identity as the Administrator of the person who accesses the function. During the authentication procedure, the Administrator Password entered for the authentication purpose appears as "*" or "

●" on the display.

Two different methods are available for accessing Administrator Settings. In Administrator Settings, the settings for the machine system and network can be registered or changed. In User Mode, the same settings as the user authority can be made. For box setting operations, however, the same functions can be set as those of Administrator Settings. User Mode also allows jobs to be checked or deleted, which is not possible in Administrator Settings.

When the Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

Accessing the Administrator Settings

-

-

-

-

-

-

The machine does not accept access to the Administrator Settings under any of the following conditions.

Wait for some while before attempting to gain access to the Administrator Settings again.

The Administrator Settings has been logged on to through access made from the PC.

A remote operation is being performed from an application on the PC.

There is a job being executed by the machine.

There is a reserved job (timer TX, fax redial waiting, etc.) in the machine.

Immediately after the main power switch has been turned ON.

A malfunction code is displayed on the machine.

2

Note

Make sure that none of the general users of the machine will know the Administrator Password.

If the Administrator Password is forgotten, it must be set again by the Service Engineer. Contact your

Service Representative.

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

While you are logging onto the Admin Mode using Web Connection, any operations from the machine’s control panel are disabled.

When accessing the Administrator Settings from the control panel, if you have already logged on to the

Administrator Settings using Web Connection, the machine displays a message that tells not to turn off the power because of the remote operation being performed and rejects any operation on the control panel. Wait until the message disappears before attempting to access the Administrator Settings once again.

When accessing the Administrator Settings from the control panel, if [Export to the device] operation is being executed using the Data Administrator, the machine displays a message that tells not to turn off the power because of the remote operation being performed and rejects any operation on the control panel. Wait until the message disappears before attempting to access the Administrator Settings once again.

VarioLink 3622/4222/5022 2-2

Administrator Operations

<From the Control Panel>

1

Press the [Utility/Counter] key.

2

Touch [Administrator Settings].

2

?

Is it possible to gain access to the Administrator Settings while a job is being executed?

% The machine does not accept access to the Administrator Settings while a job is being executed.

Wait until the execution of the job is completed before attempting to access the Administrator Settings again.

3

Enter the 8-digit Administrator Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 2.

VarioLink 3622/4222/5022 2-3

Administrator Operations

2

4

Touch [OK].

?

What happens if a wrong Administrator Password is entered?

% If a wrong Administrator Password is entered, a message appears saying that there is a mismatch in the Administrator Passwords and entry of the Administrator Password will be prohibited for five sec. Wait for some while before entering the correct Administrator Password.

% If the Enhanced Security Mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears saying that the machine accepts no more Administrator Passwords because of unauthorized access for any subsequent entry of the Administrator Password. The machine is then set into an access lock state. To cancel the access lock state, settings must be made by the Service Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

5

Press the [Utility/Counter] key to log off from the Administrator Settings.

VarioLink 3622/4222/5022 2-4

Administrator Operations

2.1.2

2

Accessing the User Mode

2

Note

The Administrator must first make User Authentication settings before he or she can access User Mode.

For details of the User Authentication, see

"Setting the Authentication Method" on page 2-19

.

Make sure that none of the general users of the machine will know the Administrator Password.

If the Administrator Password is forgotten, it must be set again by the Service Engineer. Contact your

Service Representative.

Do not leave the machine with the User Mode setting screen left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the User Mode.

<From the Control Panel>

1

Touch [User Name].

2

Type "admin" in User Name.

– Press the [C] key or touch [Undo] to clear the value entered last.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

3

Touch [OK].

VarioLink 3622/4222/5022 2-5

Administrator Operations

4

Touch [Password].

2

5

Enter the 8-digit Administrator Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 4.

6

Touch [OK].

7

Press [Access] or touch [Login].

?

What happens if a wrong Administrator Password is entered?

% If a wrong Administrator Password has been entered, the machine gives a message that tells that authentication has not been successful. Enter the correct Administrator Password.

% If the Enhanced Security Mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears saying that the machine accepts no more Administrator Passwords because of unauthorized access for any subsequent entry of the Administrator Password. The machine is then set into an access lock state. To cancel the access lock state, settings must be made by the Service Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

8

Press the [Access] key to log off from the User Mode.

VarioLink 3622/4222/5022 2-6

Administrator Operations

<From Web Connection>

1

Start the Web browser.

2

Enter the IP address of the machine in the address bar.

3

Press the [Enter] key to start Web Connection.

4

Click the Administrator radio button and [Login].

2

5

Select "Administrator (Admin Mode)" or "Administrator (User Mode)" and enter the 8-digit Administrator

Password in the "Password" box.

– Administrator (Admin Mode) is a mode, in which settings of the machine can be registered or changed. In this mode, system and network settings can be made.

– Administrator (User Mode) is a mode, in which the same settings as the user authority can be made.

For box setting operations, however, the same functions can be set as those of Admin Mode. User

Mode also allows jobs to be checked or deleted, which is not possible in Admin Mode.

?

What is the Administrator Password used for accessing the Admin Mode via the Web Connection?

% When accessing the Admin Mode using the Web Connection, enter the same Administrator Password as that for the machine.

VarioLink 3622/4222/5022 2-7

Administrator Operations

2

6

Click the [OK].

?

What happens if a wrong Administrator Password is entered?

% If a wrong Administrator Password has been entered, the machine gives a message that tells that authentication has not been successful. In this case, click [OK] and enter the correct Administrator

Password in the "Password" box.

% If the Enhanced Security Mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears saying that the machine accepts no more Administrator Passwords because of unauthorized access for any subsequent entry of the Administrator Password. The machine is then set into an access lock state. To cancel the access lock state, settings must be made by the Service Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

?

What if you fail to log on to the Admin Mode?

% If you have already logged on to the Admin Mode from the control panel or using Web Connection, the machine displays a message that tells that another administrator has previously logged on and rejects any attempt to log on to the Admin Mode using the Web Connection. Click [OK] and wait for some while before attempting to access the Admin Mode once again.

% If [Export to the device] operation is being executed using the Data Administrator, the machine displays a message that tells you cannot log on to the mode because of the remote operation being performed and rejects any attempts to the Admin Mode via the Web Connection. Click [OK] and wait for some while before attempting to access the Admin Mode once again.

?

Is it possible to gain access to the Admin Mode while a job is being executed?

% If an attempt is made to log on to the Admin Mode while a job is being executed, the machine gives a message that tells that it is now impossible to log on to the Admin Mode. Click [OK] and try logging on to the Admin Mode after the execution of the job is completed.

7

Click the [Logout].

8

Click the [OK].

This allows you to log off from the Admin Mode.

2

Note

If you have logged on to the Admin Mode using the Web Connection and if you close the web browser without clicking [Logout], the touch panel of the machine remains locked for 70 sec.

VarioLink 3622/4222/5022 2-8

Administrator Operations

2.2

2

Enhancing the Security Function

When access to the Administrator of the machine by the Administrator Settings via the control panel is authenticated, the machine enables setting of the Enhanced Security Mode that allows settings for enhancing each of different security functions to be converted all at once.

In the Enhanced Security Mode, the machine allows selection of whether to use the Enhanced Security Mode or not. If the Enhanced Security Mode is set to [ON], a count is taken of the number of unauthorized accesses to the Administrator Settings, User Authentication, Account Track, SNMP authentication, all Secure Print

Documents, and all User Boxes. A function is also set that determines whether each password meets predetermined requirements. The security function is thus enhanced in the Enhanced Security Mode.

In advance, HD-509, provided as option, must be loaded and the following settings must first be made before the Enhanced Security Mode is set to [ON].

2

Note

When a service engineer initializes network, make the settings of the network functions including SSL certificate re-registration and set the Enhanced Security Mode to [ON] again.

Settings to be Made in Advance

Administrator Password

User Authentication

HDD Lock Password

Flash Memory Lock Password

Release Time Settings

Certificate for SSL

Management Function Choice

CE Password

CE Authentication

HDD

Operation Ban Release Time

Description

An 8-digit password that meets the Password Rules.

The factory setting is "12345678."

Set to either [ON (MFP)] or [ON (External Server)] (Active Directory).

Set the 20-digit HDD Lock Password.

Set the 20-digit Flash Memory Lock Password.

Set the release time to 5 min. or more.

Register the self-signed certificate for SSL communications.

Calls for setting made by the Service Engineer. For details, ask your Service

Representative.

!

Detail

Image Data Encryption Passphrase cannot be deleted after enhancing security function. You need to reset the Security mode to delete the key.

Setting the Enhanced Security Mode to [ON] changes the setting values of the following functions.

Function Name

Password Rules

Prohibited Functions When

Authentication Error

Security Print Access

Public User Access

User List

Print Without Authentication

User Box Admin. Setting

SSL

FTP Server

SNMPv1/v2c

Factory Setting

Invalid

Mode 1

Mode 1

Restrict

OFF

Restrict

Restrict

OFF

ON

Read/Write enabled

When Enhanced Security Mode is set to [ON]

Enable (not to be changed)

Mode 2 (not to be changed) : Three times is set.

* The number of times can be changed to once, twice, or three times.

Mode 2 (not to be changed)

* In association with Prohibit Functions When Authentication Error the method is changed from authentication using

Secure Print ID and password (Mode 1) to that using the password with the secure document first narrowed down by Secure Print ID (Mode 2).

Restrict (not to be changed)

OFF (not to be changed)

Restrict (not to be changed)

Restrict (not to be changed)

ON (not to be changed)

OFF (not to be changed)

Only Read is enabled (not to be changed)

VarioLink 3622/4222/5022 2-9

Administrator Operations

2.2.1

2

Function Name

SNMP v3 Security Level and auth/priv-password

Print Data Capture

Network Setting Clear

Administrator Password

Change Via Network

Release Time settings

Factory Setting

auth/priv-password

Allow

Enabled

Enabled

When Enhanced Security Mode is set to [ON]

The security level can be selected from among [auth-password] and [auth/priv-password].

An 8-digit-or-more auth-password and priv-password can both be set.

Restrict (not to be changed)

Restrict

Restrict (not to be changed)

5 min.

The setting value should be 5 min. or more (no value less than 5 can be set)

Restrict (not to be changed) Change by the user of destination data previously registered (Address Book and

Program)

System auto reset

Allow

1 min.

1 to 9 min

Changing in to [ NO use] is not allowed

2

Reminder

When Password Rules is set to [ON], the characters and the number of digits used for each password are restricted. For details of the Password Rules, see

"Password Rules" on page 1-9

.

Items cleared by HDD Format

Following are the items that are cleared by HDD Format.

Whenever HDD Format is executed, be sure to set the Enhanced Security Mode to [ON] again.

Types of Data Cleared

Enhanced Security Mode

User Authentication

Description

Set to [OFF]

Set to [OFF]

Account Track Authentication Set to [OFF]

Public User Access Set to [Restrict]

User List

Print Without Authentication

Set to [OFF]

Set to [Restrict]

Deletes all user-related data that has been registered

Deletes all account track-related data that has been registered

User registration data

Account Track registration data

Box registration data/file

Secure Print ID/Password/file

Destination recipient data files

Deletes all User Box-related information and files saved in User Box

Deletes all Secure Print Document-related information and files saved

Deletes all destination recipient data including e-mail addresses and telephone numbers

VarioLink 3622/4222/5022 2-10

Administrator Operations

2.2.2

2

Setting the Enhanced Security Mode

2

Note

When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. if there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [Security Settings].

3

Touch [Enhanced Security Mode].

VarioLink 3622/4222/5022 2-11

Administrator Operations

4

Select [ON] to enable the Enhanced Security Mode and touch [OK].

2

– The following screen appears if the previously required settings are yet to be made by the

Administrator of the machine. Make the necessary settings according to the corresponding set procedure.

– The following screen appears if the previously required settings are yet to be made by the Service

Engineer. Consult the Service Representative.

?

What is the factory setting for the Enhanced Security Mode?

% The Enhanced Security Mode is factory-set to [OFF]. Be sure to turn [ON] the Enhanced Security

Mode so as to enable the security function of the machine.

5

Touch [OK].

VarioLink 3622/4222/5022 2-12

Administrator Operations

6

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

2

If the Enhanced Security Mode is properly set to [ON], the following icon appears at the center of the

User Authentication screen, indicating that the machine is in the Enhanced Security Mode.Icon doesn't appear when debug function with serial port is ON at Service mode. If Icon is not displayed, contact to a service counter.

VarioLink 3622/4222/5022 2-13

Administrator Operations

2.3

2

Preventing Unauthorized Access

When access by the Administrator of the machine through the Administrator Settings via the control panel is authenticated, the machine enables setting of the operation of Prohibited Functions When Authentication

Error. The machine then takes a count of the number of unsuccessful accesses to the Administrator Settings,

User Authentication, Account Track, SNMP authentication, Secure Print authentication, and User Box authentication to prohibit the authentication operation.

Either [Mode 1] or [Mode 2] can be selected for Prohibited Functions When Authentication Error. The factory setting is [Mode 1]. If the Enhanced Security Mode is set to [ON], it is prohibited to change the setting from

[Mode 2] (check count: three times). It is nonetheless possible to change the check count to select from among once, twice, or three times. If [Mode 2] is selected, the Release Time Settings function is enabled.

When the Administrator Settings is set into the access lock state, the main power switch is turned off and on and, after the lapse of a predetermined period of time after the machine is turned on again, the access lock state of the Administrator Settings is canceled. The Release Time Settings function allows the period of time, after the lapse of which the access lock state of the Administrator Settings is canceled, to be set in the range between 1 and 60 min. The factory setting is 5 min. For details of each mode, see the table below.

2.3.1

Mode

Mode 1

Mode 2

Description

If authentication fails, the authentication operation (entry of the password) is prohibited for 5 sec.

If authentication fails, the authentication operation (entry of the password) is prohibited for 5 sec.

The number of times, in which authentication fails, is also counted and, when the failure count reaches a predetermined value, the authentication operation is prohibited and the machine is set into an access lock state.

2

Note

If the access lock state of the Administrator Settings is canceled by the Service Engineer, the setting of the Release Time Settings function is not applied.

Setting Prohibited Functions When Authentication Error

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

Release Time can be set to any value between 1 min. and 60 min. in 1-min. increments. An input data error message appears when any value falling outside the range of 1 to 60 min. is set. Enter the correct

Release Time again.

In the Enhanced Security Mode, Release Time less than 5 min. cannot be set.

VarioLink 3622/4222/5022 2-14

Administrator Operations

2

<Setting can be made only from the control panel>

0

For the procedure to call the Security Settings menu to the display, see steps 1 and 2 of

"Setting the

Enhanced Security Mode" on page 2-11

.

1

Call the Security Settings to the screen from the control panel.

2

Touch [Security Details].

3

Touch [Prohibited Functions When Authentication Error].

4

Touch [Mode 2].

– To change the check count, touch [+] to increase the count or [-] to decrease it.

5

Touch [Release Time Settings].

VarioLink 3622/4222/5022 2-15

Administrator Operations

2

6

Press the [C] key and, from the keypad, enter the time, after the lapse of which the access lock state of the Administrator Settings is canceled.

7

Touch [OK].

VarioLink 3622/4222/5022 2-16

Administrator Operations

2.4

2.4.1

2

Canceling the Operation Prohibited State

When access to the Administrator of the machine by the Administrator Settings via the control panel is authenticated, the machine enables the operation of Release Setting performed for canceling the state of

Prohibited Functions When Authentication Error (access lock state) as a result of unauthorized access.

Release Setting clears the unauthorized access check count for all User Authentication, Account Track,

SNMP authentication, all Secure Print authentication, and all User Box authentication, resetting it to zero.

-

-

-

Perform the following procedure to cancel the password entry prohibited state.

Administrator Settings: The operation prohibited state is canceled by the Service Engineer, or after the lapse of a predetermined period of time after the main power switch is turned off and on

User/Account authentication: Release

Secure Print authentication: Release

User Box authentication: Release

SNMP authentication: Release

Performing Release Setting

2

Note

When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. if there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0

For the procedure to call the Security Details menu to the display, see steps 1 and 2 of

"Setting

Prohibited Functions When Authentication Error" on page 2-14

.

1

Call the Security Details to the screen from the control panel.

2

Touch [Prohibited Functions When Authentication Error].

VarioLink 3622/4222/5022 2-17

Administrator Operations

3

Touch [Release].

4

Select the function, for which Prohibit Function as a result of unauthorized access is to be released.

5

Touch [OK].

This clears the unauthorized access check count of the specific function selected in step 4.

2

VarioLink 3622/4222/5022 2-18

Administrator Operations

2.5

2.5.1

2

Setting the Authentication Method

When access to the Administrator of the machine by the Administrator Settings via the control panel is authenticated, the machine enables setting of the authentication method for User Authentication and for

Account Track.

The User Authentication method may be [ON (MFP)] that uses the authentication system the machine has,

[ON (External Server)] that uses a user information control system of the external server, or [OFF].

If the Enhanced Security Mode is set to [ON], the authentication method should be operated by either [ON

(MFP)] or [ON (External Server)] (Active Directory).

The Account Track authentication method may be set to [ON] or [OFF]. If [ON] is selected, two or more users may be classified into different groups for control.

It is also possible to synchronize User Authentication with Account Track. Selecting "Synchronize" for

"Synchronize User Authentication & Account Track" allows the machine to be used only through User

Authentication.

!

Detail

Changing the Account Track setting erases all user and account information data that has previously been registered. This changes all Personal User Boxes owned by the users who are deleted and all

Group User Boxes owned by the accounts that are deleted to Public User Boxes. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the

Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

2

Note

If [ON (External Server)] is selected for the authentication method, be sure to select [Active Directory] in the External Server Settings.

Setting the Authentication Method

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [User Authentication/Account Track].

VarioLink 3622/4222/5022 2-19

Administrator Operations

3

Touch [General Settings].

2

4

Select [User Authentication] and touch [ON (MFP)] or [ON (External Server)].

?

What steps must be performed to use the External Server?

% To use the External Server, the External Server must be registered in advance.

% For how to make the External Server Settings, see

"Setting the External Server" on page 2-22

.

5

Select [Account Track] and touch [ON].

– If the Account Track is not to be used, go to step 7.

VarioLink 3622/4222/5022 2-20

Administrator Operations

6

Select [Synchronize User Authentication & Account Track] and touch [Synchronize].

2

– To separate the User Authentication from Account Track authentication screens, select [Do not

Synchronize].

7

Touch [OK].

8

A message appears that prompts you to clear the use control data. Now, select [Yes] and touch [OK].

VarioLink 3622/4222/5022 2-21

Administrator Operations

2.5.2

2

Setting the External Server

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

If [ON (External Server)] is selected for the authentication method, the External Server must be registered in the machine in advance.

A Sever Name that already exists cannot be redundantly registered.

<Setting can be made only from the control panel>

0 For the procedure to call the User Authentication/Account Track screen to the display, see steps 1 and

2 of

"Setting the Authentication Method" on page 2-19

.

1

Call the User Authentication/Account Track screen to the display from the control panel.

2

Touch [External Sever Settings].

3

Touch the specific Sever Registration key, in which no sever has been registered.

4

Touch [New].

?

What steps should be followed to change or delete a server previously registered?

% To change or delete a previously registered server, touch [Edit] or [Delete].

5

Touch [Server Type].

VarioLink 3622/4222/5022 2-22

Administrator Operations

6

Touch [Active Directory].

7

From the keyboard and keypad, enter the Domain Name and touch [OK].

8

Touch [OK].

2

9

Make the necessary settings.

?

What happens if the Sever Name is yet to be entered?

% If the Sever Name is yet to be entered, the [OK] cannot be touched. Be sure to enter the Sever Name.

10

Touch [OK].

11

Touch [Close].

?

What steps should be performed if two or more External Servers have been registered?

% If two or more External Servers have been registered, select any desired server and touch [Set as

Default].

VarioLink 3622/4222/5022 2-23

Administrator Operations

2.6

2.6.1

2

System Auto Reset Function

When access to the Administrator of the machine by the Administrator Settings via the control panel is authenticated, the machine enables setting of the operation of the System Auto Reset function.

If no operations are performed for a predetermined period of time during access to the Administrator Settings or user mode (during setting of User Authentication) from the control panel, the System Auto Reset function automatically causes the user to log off from the mode. Processing of a specific function, however, takes precedence over the System Auto Reset function. That is, even if a predetermined period of time elapses during which no operations are performed, once the processing of the specific function has been started, the

System Auto Reset function does not cause the user to log off from the mode.

The predetermined period of time, after which the System Auto Reset function is activated, can be selected from among nine values between 1 min. and 9 min. System Auto Reset can also be set to [OFF]. If no operations are performed for 1 min. even with System Auto Reset set to [OFF], the function causes the user to log off from the mode automatically.

Setting the System Auto Reset function

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [System Settings].

3

Touch [Reset Settings].

VarioLink 3622/4222/5022 2-24

Administrator Operations

4

Touch [System Auto Reset].

2

5

Press the [C] key and enter the period of time (1 min. to 9 min.) after which System Auto Reset is activated from the keypad.

– The time for System Auto Reset can be set to a value between 1 min. and 9 min., variable in 1-min. increments. An input data error message appears when any value falling outside the range of 1 to 9 min. is set. Enter the correct System Auto Reset Time again.

– If no operations are performed for 1 min. even with System Auto Reset set to [OFF], the function is activated to cause the user to log off from the mode automatically.

– Press the [C] key to clear all characters.

6

Touch [OK].

VarioLink 3622/4222/5022 2-25

Administrator Operations

2.7

2

User Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables registration of the users who can use the machine. It also enables operations for deleting a user and changing a User Password. In Web Connection, import/export of the user registration information is enabled, allowing the backup data of the user registration information to be saved or the saved backup data to be restored.

User Registration allows the User Name, User Password, and other user information to be registered for enabling access to, or operation of, the machine. Up to 1,000 different users can be registered. User

Registration allows identification and authentication of each individual user, thereby preventing unauthorized use of the machine. A User Password may consist of 8 to 64 digits. The password entered is displayed as "*" or "

●."

!

Detail

If [ON (External Server)] (Active Directory) is set for the authentication method, it is not possible to make user registration or change a User Password from the control panel. To register or change a user, make the settings on the server side. If Data Administrator is used for registering user information, however, the user name must match that registered in the External Server. Further, a User Password can be set, but is not to be used for authentication.

If [ON (External Server)] (Active Directory) is set for the authentication method and if a user not registered with this machine is authenticated through user authentication, that particular user name is automatically registered in the machine.

If [ON (External Server)] (Active Directory) is set for the authentication method and if a user registered with this machine is authenticated through user authentication, that particular user name, along with the External Server name, is automatically registered in the machine. No two User Names registered in an External Server may be alike.

If the user authentication method is changed between [ON (MFP)] and [ON (External Server)], the user information registered under the previous authentication method cannot be used under the new authentication method.

If the user authentication method is to be changed, be sure first to delete all user information used under the old authentication method and then change the user authentication method as necessary. If a previously registered user is deleted, the Personal User Box owned by that specific user is changed to

Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

2

Note

If synchronization with Account Track has been set, the account should be registered in advance. For

how to make the Account Track Registration, see

"Account Track Setting Function" on page 2-34

.

VarioLink 3622/4222/5022 2-26

Administrator Operations

2.7.1

2

Making user setting

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

A User Name that already exists cannot be redundantly registered.

<From the Control Panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [User Authentication/Account Track].

3

Touch [User Authentication Settings].

VarioLink 3622/4222/5022 2-27

Administrator Operations

4

Touch [User Registration].

2

5

Select a specific User Registration key, in which no user has been registered, and touch [Edit].

?

What steps should be taken to delete a previously registered user or change a User Password?

% To delete a previously registered user or change a User Password, touch the corresponding User

Registration key.

% To change a User Password, perform steps 6 through 8.

6

Touch [Password].

VarioLink 3622/4222/5022 2-28

Administrator Operations

7

From the keyboard and keypad, enter a new User Password that may consist of 8 or more digits.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 6.

8

Touch [OK].

?

What happens if the User Password entered does not meet the requirements of the Password

Rules?

% If the User Password entered does not comply with the Password Rules, a message appears that tells that the User Password entered cannot be used. Enter the correct User Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

9

To prevent entry of a wrong password, enter the User Password that consists of 8 to 64 digits again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 6.

10

Touch [OK].

?

What happens if there is a mismatch in the User Passwords?

% If there is a mismatch in the User Passwords, a message appears that tells that there is a mismatch in the User Passwords. Perform steps 7 through 10 once again.

VarioLink 3622/4222/5022 2-29

Administrator Operations

11

Touch [Account Name].

2

?

What happens if Account Track has not been set or synchronization with Account Track has not been set for the authentication method?

% If Account Name is not registered, Account Track becomes necessary even with "Synchronize" set for "Synchronize User Authentication & Account Track." Account Track is, however, necessary only for the first time. Once any account is authenticated, that particular account is registered for

Account Name. The machine can thereafter be used only through User Authentication.

It should be noted that this function is valid only through operation from the control panel of the machine. In operation from Web Connection or application software, if Account Name is not registered, User Authentication and Account Track are necessary each time, even with

"Synchronize" set for "Synchronize User Authentication & Account Track."

% [Account Name] is not displayed if Account Track has not been set or synchronization with Account

Track has not been set for the authentication method.

12

Select the arbitrary Account.

13

Touch [OK].

14

Make the necessary settings.

?

What happens if the User Name is yet to be entered?

% If the User Name is yet to be entered, the [OK] cannot be touched. Be sure to enter the User Name.

15

Touch [OK].

VarioLink 3622/4222/5022 2-30

Administrator Operations

2

2

Reminder

To delete a previously registered user, touch [Delete] in step 5. Check the contents of registration on the confirmation screen and select [Yes] and touch [OK] if the previously registered user is to be deleted. Note that, if a previously registered user is deleted, the Personal User Box owned by that specific user is changed to Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public

User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-31

Administrator Operations

<From Web Connection>

0 For the procedure to access the Admin Mode, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Security] tab and the [User Registration] menu.

2

3

Click the [New Registration].

– To change a User Password, click the [Edit] and select the "User Password is changed." check box.

Then, enter the new User Password.

4

Make the necessary settings.

VarioLink 3622/4222/5022 2-32

Administrator Operations

2

– Click the [Cancel] to go back to the previous screen.

?

Are there any precautions to be used when making settings?

% Any number that has previously been registered cannot be registered.

% The User Password to be registered must the requirements of the Password Rules. For details of

the Password Rules, see

"Password Rules" on page 1-9

.

?

What happens if Account Track has not been set or synchronization with Account Track has not been set for the authentication method?

% [Account Name] is not displayed if Account Track has not been set or synchronization with Account

Track has not been set for the authentication method.

5

Click the [OK].

?

What happens if the User Password entered does not meet the requirements of the Password

Rules?

% If the User Password entered does not comply with the Password Rules, a message appears that tells that the User Password entered cannot be used. Click [OK] to go back to the screen of step 3.

Perform steps 3 through 5 once again. For details of the Password Rules, see

"Password Rules" on page 1-9

.

?

What happens if there is a mismatch in the User Passwords?

% If there is a mismatch in the User Passwords, a message appears that tells that there is a mismatch in the User Passwords. Enter the correct User Password.

6

Check the message that tells that the setting has been completed. Then, click [OK].

2

Reminder

To delete a previously registered user, touch the [Delete] in step 3. Check the contents of registration on the confirmation screen and touch [OK] if the previously registered user is to be deleted. Note that, if a previously registered user is deleted, the Personal User Box owned by that specific user is changed to Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-33

Administrator Operations

2.8

2.8.1

2

Account Track Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables registration of accounts, for which use of the machine is restricted. It also enables operations for deleting a account and changing a Account Password. In Web Connection, import/export of the account registration information is enabled, allowing the backup data of the account registration information to be saved or the saved backup data to be restored.

Account Track Registration allows the Account Name, Account Password, and other account information to be registered for enabling access to, or operation of, the machine. Up to 1,000 different users or accounts can be registered. A Account Password may consist of 8 digits. The password entered is displayed as "*" or

"

●."

Making account setting

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

A Account Name that already exists cannot be redundantly registered.

<From the Control Panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [User Authentication/Account Track].

3

Touch [Account Track Settings].

VarioLink 3622/4222/5022 2-34

Administrator Operations

4

Touch [Account Track Registration].

2

5

Select a specific Account Registration key, in which no account has been registered, and touch [Edit].

?

What steps should be taken to delete a previously registered account or change a Account

Password?

% To delete a previously registered account or change a Account Password, touch the corresponding

Account Track Registration key.

% To change a Account Password, perform steps 6 through 8.

6

Touch [Password].

VarioLink 3622/4222/5022 2-35

Administrator Operations

7

From the keyboard and keypad, enter a new Account Password that may consist of 8 digits.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 6.

8

Touch [OK].

?

What happens if the Account Password entered does not meet the requirements of the Password

Rules?

% If the Account Password entered does not comply with the Password Rules, a message appears that tells that the Account Password entered cannot be used. Enter the correct Account Password.

For details of the Password Rules, see

"Password Rules" on page 1-9

.

9

To prevent entry of a wrong password, enter the Account Password that consists of 8 digits again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 6.

10

Touch [OK].

?

What happens if there is a mismatch in the Account Passwords?

% If there is a mismatch in the Account Passwords, a message appears that tells that there is a mismatch in the Account Passwords. Perform steps 7 through 10 once again.

11

Make the necessary settings.

?

What happens if the Account Name is yet to be entered?

% If the Account Name is yet to be entered, the [OK] cannot be touched. Be sure to enter the Account

Name.

12

Touch [OK].

VarioLink 3622/4222/5022 2-36

Administrator Operations

2

2

Reminder

To delete a previously registered account, touch [Delete] in step 5. Check the contents of registration on the confirmation screen and select [Yes] and touch [OK] if the previously registered account is to be deleted. Note that, if a previously registered account is deleted, the Group User Box owned by that specific account is changed to Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the Password

Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-37

Administrator Operations

<From Web Connection>

0 For the procedure to access the Admin Mode, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Security] tab and the [Account Track Registration] menu.

2

3

Click the [New Registration].

– To change a Account Password, click the [Edit] and select the "Password is changed." check box.

Then, enter the new Account Password.

4

Make the necessary settings.

– Click the [Cancel] to go back to the previous screen.

VarioLink 3622/4222/5022 2-38

Administrator Operations

2

?

Are there any precautions to be used when making settings?

% Any number that has previously been registered cannot be registered.

% The Account Password to be registered must the requirements of the Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

5

Click the [OK].

?

What happens if the Account Password entered does not meet the requirements of the Password

Rules?

% If the Account Password entered does not comply with the Password Rules, a message appears that tells that the Account Password entered cannot be used. Click [OK] to go back to the screen of step 3. Perform steps 3 through 5 once again. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

?

What happens if there is a mismatch in the Account Passwords?

% If there is a mismatch in the Account Passwords, a message appears that tells that there is a mismatch in the Account Passwords. Enter the correct Account Password.

6

Check the message that tells that the setting has been completed. Then, click [OK].

2

Reminder

To delete a previously registered account, touch the [Delete] in step 3. Check the contents of registration on the confirmation screen and touch [OK] if the previously registered account is to be deleted. Note that, if a previously registered account is deleted, the Group User Box owned by that specific account is changed to Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the Password

Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-39

Administrator Operations

2.9

2.9.1

2

User Box Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables the User Box. It also allows the User Box Password and user and account attributes to be changed.

User Box prepares a User Box in the HDD as a space for saving image files. The Administrator of the machine is allowed to register a Public User Box that is shared among registered users. Up to 1,000 personal, public and Group User Boxes can be registered. A User Box Password may consist of 8 digits. The password entered is displayed as "*" or "

●."

The term "user attributes" is a generic name used to refer to Owner Change and User Box Type.

The term "account attributes" is a generic name used to refer to Owner Change and Account Box Type.

2

Note

If [ON (External Server)] (Active Directory) is set for the authentication method, the same Personal User

Box name as that registered with the machine can be created and registered along with the External

Server name. No two Personal User Box names registered in an External Server may be alike.

2

Reminder

If a job is executed in the copy, fax, or scan mode by specifying a User Box number that has not been registered, the Personal User Box owned by the user who logged on through User Authentication is automatically registered.

Setting the User Box

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to access the Administrator Settings, see

"Accessing the Administrator Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [One-Touch/User Box Registration].

VarioLink 3622/4222/5022 2-40

Administrator Operations

3

Touch [Create User Box].

4

Touch [Public/Personal User Box].

5

Touch [New].

2

VarioLink 3622/4222/5022 2-41

Administrator Operations

– To change the setting of a User Box, touch the corresponding User Box key.

2

?

What steps should be taken to delete a previously registered User Box or change a User Box

Password, user attributes and account attributes?

% To change the User Box Password, user attributes and account attributes, touch [Edit].

% For a Personal User Box, the User Box Type and owner can be set or changed. For the change

procedure, see

"Changing the user attributes and account attributes" on page 2-46

.

% To delete a User Box, touch [Delete]. A message will then appear for confirming whether or not the specified User Box can be surely deleted. Select [Yes] and touch [OK] to delete the specified User

Box.

6

Touch [Password].

7

Enter the new 8-digit User Box Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 6.

VarioLink 3622/4222/5022 2-42

Administrator Operations

2

8

Touch [OK].

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules?

% If the User Box Password entered does not comply with the requirements of the Password Rules, a message appears that tells that the User Box Password entered cannot be used. Enter the correct

User Box Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

9

To prevent entry of a wrong password, enter the 8-digit User Box Password again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 6.

10

Touch [OK].

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Passwords, a message appears that tells that there is a mismatch in the User Box Passwords. Perform steps 6 through 10 once again.

11

Make the necessary settings.

?

What if a User Box No. is duplicated?

% A User Box No. that has been registered cannot be registered anew.

?

What if no Name has been entered?

% If no Name has been registered, [OK] cannot be touched. Be sure to register the Name.

12

Touch [OK].

VarioLink 3622/4222/5022 2-43

Administrator Operations

<From Web Connection>

0 For the procedure to access the Admin Mode, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Box] tab and the [Create User Box] menu.

2

3

Make the necessary settings.

?

Are there any precautions to be used when making settings?

% Be sure to enter the User Box Number., User Box Name, User Box Password, and Retype User Box

Password.

% A User Box Number that has been registered cannot be registered anew.

4

Click the [OK].

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules?

% If the User Box Password entered does not comply with the Password Rules, a message appears that tells that the User Box Passwords entered cannot be used. Click [OK] to go back to the screen

VarioLink 3622/4222/5022 2-44

Administrator Operations

2

of step 3. Perform steps 3 through 4 once again. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Passwords, a message appears that tells that there is a mismatch in the User Box Passwords. Enter the correct User Box Password.

?

What steps should be performed to change the user attributes, account attributes and User Box

Password?

% For the procedure to change the user attributes, account attributes and User Box Password, see

"Changing the user attributes and account attributes" on page 2-46

.

5

Check the message that tells that the setting has been completed. Then, click [OK].

VarioLink 3622/4222/5022 2-45

Administrator Operations

2.9.2

2

Changing the user attributes and account attributes

The Administrator of the machine can change the box type of the box previously registered. For the Personal

User Box, the owner user can be changed, and for the Group User Box, the owner account can be changed.

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the User Box setting screen to the display, see steps 1 through 4 of

"Setting the User Box" on page 2-40

.

1

Call the User Box setting screen to the display from the control panel.

2

Select the desired User Box key and touch [Edit].

– If the User Box Type has been changed, go to step 3. If the User Box Password has been changed, go to step 7.

– To change the owner user or owner account, perform steps 4 to 6.

3

Select the User Box Type.

VarioLink 3622/4222/5022 2-46

Administrator Operations

2

– [Change Owner] appears if the Box Type has been changed to [Personal]. Select the desired user name of the owner.

– [Change Account Name] appears if the Box Type has been changed to [Group]. Select the desired account name of the owner.

?

What happens when the User Box Type is changed?

% Changing the User Box Type clears the User Box Password. Perform steps 7 through 11 to set the

User Box Password.

% If the User Box Type has been changed to [Public], set a User Box Password that meets the requirements of the Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

?

What happens if the box type is changed to [Public]?

% Changing the box type to [Public] nullifies the setting of the owner user or owner account.

% Public User Box cannot be changed to Personal User Box or Group User Box.

4

Touch [Change Owner] if the box type is [Personal] and touch [Change Account Name] if the box type is [Group].

VarioLink 3622/4222/5022 2-47

Administrator Operations

5

For [Change Owner], select the desired user.

– For [Change Account Name], select the desired user.

2

6

Touch [OK].

7

Touch [Password].

8

Enter the new 8-digit User Box Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 3.

VarioLink 3622/4222/5022 2-48

Administrator Operations

2

9

Touch [OK].

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules when [Public] is set for the box type?

% If the User Box Password entered does not comply with the Password Rules with [Public] set for the box type, a message appears that tells that the User Box Password entered cannot be used. For details of the Password Rules, see

"Password Rules" on page 1-9

.

10

To prevent entry of a wrong password, enter the 8-digit User Box Password again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 3.

11

Touch [OK].

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Passwords, a message appears that tells that there is a mismatch in the User Box Passwords. Perform steps 8 through 11 once again.

VarioLink 3622/4222/5022 2-49

Administrator Operations

<From Web Connection>

0 For the procedure to access the Admin Mode, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Box] tab and the [Open User Box] menu.

2

3

Enter any given User Box Number and click [OK].

4

Click the [User Box Setting].

VarioLink 3622/4222/5022 2-50

Administrator Operations

2

– Go to step 5 if the selected User Box Type is [Personal] or [Group], and go to step 6 if the selected

User Box Type is [Public].

?

What steps should be performed to delete a User Box?

% To delete a User Box, click [Delete User Box]. A message will then appear for confirming whether the specific User Box can definitely be deleted. Click [OK] to delete the specified User Box.

5

Click the "User Box Owner is changed." check box and change the user attributes of the box.

– Clicking User List allows a account to be selected from among those registered in Account List.

– User Name can be directly entered in the Owner Name box.

– The following screen appears if the account attributes are to be changed.

– Click [Account List] to select a specific user from the registered User List.

– An account name may be directly entered in the Account Name box.

?

What happens if User Box Owner is changed. is clicked?

% If the "User Box Owner is changed." check box is clicked, it clears the User Box Password. Be sure to set the User Box Password again.

% If the "User Box Owner is changed." check box is not clicked, the changes made will not be validated. If the changes need to be made, make sure that the "User Box Owner is changed." check box has been clicked.

?

What steps can be taken to change the User Box Type?

% To change the User Box Type, click the Type pull-down menu and select the desired box type.

?

What precautions should be used when entering the Owner Name?

% Enter the User Name that has been registered through User Registration for the Owner Name.

?

What precautions should be account when entering the Account Name?

% Enter the Account Name that has been registered through Account Registration for the Account

Name.

VarioLink 3622/4222/5022 2-51

Administrator Operations

2

6

Click the "User Box Password is changed." check box and enter the User Box Password.

?

What precautions should be used when entering the User Box Password?

% If the User Box Type has been set to [Public], enter a User Box Password that meets the requirements of the Password Rules in the "New Password" box. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% In the "Retype New Password" box, enter the same User Box Password as that entered in the "New

Password" box.

7

Click the [OK].

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules when Public is set for User Box Type?

% If the User Box Password entered does not meet the requirements of the Password Rules when

[Public] is set for User Box Type, a message appears that tells that the User Box Password entered cannot be used. Click [OK] to go back to the screen of step 4. Perform steps 4 through 7 once again.

For details of the Password Rules, see

"Password Rules" on page 1-9

.

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Password between that entered in "New Password" and that entered in "Retype New Password," a message appears that tells that there is a mismatch in the

User Box Password. Enter the correct User Box Password.

?

What if no Owner Name, or a wrong one, has been entered?

% If no Owner Name is entered, a message appears that tells that no Owner Names have been entered. Enter the correct Owner Name.

% If a user name not registered with the machine is entered in the "Owner Name" box, a message appears that tells that the Owner Name entered in the box is illegal. Click [OK] to go back to the screen of step 3. Perform steps 3 through 7 once again.

?

What if no Account Name, or a wrong one, has been entered?

% If no Account Name is entered, a message appears that tells that no Account Names have been entered. Enter the correct Account Name.

% If a user name not registered with the machine is entered in the "Account Name" box, a message appears that tells that the Account Name entered in the box is illegal. Click [OK] to go back to the screen of step 3. Perform steps 3 through 7 once again.

VarioLink 3622/4222/5022 2-52

Administrator Operations

2

2.10

Changing the Administrator Password

When access to the Administrator of the machine from the control panel by the Administrator Settings is authenticated, the machine enables the operation of changing the Administrator Password required for accessing the Administrator Settings.

The Administrator Password entered for the authentication purpose appears as "*" on the display.

2.10.1

Changing the Administrator Password

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0

For the procedure to call the Security Settings menu to the display, see steps 1 and 2 of

"Setting the

Enhanced Security Mode" on page 2-11

.

1

Call the Security Settings to the screen from the control panel.

2

Touch [Administrator Password].

3

Enter the currently set 8-digit Administrator Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

VarioLink 3622/4222/5022 2-53

Administrator Operations

2

4

Touch [OK].

?

What if an Administrator Password different from that is currently registered is mistakenly entered?

% If there is a mismatch between the currently registered Administrator Password and the

Administrator Password entered, a message appears that tells that there is a mismatch in the

Administrator Passwords. Enter the correct Administrator Password.

% If the Enhanced Security Mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine, the Utility screen appears and the machine is set into an access lock state. To cancel the access lock state, settings must be made by the Service

Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release

Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

5

Enter the new 8-digit Administrator Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

6

Touch [OK].

?

What happens if the Administrator Password entered does not meet the requirements of the

Password Rules?

% If the Administrator Password entered does not comply with the Password Rules, a message appears that tells that the Administrator Password entered cannot be used. Enter the correct

Administrator Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-54

Administrator Operations

7

To prevent entry of a wrong Administrator Password, enter the new 8-digit Administrator Password once again.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

8

Touch [OK].

?

What happens if there is a mismatch in the Administrator Passwords?

% If there is a mismatch in the Administrator Passwords, a message appears that tells that there is a mismatch in the Administrator Passwords. Perform steps 5 through 8 once again.

VarioLink 3622/4222/5022 2-55

Administrator Operations

2

2.11

Protecting Data in the HDD

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables the operation for setting and changing the HDD Lock Password. It also enables the operation for setting and changing the Image Data Encryption Passphrase when the optional Security Kit SC-505 is mounted.

Should the HDD be removed unawares, the HDD Lock Password locks the HDD protecting data contained in the HDD. Furthermore, by setting the Image Data Encryption Passphrase, encrypt the image data which is registered by secure print or the image data which is saved in the user boxes and protect the data. The HDD

Lock Password and Image Data Encryption Passphrase entered are displayed as "*."

2

Note

Do not set any number that can easily be guessed from birthdays, employee identification numbers, and the like for the HDD Lock Password and Image Data Encryption Passphrase. Try to change the password at regular intervals.

Make sure that nobody but the Administrator of the machine comes to know the HDD Lock Password or Image Data Encryption Passphrase.

If only the Image Data Encryption Passphrase is to be set while the machine is being used without setting the HDD Lock Password or Image Data Encryption Passphrase, the Service Engineer must perform some setting procedures in advance. For more details, ask the Service Representative.

2

Reminder

When the HDD Lock Password is set, HDD verification is carried out when the machine is started. If the

HDD has been improperly replaced with another, or if the HDD Lock Password is yet to be set, a message appears that tells that there is a mismatch between the HDD and the HDD Lock Password.

Further, the HDD has the following function. That is, if the HDD is illegally removed or replaced with another, detection of a wrong HDD Lock Password five consecutive times will lock the authentication function. Leak of data can thus be prevented.

When an Image Data Encryption Passphrase (encryption word) is set using HDD Encryption Setting, an

Image Data Encryption Passphrase with a key length of 256 bits is generated using the SHA-256 algorithm. The generated Image Data Encryption Passphrase is used to encrypt or decrypt data through

AES encryption algorithm.

2.11.1

Setting the HDD Lock Password

2

Note

When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. if there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

VarioLink 3622/4222/5022 2-56

Administrator Operations

2

<Setting can be made only from the control panel>

0

For the procedure to call the Security Settings menu to the display, see steps 1 and 2 of

"Setting the

Enhanced Security Mode" on page 2-11

.

1

Call the Security Settings to the screen from the control panel.

2

Touch [HDD Settings].

3

Touch [HDD Lock Password].

4

Enter the 20-digit HDD Lock Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

VarioLink 3622/4222/5022 2-57

Administrator Operations

2

5

Touch [OK].

?

What happens if the HDD Lock Password entered does not meet the requirements of the Password

Rules?

% If the HDD Lock Password entered does not comply with the Password Rules, a message appears that tells that the HDD Lock Password entered cannot be used. Enter the correct HDD Lock

Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% To change the HDD Lock Password, see

"Changing the HDD Lock Password" on page 2-59

.

6

To prevent entry of a wrong password, enter the 20-digit HDD Lock Password once again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

7

Touch [OK].

?

What happens if there is a mismatch in the HDD Lock Passwords?

% If there is a mismatch in the HDD Lock Passwords, a message appears that tells that there is a mismatch in the HDD Lock. Perform steps 4 and 5 once again.

8

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

2

Note

NEVER forget the HDD Lock Password set through the above procedure. The HDD Lock Password must be entered when changing canceling the HDD Lock Password.

VarioLink 3622/4222/5022 2-58

Administrator Operations

2

2.11.2

Changing the HDD Lock Password

2

Note

When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. if there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0

To call the HDD Lock Password entry screen to the display, see steps 1 through 3 of

"Setting the HDD

Lock Password" on page 2-56

.

1

Call the HDD Lock Password entry screen to the display from the control panel.

2

Enter the currently registered 20-digit HDD Lock Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

3

Select the [Edit] and touch [OK].

?

What happens if there is a mismatch in the HDD Lock Passwords?

% If there is a mismatch in the HDD Lock Passwords, a message appears that tells that there is a mismatch in the HDD Lock Passwords. Enter the correct password.

VarioLink 3622/4222/5022 2-59

Administrator Operations

4

Enter the 20-digit HDD Lock Password from the keyboard and keypad.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

5

Touch [OK].

?

What happens if the HDD Lock Password entered does not meet the requirements of the Password

Rules?

% If the HDD Lock Password entered does not comply with the Password Rules, a message appears that tells that the HDD Lock Password entered cannot be used. Enter the correct HDD Lock

Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

6

To prevent entry of a wrong password, enter the 20-digit HDD Lock Password once again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

7

Touch [OK].

?

What happens if there is a mismatch in the HDD Lock Passwords?

% If there is a mismatch in the HDD Lock Passwords, a message appears that tells that there is a mismatch in the HDD Lock Passwords. Perform steps 4 through 7 once again.

VarioLink 3622/4222/5022 2-60

Administrator Operations

8

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

2

2

Note

NEVER forget the HDD Lock Password set through the above procedure. The HDD Lock Password must be entered when changing canceling the HDD Lock Password.

VarioLink 3622/4222/5022 2-61

Administrator Operations

2

2.11.3

Setting the Image Data Encryption Passphrase

2

Note

When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. if there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

Image Data Encryption Passphrase cannot be deleted when the Enhanced Security Mode is set to ON.

To delete the Image Data Encryption Passphrase, the Enhanced Security Mode must be turned OFF temporarily.

Image Data Encryption Passphrase can be set or changed when the Enhanced Security Mode is set to

ON.

<Setting can be made only from the control panel>

0

For the procedure to call the HDD Settings menu to the display, see steps 1 and 2 of

"Setting the HDD

Lock Password" on page 2-56

.

1

Call the HDD Settings to the screen from the control panel.

2

When Touch [HDD Encryption Setting], [Image Data Encryption Passphrase] appears.

3

Touch [Image Data Encryption Passphrase].

VarioLink 3622/4222/5022 2-62

Administrator Operations

2

4

A message appears that confirms whether or not the setting of the Image Data Encryption Passphrase is to be continued. Select [Yes] and touch [OK].

5

Enter the new 20-digit Image Data Encryption Passphrase from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

6

Touch [OK].

?

What happens if the Image Data Encryption Passphrase entered does not meet the requirements of the Password Rules?

% If the Image Data Encryption Passphrase entered does not comply with the Password Rules, a message appears that tells that the Image Data Encryption Passphrase entered cannot be used.

Enter the correct Image Data Encryption Passphrase. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% To change the Image Data Encryption Passphrase, see

"Changing the Image Data Encryption

Passphrase" on page 2-67

.

VarioLink 3622/4222/5022 2-63

Administrator Operations

7

To prevent entry of a wrong Image Data Encryption Passphrase, enter the 20-digit Image Data

Encryption Passphrase once again.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

8

Touch [OK].

?

What if there is a mismatch in the Image Data Encryption Passphrases?

% If there is a mismatch in the Image Data Encryption Passphrases, a message appears that tells that there is a mismatch in the Image Data Encryption Passphrases. Perform steps 4 through 7 once again.

9

Select the image data formatting method.

– HDD Format

Outline: Image data is deleted logically.

Date migration condition: Abbreviated address, Group address, Program address, Box information,

User registration, Group registration, Program memory are migrated, however, Audit log, Job history, Fax journal and encrypted PDF file are deleted.

Image data deletion condition: As it is the logical deletion, remaining information of the data remains at HDD.

Execution time: Around 30 seconds.

Operation method: Go to step 10 when HDD format is selected.

– Overwrite image data

Outline: Image data currently set is deleted.

Data migration condition: All data excepting image data is migrated.

Image data deletion condition: When Primary data overwrite function is ON, Image data is overwritten according to the setting condition of the Overwrite

Primary data. When the function is OFF, remaining data remains at

HDD.

Execution time: The time depends on the amount of image.

Operation method: Go to step 13, when Overwrite Image data is selected.

– Overwrite All data

Outline: HDD partitions that store image data are overwritten according to the set mode.

Data migration condition: Abbreviated address, Group address, Program address, Box information,

User registration, Group registration, Program memory are migrated, however, Audit log, Job history, Fax journal and encrypted PDF file are deleted.

Image data delete condition: All image data including remaining one is deleted.

Execution time: Execution time varies between 1 hour or less and 4 hours according to the mode set.

Operation method: Go to step 16 when Overwrite All data is selected.

VarioLink 3622/4222/5022 2-64

Administrator Operations

10

A message will appear that confirms whether the HDD may be formatted or not.

Select the [Yes] and touch [OK].

2

11

"Now formatting HDD. Please wait." message appears.

12

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

13

A message appears asking whether you want to overwrite image data. Select [YES] and touch [OK].

14

"All data is being overwritten and cleared. Please wait." message appears.

VarioLink 3622/4222/5022 2-65

Administrator Operations

15

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

2

16

Select the desired mode and touch [Delete].

The overwrite method can be chosen from eight different modes of [Mode 1] to [Mode 8]. Overwrite All

Data takes about 1 hour in [Mode 1] at the minimum and about 4 hours in [Mode 8] at the maximum.

For the overwrite methods of [Mode 1] to [Mode 8], see

"Setting the Overwrite All Data function" on page 2-78

.

17

A message appears asking whether you want to overwrite all data. Select [YES] and touch [OK].

18

"All data is being overwritten and cleared. Please wait." message appears.

19

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

VarioLink 3622/4222/5022 2-66

Administrator Operations

2

2.11.4

Changing the Image Data Encryption Passphrase

2

Note

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0 For the procedure to call the Image Data Encryption Passphrase entry screen to the display, see steps

1 through 3 of

"Setting the Image Data Encryption Passphrase" on page 2-62

.

1

Call the Image Data Encryption Passphrase entry screen to the display.

2

Enter the currently registered 20-digit Image Data Encryption Passphrase from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

3

Select the [Edit] and touch [OK].

?

What if there is a mismatch in the Image Data Encryption Passphrase?

% If there is a mismatch in the Image Data Encryption Passphrase, a message appears that tells that there is a mismatch in the Image Data Encryption Passphrase. Enter the correct Image Data

Encryption Passphrase once again.

VarioLink 3622/4222/5022 2-67

Administrator Operations

4

Enter the new 20-digit Image Data Encryption Passphrase from the keyboard and keypad.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

5

Touch [OK].

?

What happens if the Image Data Encryption Passphrase entered does not meet the requirements of the Password Rules?

% If the Image Data Encryption Passphrase entered does not comply with the Password Rules, a message appears that tells that the Image Data Encryption Passphrase entered cannot be used.

Enter the correct Image Data Encryption Passphrase. For details of the Password Rules, see

"Password Rules" on page 1-9

.

6

To prevent entry of a wrong Image Data Encryption Passphrase, enter the 20-digit Image Data

Encryption Passphrase once again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the HDD Settings screen.

7

Touch [OK].

?

What if there is a mismatch in the Image Data Encryption Passphrase?

% If there is a mismatch in the Image Data Encryption Passphrase, a message appears that tells that there is a mismatch in the Image Data Encryption Passphrase. Perform steps 4 through 7 once again.

VarioLink 3622/4222/5022 2-68

Administrator Operations

2

8

Select the image data formatting method.

– HDD Format

Outline: Image data is deleted logically.

Date migration condition: Abbreviated address, Group address, Program address, Box information,

User registration, Group registration, Program memory are migrated, however, Audit log, Job history, Fax journal and encrypted PDF file are deleted.

Image data deletion condition: As it is the logical deletion, remaining information of the data remains at HDD.

Execution time: Around 30 seconds.

Operation method: Go to step 9 when HDD format is selected.

– Overwrite image data

Outline: Image data currently set is deleted.

Data migration condition: All data excepting image data is migrated.

Image data deletion condition: When Primary data overwrite function is ON, Image data is overwritten according to the setting condition of the Overwrite

Primary data. When the function is OFF, remaining data remains at

HDD.

Execution time: The time depends on the amount of image.

Operation method: Go to step 12, when Overwrite Image data is selected.

– Overwrite All data

Outline: HDD partitions that store image data are overwritten according to the set mode.

Data migration condition: Abbreviated address, Group address, Program address, Box information,

User registration, Group registration, Program memory are migrated, however, Audit log, Job history, Fax journal and encrypted PDF file are deleted.

Image data delete condition: All image data including remaining one is deleted.

Execution time: Execution time varies between 1 hour or less and 4 hours according to the mode set.

Operation method: Go to step 15 when Overwrite All data is selected.

9

A message will appear that confirms whether the HDD may be formatted or not.

Select the [Yes] and touch [OK].

10

"Now formatting HDD. Please wait." message appears.

VarioLink 3622/4222/5022 2-69

Administrator Operations

11

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

2

12

A message appears asking whether you want to overwrite image data. Select [YES] and touch [OK].

13

"All data is being overwritten and cleared. Please wait." message appears.

14

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

15

Select the desired mode and touch [Delete].

The overwrite method can be chosen from eight different modes of [Mode 1] to [Mode 8]. Overwrite All

Data takes about 1 hour in [Mode 1] at the minimum and about 4 hours in [Mode 8] at the maximum.

For the overwrite methods of [Mode 1] to [Mode 8], see

"Setting the Overwrite All Data function" on page 2-78

.

VarioLink 3622/4222/5022 2-70

Administrator Operations

16

A message appears asking whether you want to overwrite all data. Select [YES] and touch [OK].

2

17

"All data is being overwritten and cleared. Please wait." message appears.

18

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

VarioLink 3622/4222/5022 2-71

Administrator Operations

2

2.12

Protecting Data Stored in the Flash Memory

The administrator settings in this machine allow setting or changing the Flash Memory Lock Password that is used to authenticate the Administrator of the machine.

Should the flash memory be removed unawares, the Flash Memory Lock Password locks the flash memory protecting data contained in it. The Flash Memory Lock Password entered is displayed as "*."

2

Note

Set unique password for Flash Memory Lock Password. Do not set any number that can easily guessed from birthdays, employee identification numbers, and the like for Flash Memory Lock Password.

Change the Flash Memory Lock Password at regular intervals.

Make sure that nobody but the Administrator of the machine comes to know the Flash Memory Lock

Password.

2

Note

When the Flash Memory Lock Password is set, flash memory verification is carried out when the machine is started. If the flash memory is illegally replaced with another and the flash memory cannot be unlocked by the Flash Memory Lock Password, the machine sounds an alert and stops booting while displaying an hourglass icon on the control panel. If the flash memory does not have the Flash

Memory Lock Password setting, the control panel displays Service Call "SC-D303", a message that tells there is a mismatch between the flash memory and the Flash Memory Lock Password.

The flash memory has the following function. Even if the flash memory is illegally removed or replaced with another, detection of a wrong Flash Memory Password five consecutive times will lock the authentication function. Leak of data can thus be prevented.

2.12.1

Setting the Flash Memory Lock Password

2

Note

When the main power switch is turned OFF and ON, wait at least 10 seconds to turn it ON again after turning it OFF. If there is no interval between turning the main power switch OFF and ON, the machine may not function properly. Here is the sequence through which the main power switch and sub power switch are turned ON and OFF.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<Setting can be made only from the control panel>

0

For the procedure to call the Security Settings menu to the display, see steps 1 and 2 of

"Setting the

Enhanced Security Mode" on page 2-11

.

1

Call the Security Settings to the screen from the control panel.

VarioLink 3622/4222/5022 2-72

Administrator Operations

2

Touch [Forward]

.

3

Touch [Flash Memory Lock Password].

2

4

Enter the 20-digit Flash Memory Lock Password from the keyboard and key pad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

VarioLink 3622/4222/5022 2-73

Administrator Operations

2

5

Touch [OK].

?

What happens if the Flash Memory Lock Password entered does not meet the requirements of

Password Rules?

% If the Flash Memory Password entered does not comply with the Password Rules, a message appears saying that the Flash Memory Password entered cannot be used. Enter the correct Flash

Memory Lock Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% To change the Flash Memory Lock Password, see

"Changing the Flash Memory Lock Password" on page 2-75

6

To prevent entry of a wrong password, enter the 20-digit Flash Memory Lock Password once again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

7

Touch [OK].

?

What happens if there is a mismatch in the Flash Memory Lock Passwords?

% If there is a mismatch in the Flash Memory Lock Passwords, a message appears saying that there is a mismatch in the Flash Memory Lock Passwords. Perform steps 4 to 6 once again.

8

Make sure that a message appears promoting you to turn OFF and ON the main power switch. Turn

OFF and ON the main power switch.

2

Note

NEVER forget the Flash Memory Lock Password set through the above procedure. The Flash Memory

Lock Password must be entered when changing or canceling the Flash Memory Lock Password.

VarioLink 3622/4222/5022 2-74

Administrator Operations

2

2.12.2

Changing the Flash Memory Lock Password

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

2

Note

When the main power switch is turned OFF and ON, wait at least 10 seconds to turn it ON again after turning it OFF. If there is no interval between turning the main power switch OFF and ON, the machine may not function properly. Here is the sequence through which the main power switch and sub power switch are turned ON and OFF.

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch.

<Setting can be made only from the control panel>

0 To call the Flash Memory Lock Password entry screen to the display, see steps 1 through 3 of

"Setting the Flash Memory Lock Password" on page 2-72

.

1

Call the Flash Memory Lock Password entry screen to the display from the control panel.

2

Enter the 20-digit Flash Memory Lock Password from the keyboard and key pad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

3

Select [Edit] and touch [OK].

?

What happens if the Flash Memory Lock Password entered does not meet the requirements of

Password Rules?

% If the Flash Memory Password entered does not comply with the Password Rules, a message appears saying that the Flash Memory Password entered cannot be used. Enter the correct Flash

Memory Lock Password. For details of the Password Rules.

VarioLink 3622/4222/5022 2-75

Administrator Operations

4

Enter the 20-digit new Flash Memory Lock Password from the keyboard and key pad.

2

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

5

Touch [OK].

?

What happens if the Flash Memory Lock Password entered does not meet the requirements of

Password Rules?

% If the Flash Memory Password entered does not comply with the Password Rules, a message appears saying that the Flash Memory Password entered cannot be used. Enter the correct Flash

Memory Lock Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

6

To prevent entry of a wrong password, enter the 20-digit Flash Memory Lock Password once again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the Security Settings screen.

7

Touch [OK].

?

What happens if there is a mismatch in the Flash Memory Lock Passwords?

% If there is a mismatch in the Flash Memory Lock Passwords, a message appears saying that there is a mismatch in the Flash Memory Lock Passwords. Perform steps 4 to 6 once again.

VarioLink 3622/4222/5022 2-76

Administrator Operations

8

Make sure that a message appears promoting you to turn OFF and ON the main power switch. Turn

OFF and ON the main power switch.

2

2

Note

NEVER forget the Flash Memory Lock Password set through the above procedure. The Flash Memory

Lock Password must be entered when changing or canceling the Flash Memory Lock Password.

VarioLink 3622/4222/5022 2-77

Administrator Operations

2.13

2

Overwrite All Data Function

When access to the Administrator Settings by the Administrator of the machine via the control panel is authenticated, the machine enables setting of the operation of the Overwrite All Data function.

When the machine is to be discarded or use of a leased machine is terminated at the end of the leasing contract, the Overwrite All Data function overwrites and erases all data stored in all spaces of the HDD. The function also resets all passwords saved in the NVRAM and all user settings saved in the flash memory to factory settings, preventing leak of data. For details of items that are cleared by the Overwrite All Data function, see

"Types of Data Cleared by Overwrite All Data Function" on page 1-11

.

The HDD Overwrite Method offers the choice of eight different modes, [Mode 1] through [Mode 8]. Overwrite

All Data takes about less than one hour in [Mode 1] at the minimum and about 4 hours in [Mode 8] at the maximum.

Mode

Mode 1

Mode 2

Mode 3

Mode 4

Mode 5

Mode 6

Mode 7

Mode 8

Description

Overwrites once with 0x00.

Overwrites with random numbers

→ random numbers → 0x00.

Overwrites with 0x00

→ 0xff → random numbers → verifies.

Overwrites with random numbers

→ 0x00 → 0xff.

Overwrites with 0x00

→ 0xff → 0x00 → 0xff.

Overwrites with 0x00

→ 0xff → 0x00 → 0xff → 0x00 → 0xff → random numbers.

Overwrites with 0x00

→ 0xff → 0x00 → 0xff → 0x00 → 0xff → 0xaa.

Overwrites with 0x00

→ 0xff → 0x00 → 0xff → 0x00 → 0xff → 0xaa → verifies.

2.13.1

Setting the Overwrite All Data function

2

Note

When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. if there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch → Turn on the sub power switch

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

VarioLink 3622/4222/5022 2-78

Administrator Operations

2

<Setting can be made only from the control panel>

0

For the procedure to call the HDD Settings menu to the display, see steps 1 and 2 of

"Setting the HDD

Lock Password" on page 2-56

.

1

Call the HDD Settings to the screen from the control panel.

2

Touch [Overwrite All Data].

3

Select the desired mode and touch [Delete].

4

A message appears that prompts you to confirm whether you want to overwrite all data.

Select [Yes] and touch [OK].

VarioLink 3622/4222/5022 2-79

Administrator Operations

5

Make sure that a message appears prompting you to turn OFF and then ON the main power switch.

Now, turn OFF and then turn ON the main power switch.

2

2

Note

After the main power switch has been turned on, quickly turn it off and give the machine to the Service

Engineer. If the Overwrite All Data function is executed by mistake, contact the Service Engineer. For more details, consult the Service Representative.

VarioLink 3622/4222/5022 2-80

Administrator Operations

2

2.14

SSL Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables the setting of encryption of image data transmitted and received between the PC and the machine.

2.14.1

Setting the SSL

2

Note

Do not leave the machine with the Admin Mode setting screen left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Admin Mode.

For encryption strength, select the strong "DES, RC4-40, RC4-128, 3DES-168, or AES- 256."

<Setting can be made only from Web Connection>

0 For the procedure to call the Admin Mode to the display, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Security] tab and the [SSL/TLS Setting] menu.

3

Click the [Setting] menu.

VarioLink 3622/4222/5022 2-81

Administrator Operations

4

Select [Create a self-signed Certificate] and click [OK].

5

Select the Encryption Strength.

2

6

Select "Admin. Mode and User Mode" for "Mode using SSL/TLS."

VarioLink 3622/4222/5022 2-82

Administrator Operations

7

Make the necessary settings.

2

?

What if data entered for each item does not meet the requirements?

% If data entered for each item does not meet the requirements, a message appears that tells that the data entered is wrong.

8

Click the [OK].

The certificate can now be registered.

– The key length set for the public key of the server generated in SSL certificate setting is 1024 bits.

VarioLink 3622/4222/5022 2-83

Administrator Operations

2.14.2

Changing the Encryption Strength Setting

2

Note

Do not leave the machine with the Admin Mode setting screen left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Admin Mode.

For encryption strength, select the strong "DES, RC4-40, RC4-128, 3DES-168, or AES- 256."

<Setting can be made only from Web Connection>

0

For call the SSL/TLS Setting menu to the display, see steps 1 through 3 of

"Setting the SSL" on page 2-81

.

1

Start Web Connection and call the SSL/TLS Setting menu to the display.

2

Select [Set an Encryption Strength] and click the [OK].

2

3

Select Encryption Strength and click [OK].

4

Click the [OK].

VarioLink 3622/4222/5022 2-84

Administrator Operations

2.14.3

Changing the Mode Using SSL

2

Note

Do not leave the machine with the Admin Mode setting screen left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Admin Mode.

Select "Admin. Mode and User Mode" for "Mode using SSL/TLS."

<Setting can be made only from Web Connection>

0

For call the SSL/TLS Setting menu to the display, see steps 1 through 3 of

"Setting the SSL" on page 2-81

.

1

Start Web Connection and call the SSL/TLS Setting menu to the display.

2

Select [Set Mode using SSL] and click the [OK].

2

3

Select Mode using SSL/TLS and click [OK].

4

Click the [OK].

VarioLink 3622/4222/5022 2-85

Administrator Operations

2.14.4

Removing a Certificate

2

Note

Do not leave the machine with the Admin Mode setting screen left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Admin Mode.

<Setting can be made only from Web Connection>

0

For call the SSL/TLS Setting menu to the display, see steps 1 through 3 of

"Setting the SSL" on page 2-81

.

1

Start Web Connection and call the SSL/TLS Setting menu to the display.

2

Select [Remove a Certificate] and click the [OK].

2

3

Click the [OK].

4

Click [OK] and restart the machine.

– No certificates can be removed if Enhanced Security Mode is set to [ON].

VarioLink 3622/4222/5022 2-86

Administrator Operations

2

2.15

S/MIME Communication Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables the setting of encryption of text of e-mail transmitted and received between the PC and the machine.

2.15.1

Setting the S/MIME Communication

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

To send S/MIME communications, it becomes necessary to register the certificate at the destination.

Set 1024 bits or more for the key length of the RSA public key for the certificate of each destination.

[NO] should be selected for [Automatically Obtain Certificates], so that no certificates are registered

through automatic acquisition. For registration of certificates, see

"Registering the certificate" on page 2-92

.

For encryption strength, select the strong "3DES," "AES- 128," "AES- 192," or "AES- 256." If the mail software being used does not support AES, encrypted mail messages may be received, but they cannot be decrypted. Use AES-compliant mail software or select the encryption strength that is the strongest of all compliant with the currently used mail software.

!

Detail

Each encryption strength code represents the following.

Name : encryption algorithm : encryption key length

3DES : 3 key triple DES : 168 bits

AES- 128 : AES : 128bit

AES- 192 : AES : 192bit

AES- 256 : AES : 256bit

<From the Control Panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [Network Settings].

3

Touch [E-Mail Settings].

VarioLink 3622/4222/5022 2-87

Administrator Operations

4

Touch [S/MIME Communication Settings].

5

Select [ON] and [E-Mail Text Encryption Method].

6

Select encryption strength and touch [OK].

7

Touch [OK].

VarioLink 3622/4222/5022

2

2-88

Administrator Operations

8

Select [Automatically Obtain Certificates].

2

9

Select [NO] and touch [OK].

2

Note

To ensure that correct certificate is registered, do not register certificates through [Automatically Obtain

Certificates]. For registration of certificates, see

"Registering the certificate" on page 2-92

.

VarioLink 3622/4222/5022 2-89

Administrator Operations

2

<From Web Connection>

0 For the procedure to call the Admin Mode to the display, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Network] tab.

3

Click the [S/MIME] of the [E-mail Setting] menu.

VarioLink 3622/4222/5022 2-90

Administrator Operations

4

Make a necessary settings.

5

Click the [OK].

6

Click the [OK].

2

VarioLink 3622/4222/5022 2-91

Administrator Operations

2.15.2

Registering the certificate

2

Note

Do not leave the machine with the Admin Mode setting screen left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Admin Mode.

To register an authorized certificate, do not register one using [Automatically Obtain Certificates] of

[S/MIME Communication Setting] in Administrator Settings.

Set 1024 bits or more for the key length of the RSA public key for the certificate of each destination.

2

<From Web Connection>

0 For the procedure to call the Admin Mode to the display, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Address Book] menu of the [Store Address] tab.

3

Click the [New Registration].

– To change the details of a previously registered destination, click [Edit].

VarioLink 3622/4222/5022 2-92

Administrator Operations

4

Select the [E-mail] and click the [OK].

5

Click to select [Registration of Certification Information] and, through [Browse], set the certificate information. If certificate information is to be deleted, select [Deletion of Certification Information].

2

6

Make a necessary settings.

?

Are there any precautions to be used when making settings?

% Any number that has previously been registered cannot be registered.

% If Name and E-mail Address have not been registered, a message appears that tells that Name and

E-mail Address are yet to be entered. Enter the correct Name and E-mail Address.

7

Click the [OK].

VarioLink 3622/4222/5022 2-93

Administrator Operations

2

2.16

SNMP Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables changing of the SNMP v3 Write User Password (auth-password, priv-password) required for accessing the MIB object over the network using the SNMP from the PC. In Web Connection, import/export of the Device Setting is enabled, allowing the setting for Security Level of SNMP v3 Setting to be saved or the saved backup data to be restored.

Each of the auth-password and priv-password can consist of 8 to 32 digits. The password entered for the authentication purpose appears as "*" or "

●" on the display.

2.16.1

Changing the auth-password and priv-password

2

Note

For tightening security, set priv-password without fail.

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0 For the procedure to call the Administrator Settings to the display, see

"Accessing the Administrator

Settings" on page 2-2

.

1

Call the Administrator Settings to the screen from the control panel.

2

Touch [Network Settings].

3

Touch [SNMP Settings].

VarioLink 3622/4222/5022 2-94

Administrator Operations

4

Touch [Forward

¡] to show the [2/3] and touch [SNMP v3 Settings].

2

5

Touch [Forward

¡] to show the [4/5] SNMPv3/Write Settings screen.

6

Select [auth-password] or [auth-password/priv-password] of Security Level and touch [Password

Setting].

VarioLink 3622/4222/5022 2-95

Administrator Operations

7

Touch [Write auth].

2

8

Enter the new 8-digit-or-more auth-password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the previous screen.

9

Touch [OK].

– Go to step 10 if [auth-password/priv-password] has been selected in step 6.

?

What happens if the auth-password entered does not meet the requirements of the Password

Rules?

% If the auth-password entered does not comply with the Password Rules, a message appears that tells that the auth-password entered cannot be used. Enter the correct auth-password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-96

Administrator Operations

10

Touch [Write priv].

2

11

Enter the new 8-digit-or-more priv-password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the previous screen.

12

Touch [OK].

?

What happens if the priv-password entered does not meet the requirements of the Password Rules?

% If the priv-password entered does not comply with the Password Rules, a message appears that tells that the priv-password entered cannot be used. Enter the correct priv-password. For details of

the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-97

Administrator Operations

2

<From Web Connection>

0 For the procedure to call the Admin Mode to the display, see

"Accessing the Administrator Settings" on page 2-2

.

1

Start Web Connection and access the Admin Mode.

2

Click the [Network] tab.

3

Click the [SNMP Setting] menu.

4

Enter the auth-password and priv-password in the boxes marked by the rectangle, that is, the Write side SNMP v3 Setting.

VarioLink 3622/4222/5022 2-98

Administrator Operations

2

5

Click the [OK].

?

What happens if the auth-password and priv-password entered does not meet the requirements of the Password Rules?

% If the auth-password and priv-password entered does not comply with the Password Rules, a message appears that tells that the auth-password and priv-password entered cannot be used.

Enter the correct auth-password and priv-password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 2-99

Administrator Operations

2

2.16.2

SNMP access authentication function

If the settings of the Administrator mode are to be changed using SNMP from the PC, the user attempting to gain access is authenticated to be the Administrator of the machine by using the Write User Name and SNMP

Password (auth-password, priv-password) of the SNMP v3 Write settings made in this machine.

Operation of the network setting function and the SNMP password change function of the security control functions that can be used over the network using SNMP is granted to the Administrator who is identified by a matching SNMP password for the Write User Name.

The entry of a wrong SNMP password (auth-password, priv-password) is counted as unauthorized access, if the Enhanced Security Mode is set to [ON]. If a wrong SNMP password (auth-password, priv-password) is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, the machine is set into an access lock state, rejecting any more logon attempts. To reset the access lock state, the Administrator of the machine should perform the procedure for resetting the operation prohibited state.

!

Detail

If [auth-password] has been selected for Security Level, hashing is used for the authentication information (auth-password) to be transmitted. The machine uses HMAC-MD5 for hashing.

If [auth-password/priv-password] has been selected for Security Level, the authentication information

(auth-password/priv-password) and data (object ID that specifies the object to be changed, value to be set, etc.) to be transmitted are used for hashing and encryption. The machine uses CBC-DES for encryption.

For accessing the MIB, use the MIB browser corresponding to the above encryption algorithm.

2.16.3

SNMP v3 setting function

The Administrator who has been authenticated through SNMP access authentication from the PC is allowed to operate the SNMP password change function.

The entry of a wrong SNMP password (auth-password, priv-password) is counted as unauthorized access, if the Enhanced Security Mode is set to [ON]. If a wrong SNMP password (auth-password, priv-password) is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, the machine is set into an access lock state, rejecting any more logon attempts. To reset the access lock state, the Administrator of the machine should perform the procedure for resetting the operation prohibited state.

For the auth-password and priv-password, enter the password that meets the requirements of the Password

Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

To change the setting, specify the corresponding object ID. See the table below for the setting items.

Setting Item

Write User Name

Security Level auth-password priv-password

Object ID

1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.2.2

1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.3.2

1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.4.2

1.3.6.1.4.1.18334.1.1.2.1.5.6.4.2.1.5.2

VarioLink 3622/4222/5022 2-100

Administrator Operations

2

2.16.4

SNMP network setting function

The Administrator who has been authenticated through SNMP access authentication from the PC is allowed to operate the network setting function. To change the setting, specify the corresponding object ID. See the table below for the setting items.

Setting Item

IP address setting IP Address

BOOT Protocol use setting

BOOT Protocol Type

DNS server address setting

SMTP server address setting

NetWare setting Print Server Name

Printer Name

AppleTalk Printer Name Setting

NetBIOS setting

Object ID

1.3.6.1.4.1.18334.1.1.2.1.5.7.1.1.1.3.1

1.3.6.1.4.1.18334.1.1.2.1.5.7.1.1.1.6.1

1.3.6.1.4.1.18334.1.1.2.1.5.7.1.1.1.7.1

1.3.6.1.4.1.18334.1.1.2.1.5.7.1.2.1.3.1.1

1.3.6.1.4.1.18334.1.1.2.1.5.7.13.1.1.3.1

1.3.6.1.4.1.18334.1.1.2.1.5.8.3.1.3.1.1

1.3.6.1.4.1.18334.1.1.2.1.5.8.5.1.3.1.1

1.3.6.1.4.1.18334.1.1.2.1.5.9.2.1.3.1.1

1.3.6.1.4.1.18334.1.1.2.1.5.10.1.1.4.1

VarioLink 3622/4222/5022 2-101

Administrator Operations

2

2.17

TCP/IP Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables setting of the IP Address and registration of the DNS Server.

2.17.1

Setting the IP Address

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the Network Settings menu to the display, see steps 1 and 2 of

"Changing the auth-password and priv-password" on page 2-94

.

1

Call the Network Settings to the screen from the control panel.

2

Touch [TCP/IP Settings].

3

Touch [IP Settings].

4

Touch [Manual Input].

5

Select [IP Address] and set the IP Address.

– If [Auto Input] has been selected for IP Application Method in step 4, select the means of acquiring the IP Address automatically from among DHCP Settings, BOOTP Settings, ARP/PING Settings,

AUTO IP Settings, and the like.

6

Touch [OK].

<From Web Connection>

0 For the procedure to call the Network menu to the display, see steps 1 and 2 of

"Changing the authpassword and priv-password" on page 2-94

.

1

Start the Web Connection and call the Network menu to the display.

2

Click the [TCP/IP Setting] menu.

3

Select [Manual Setting] from the IP Address Setting Method pull-down menu.

4

Enter the IP Address in the "IP Address" box.

– If [Auto Setting] is selected from the IP Address Setting Method pull-down menu in step 3, select the means with which to acquire the IP Address automatically, including DHCP, BOOTP, ARP/PING, and AUTOIP setting.

5

Click the [OK].

6

Click the [OK].

7

Click the [Logout].

VarioLink 3622/4222/5022 2-102

Administrator Operations

2

2.17.2

Registering the DNS Server

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the TCP/IP settings screen to the display, see steps 1 through 3 of

"Setting the IP Address" on page 2-102

.

1

Call the TCP/IP settings screen to the display from the control panel.

2

Make the various settings for the DNS Server.

– If [Enable] is selected from the DNS Server Auto Obtain and DNS Domain Auto Obtain, the DNS

Server Address and DNS Domain Name are automatically acquired.

3

Touch [OK].

<From Web Connection>

0 For the procedure to call the TCP/IP setting menu to the display, see steps 1 and 2 of

"Setting the IP

Address" on page 2-102

.

1

Start the Web Connection and call the TCP/IP Setting menu to the display.

2

Enter the address in the DNS Server box.

– If [Enable] is selected from the DNS Server Auto Obtain and DNS Domain Auto Obtain pull-down menus, the DNS Server Address and DNS Domain Name are automatically acquired.

3

Make the necessary settings.

4

Click the [OK].

5

Click the [OK].

6

Click the [Logout].

VarioLink 3622/4222/5022 2-103

Administrator Operations

2

2.18

NetWare Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables registration as the Print Server.

2.18.1

Making the NetWare Setting

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the Network Settings menu to the display, see steps 1 and 2 of

"Changing the auth-password and priv-password" on page 2-94

.

1

Call the Network Settings to the screen from the control panel.

2

Touch [NetWare Settings].

3

Make the necessary settings.

4

Touch [OK].

<From Web Connection>

0 For the procedure to call the Network menu to the display, see steps 1 and 2 of

"Changing the authpassword and priv-password" on page 2-94

.

1

Start the Web Connection and call the Network menu to the display.

2

Click the [NetWare Setting] menu.

3

Make the necessary settings.

4

Click the [OK].

5

Click the [OK].

6

Click the [Logout].

VarioLink 3622/4222/5022 2-104

Administrator Operations

2

2.19

SMB Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables setting of the NetBIOS Name.

2.19.1

Setting the NetBIOS Name

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the Network Settings menu to the display, see steps 1 and 2 of

"Changing the auth-password and priv-password" on page 2-94

.

1

Call the Network Settings to the screen from the control panel.

2

Touch [SMB Settings].

3

Touch [Print Settings].

4

Touch [NetBIOS Name].

5

Make the necessary settings.

6

Touch [OK].

<From Web Connection>

0 For the procedure to call the Network menu to the display, see steps 1 and 2 of

"Changing the authpassword and priv-password" on page 2-94

.

1

Start the Web Connection and call the Network menu to the display.

2

Click the [SMB Setting] menu.

3

Click the [Print Setting] menu.

4

Enter the NetBIOS Name in the "NetBIOS Name" box.

5

Click the [OK].

6

Click the [OK].

7

Click the [Logout].

VarioLink 3622/4222/5022 2-105

Administrator Operations

2

2.20

AppleTalk Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables making of the AppleTalk Settings.

2.20.1

Making the AppleTalk Setting

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the Network Settings menu to the display, see steps 1 and 2 of

"Changing the auth-password and priv-password" on page 2-94

.

1

Call the Network Settings to the screen from the control panel.

2

Touch [AppleTalk Settings].

3

Make the necessary settings.

4

Touch [OK].

<From Web Connection>

0 For the procedure to call the Network menu to the display, see steps 1 and 2 of

"Changing the authpassword and priv-password" on page 2-94

.

1

Start the Web Connection and call the Network menu to the display.

2

Click the [AppleTalk Setting] menu.

3

Make the necessary settings.

4

Click the [OK].

5

Click the [OK].

6

Click the [Logout].

VarioLink 3622/4222/5022 2-106

Administrator Operations

2

2.21

E-Mail Setting Function

When access to the Administrator of the machine by the Administrator Settings is authenticated, the machine enables setting of the SMTP Server (E-Mail Server).

2.21.1

Setting the SMTP Server (E-Mail Server)

2

Note

Do not leave the machine with the setting screen of Administrator Settings left shown on the display. If it is absolutely necessary to leave the machine, be sure first to log off from the Administrator Settings.

<From the Control Panel>

0

For the procedure to call the Network Settings menu to the display, see steps 1 and 2 of

"Changing the auth-password and priv-password" on page 2-94

.

1

Call the Network Settings to the screen from the control panel.

2

Touch [E-Mail Settings].

3

Touch [E-Mail TX (SMTP)].

4

Make the necessary settings.

5

Touch [OK].

<From Web Connection>

0 For the procedure to call the Network menu to the display, see steps 1 and 2 of

"Changing the authpassword and priv-password" on page 2-94

.

1

Start the Web Connection and call the Network menu to the display.

2

Click the [E-mail Setting] menu.

3

Click the [E-mail TX (SMTP)] menu.

4

Make the necessary settings.

5

Click the [OK].

6

Click the [OK].

7

Click the [Logout].

VarioLink 3622/4222/5022 2-107

Administrator Operations

2.22

Setting PC-FAX receiving

You can set whether or not to use PC-FAX receive function when the optional hard disk is mounted.

2.22.1

Setting PC-FAX receive

<From the Control Panel>

When the function to be used, set the following contents.

2

Item

Receiving User Box Destination

Print

Password Check

Explanation

Received data is output or input to forced memory inbox or specified box. [Specified User Box] is selected, the data is stored at the box whose number is assigned with F code Sub address.

It is set whether or not to print after receiving data.

It can set password check/communication password (within 8 digits).

!

Detail

When Dial-in is set ON, [Dial-in only] is appeared after [Allow]. PC-FAX receiving setting cam be made only when the data is received with dial-in number.

FAX input data is saved to the box as TIFF.

When a user [Specified User Box] set at when data is sent out, the received data will be saved at print or forced memory inbox according to the conditions set for FAX receiving. Also when a new box is assigned with the same box number after [Specified User Box] is deleted, the data will be saved at the newly assigned inbox, Therefore you should be careful with the number assigned.

VarioLink 3622/4222/5022 2-108

Administrator Operations

2.23

Setting TSI distribution

When the optional hard disk is mounted, TSI distribution function will be available.

2.23.1

Setting TSI distribution

<From the Control Panel>

When the optional hard disk is mounted, you can set whether or not to use TSI distribution system.

2

Item

Action when TSI User Box is not set

Print

TSI User Box Registration

Explanation

Setting when applicable boxes do not exist

[Automatically Print]: Received data will be printed out

[Memory RX User Box]: Data will be saved to forced memory inbox

Setting whether or not to print after receiving data

To register where the TSI is distributed to.

2.23.2

Setting TSI distribution and register TSI distribution

<From the Control Panel>

You can register up to 128 where the received data is distributed. Select the number to be set and press

[Edit].

2

Reminder

To delete the registered one, select the number and press [Delete].

VarioLink 3622/4222/5022 2-109

Administrator Operations

2

2.23.3

Setting TSI distribution and register TSI distribution

<From the Control Panel>

Received fax can be distributed to other machine or box of this machine. Fax ID of sender is entered at

[Sender (TSI)] and the place the data to be distributed to is set at [Forwarding Destination]. To distribute to other machine, specify the place at [Select from Address Book]. To distribute to the box of this machine, specify it at [Search by User Box Number].

!

Detail

Confidential inbox or terminal box cannot be set as the distribution target.

When saving high confidential document, do not make box save via FAX.

When [Box] specified to save TSI is not available, the data will be saved at print or forced memory inbox according to the condition set for [Action when TSI User Box is not set]. Also when a new box is assigned with the same box number after [Box] set for the TSI is deleted, the data will be stored at the newly assigned box, Therefore you should be careful with the number assigned.

VarioLink 3622/4222/5022 2-110

3

User Operations

User Operations

3

3

3.1

3.1.1

User Operations

User Authentication Function

When [ON (MFP)] or [ON (External Server)] (Active Directory) is set for Authentication Method of the

Administrator Settings, the User Authentication function implements authentication of the user of this machine before he or she actually uses it through the User Password that consists of 8 to 64 digits. During the authentication procedure, the User Password entered for the authentication purpose appears as "*" or

"

●" on the display.

When the Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

2

Note

Before operating the machine, the user him/herself should change the User Password from that registered by the Administrator of the machine. For details of changing the User Password, see

"Performing Change Password" on page 3-9

. For more details of User Name and User Password,

ask the Administrator of the machine.

If the User Password is changed by the Administrator of the machine during operation of this machine, the user him/herself should immediately change the User Password.

Performing user authentication

If a document is stored in the ID & Print User Box, select any desired login method.

2

Note

Do not leave the machine while you are in the user (account) operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user (account) operation mode.

Make absolutely sure that your User Password is not known by any other users.

2

Reminder

If any User Name not registered with this machine is authenticated through User Authentication when

[ON (External Server)] (Active Directory) is set for Authentication Method, the User Name is automatically registered with this machine.

VarioLink 3622/4222/5022 3-2

User Operations

<From the Control Panel>

1

Touch [User Name].

2

Enter the User Name from the keyboard and keypad.

– Press [C] or touch [Undo] to clear the value entered.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

3

Touch [OK].

4

Touch [Password].

3

VarioLink 3622/4222/5022 3-3

User Operations

5

Enter the 8-to-64-digit User Password from the keyboard or keypad.

3

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 4.

6

Touch [OK].

7

Press [Access] or touch [Login].

– Go to step 15 if User Authentication only has been set, or "Synchronize" has been set for

Synchronize User Authentication & Account Track.

?

What if a wrong User Name or User Password is entered?

% If a wrong User Name is entered, a message appears that tells that authentication has not been successful. The machine then prohibits entry for User Authentication for 5 sec. and then causes the screen of step 1 to reappear. Perform User Authentication once again.

% If there is a mismatch of User Password relative to the registered User Name, a message appears that tells that authentication has not been successful. The machine then prohibits entry of User

Name and User Password for 5 sec. and then causes the screen of step 4 to reappear. Enter the correct User Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Password is counted as unauthorized access. If a wrong User Password for the corresponding User Name entered is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

8

Touch [Account Name].

VarioLink 3622/4222/5022 3-4

User Operations

9

Enter the Account Name from the keyboard and keypad.

3

– Press [C] or touch [Undo] to clear the value entered.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

10

Touch [OK].

11

Touch [Password].

12

Enter the 8-digit Account Password from the keyboard or keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 11.

13

Touch [OK].

VarioLink 3622/4222/5022 3-5

User Operations

3

14

Press [Access] or touch [Login].

?

What if a wrong Account Name or Account Password is entered?

% If a wrong Account Name is entered, a message appears that tells that authentication has not been successful. The machine then prohibits entry for Account authentication for 5 sec. and then causes the screen of step 1 to reappear. Perform Account authentication once again.

% If there is a mismatch of Account Password relative to the registered Account Name, a message appears that tells that authentication has not been successful. The machine then prohibits entry of

Account Name and Account Password for 5 sec. and then causes the screen of step 11 to reappear.

Enter the correct Account Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong Account Password is counted as unauthorized access. If a wrong Account Password for the corresponding Account Name entered is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

15

Pressing the [Access] key will show the following screen.

Select [Yes] and touch [OK] to log off from the user operation mode.

– The following screen appears if Account Track has been set.

VarioLink 3622/4222/5022 3-6

User Operations

<From Web Connection>

1

Start the Web browser.

2

Enter the IP address of the machine in the address bar.

3

Press the [Enter] key to start Web Connection.

4

Click the Registered User radio button and enter the User Name and User Password.

3

– If Account Track has been set, enter the User Name, User Password, Account Name, and Account

Password.

– If "Synchronize" has been set for Synchronize User Authentication & Account Track, successful authentication results from simply entering the User Name and User Password.

VarioLink 3622/4222/5022 3-7

User Operations

3

5

Click the [Login].

?

What if a wrong User Name or User Password is entered?

% If there is a mismatch of User/Account Password relative to the registered User/Account Name, a message appears that tells that authentication has not been successful. Click [OK] to go back to the screen of step 4. Enter the correct User/Account Name and User/Account Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User/Account Password is counted as unauthorized access. If a wrong User/Account Password for the corresponding User/Account

Name entered is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

6

Clicking [Logout] will show the following screen.

Click [OK] to log off from the user operation mode.

VarioLink 3622/4222/5022 3-8

User Operations

3.2

3.2.1

3

Change Password Function

When [ON (MFP)] is set for Authentication Method of User Authentication, the machine permits each of all users who have been authenticated through User Authentication to change his or her User Password.

The User Password entered is displayed as "*" or "

●."

Performing Change Password

2

Note

Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user operation mode.

<From the Control Panel>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the control panel.

2

Press the [Utility/Counter] key.

3

Touch [User Settings].

4

Touch [Change Password].

VarioLink 3622/4222/5022 3-9

User Operations

5

Enter the currently registered 8-digit-or-more User Password from the keyboard and keypad.

3

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the previous screen.

6

Touch [OK].

?

What happens if there is a mismatch in the User Passwords?

% If there is a mismatch in the User Passwords, a message appears that tells that there is a mismatch in the User Passwords. Enter the correct User Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Password is counted as unauthorized access. If the current password is mistakenly entered a predetermined number of times (once to three times) set by the Administrator of the machine, the user authentication screen will reappear. A message then appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is now set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

7

From the keyboard or keypad, enter the new User Password that can consist of 8 to 64 digits.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 4.

8

Touch [OK].

?

What happens if the User Password entered does not meet the requirements of the Password

Rules?

% If the User Password entered does not comply with the Password Rules, a message appears that tells that the User Password entered cannot be used. Enter the correct User Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 3-10

User Operations

9

To prevent entry of a wrong password, enter the 8-to-64-digit User Password again.

3

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 4.

10

Touch [OK].

?

What happens if there is a mismatch in the User Passwords?

% If there is a mismatch in the User Passwords, a message appears that tells that there is a mismatch in the User Passwords. Perform steps 7 through 10 once again.

VarioLink 3622/4222/5022 3-11

User Operations

<From Web Connection>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the Web Connection.

2

Click the [Change User Password] menu of the [Information] tab or [Change Password].

3

3

Enter the currently registered User Password and a new User Password. Then, to make sure that you have entered the correct new password, enter the new User Password once again.

4

Click the [OK].

?

What happens if there is a mismatch in the Current Passwords?

% If there is a mismatch in the password between the currently registered User Password and the User

Password typed in the "Current Password" box, a message appears that tells there is a mismatch in the User Password. Click [OK] to go back to the user authentication screen. Then, perform steps

1 through 5 again.

?

What happens if the User Password entered in the New Password box fails to meet the requirements of the Password Rules?

% If the User Password entered in the "New Password" box fails to meet the requirements of the

Password Rules, a message appears that tells that the User Password entered cannot be used, as it fails to meet the requirements of the Password Rules. Click [OK] to go back to the screen of step

3. Perform steps 3 and 4 once again. For details of the Password Rules, see

"Password Rules" on page 1-9

.

?

What happens if there is a mismatch in the password between that entered in New Password and that entered in Retype New Password?

% If there is a mismatch in the password between that entered in the "New Password" box and that entered in the "Retype New Password" box, a message appears that tells that there is a mismatch in the User Password. Enter the correct User Password.

5

Click the [OK].

VarioLink 3622/4222/5022 3-12

User Operations

3.3

3.3.1

3

Secure Print Document Function

The Secure Print Document function allows a Secure Print Document specified by a corresponding password from the PC to be used in the condition registered in the machine.

To access a Secure Print Document file, authentication is performed through an 8-digit password that verifies an authenticated user of the Secure Print Document file. The password entered is displayed as "*." When the

Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

2

Note

When the Enhanced Security Mode is set to [ON], go through User Authentication by entering the User

Name and User Password registered in the machine through the printer driver of the PC. The password entered is displayed as "*." If the User Password does not correspond to the User Name entered, the

Secure Print Job is discarded without being registered. Entry of a wrong User Password is counted as unauthorized access. If a wrong User Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, the subsequent authentication operation is an access lock state and it is not possible to transmit the print job. As a result, the access lock state disables user authentication attempts from the control panel or Web Connection. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

Enter the Secure Print ID and password through the printer driver on the PC side. The password entered is displayed as "*."

The Secure Print password must be the one consisting of 8 digits and meeting the Password Rules requirements. Any Secure Print Document, the password for which does not meet the Password Rules

requirements, will not be registered in the machine. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

Accessing the Secure Print Document

2

Note

Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user operation mode.

For the Secure Print ID, enter the one that has been set on the printer driver side.

If a wrong Secure Print ID is entered, the target Secure Print Document will not be displayed. Enter the correct Secure Print ID.

For the Secure Print Password, enter the 8-digit one set on the printer driver side.

The machine rejects any Secure Print Password that consists of less than 8 digits.

VarioLink 3622/4222/5022 3-13

User Operations

<Setting can be made only from the control panel>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the control panel.

2

Press the [Box] key.

3

Touch [Use Document].

3

4

Touch [System User Box] tab.

5

Select [Secure Print User Box] and touch [OK].

VarioLink 3622/4222/5022 3-14

User Operations

6

Enter the Secure Print ID that consists of up to 16 digits from the keyboard and keypad.

3

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 5.

7

Touch [OK].

8

Select the desired Secure Print Document and touch [Enter Password].

– Two or more Secure Print Documents can be selected at the same time.

– Touching [Select All] will select all Secure Print Documents having the same ID shown in the list.

9

Enter the 8-digit Secure Print Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

VarioLink 3622/4222/5022 3-15

User Operations

3

– Touch [Cancel] to go back to the screen shown in step 8.

10

Touch [OK].

?

What if there is a mismatch of the Secure Print Password relative to the Secure Print ID?

% If there is a mismatch of the Secure Print Password relative to the Secure Print ID, a message appears that tells that authentication has not been successful. The machine then prohibits entry of the

Secure Print Password for 5 sec. Enter the correct Secure Print Password.

% If two or more Secure Print Documents have been selected in step 8, the machine counts as unauthorized access any Secure Print Document, the Secure Print Password of which is a mismatch.

% If the Enhanced Security Mode is set to [ON], entry of a wrong Secure Print Password is counted as unauthorized access. If a wrong Secure Print Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, disabling access to the Secure Print Document. To cancel the access lock state, the Administrator of the machine must perform the Release Setting.

Contact the Administrator of the machine.

11

Select the target Secure Print Document and touch [Print].

12

Check the details of the document and press the [Start] key or touch [Start].

2

– Touch [Cancel] to go back to the screen shown in step 11.

Reminder

If two or more Secure Print Documents, each having an identical Secure Print ID and Secure Print Password, have been registered, multiple Secure Print Documents can be printed at once.

VarioLink 3622/4222/5022 3-16

User Operations

3.4

3.4.1

3

User Box Function

For all users who have been authenticated through User/Account Authentication, the machine enables the operation of registering and changing the User Box. It also enables the operation of acquiring or printing image files saved in the User Box and sending of S/MIME encrypted image files.

User Box creates a User Box in the HDD as a space for storing an image file. User Box is available in three different types: Personal User Box which only the user who has logged on through User Authentication can use; Public User Box that is shared among two or more users who have previously registered; and Group

User Box that can be used by the user who has logged on through Account Authentication. Up to 1,000 User

Boxes can be registered.

A user who accesses the Personal User Box or Public User Box or Group User Box is authenticated through an 8-digit User Box Password. The password entered for the authentication purpose appears as "*" or "

●" on the display. When the Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

2

Reminder

If a job is executed in the copy, fax, scan, or printer mode by specifying a User Box number that has not been registered, the Personal User Box owned by the user who logged on through User Authentication is automatically registered.

If Account Track has not been enabled, Group User Box cannot be created.

Setting the User Box

2

Note

Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user operation mode.

If the User Box type is changed after a User Box Password has been set, it clears the User Box Password. Set the User Box Password once again.

<From the Control Panel>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the control panel.

2

Press the [Utility/Counter] key.

3

Touch [One-Touch/User Box Registration].

VarioLink 3622/4222/5022 3-17

User Operations

4

Touch [Create User Box].

5

Touch [Public/Personal User Box].

3

6

Touch [New].

?

What steps should be performed to change the User Box setting?

% For the procedure to change the User Box setting, see

"Changing the User Box Password and user attributes and account attributes" on page 3-23

.

VarioLink 3622/4222/5022 3-18

User Operations

7

Touch [Public] or [Personal] or [Group] to select the User Box type.

3

?

What steps should be performed to change the Owner Name of the User Box?

% When [Personal] is selected, [Change Owner] is displayed. Then, select the owner user.

% When [Group] is selected, [Change Account Name] is displayed. Then, select the account.

8

Touch [Password].

9

Enter the new 8-digit User Box Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 8.

VarioLink 3622/4222/5022 3-19

User Operations

3

10

Touch [OK].

?

What happens if the User Password entered does not meet the requirements of the Password

Rules?

% If the User Box Password entered does not meet the requirements of the Password Rules with

[Public] selected for User Box Type, a message appears that tells that the User Box Password that has been entered cannot be used. Enter the correct User Box Password. For details of the

Password Rules, see

"Password Rules" on page 1-9

.

11

To prevent entry of a wrong password, enter the 8-digit User Box Password again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 8.

12

Touch [OK].

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Passwords, a message appears that tells that there is a mismatch in the User Box Passwords. Perform steps 9 through 11 once again.

13

Make the necessary settings.

?

What if a User Box No. is duplicated?

% A User Box No. that has been registered cannot be registered anew.

?

What if no Name has been entered?

% If no Name has been registered, [OK] cannot be touched. Be sure to register the Name.

14

Touch [OK].

VarioLink 3622/4222/5022 3-20

User Operations

<From Web Connection>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the Web Connection.

2

Click the [Box] tab and the [Create User Box] menu.

3

3

Make the necessary settings.

?

Are there any precautions to be used when making settings?

% Be sure to enter the User Box Number, User Box Name, User Box Password, and Retype User Box

Password.

% A User Box Number that has been registered cannot be registered anew.

% If [Personal] is selected from the User Box Type pull-down menu, click [User List] and select the user from the registered user list, or enter the User Name of the owner of the User Box in the "Owner

Name" box.

% If [Group] is selected from the User Box Type pull-down menu, click [Account List] and select the user from the registered user list, or enter the Account Name of the owner of the User Box in the

"Account Name" box.

VarioLink 3622/4222/5022 3-21

User Operations

3

4

Click the [OK].

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules?

% If the User Box Password entered does not meet the requirements of the Password Rules with

[Public] selected for User Box Type, a message appears that tells that the User Box Password that has been entered cannot be used. Click [OK] to go back to the screen of step 3. Perform steps 3

through 4 once again. For details of the Password Rules, see

"Password Rules" on page 1-9

.

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the password between that entered in the "User Box Password" box and that entered in the "Retype User Box Password" box, a message appears that tells that there is a mismatch in the User Box Password. Enter the correct User Box Password.

?

What if no Owner Name, or a wrong one, has been entered?

% If no Owner Name is entered, a message appears that tells that no Owner Names have been entered. Enter the correct Owner Name.

% If a user name not registered with the machine is entered in the "Owner Name" box, a message appears that tells that the Owner Name entered in the box is illegal. Click [OK] to go back to the screen of step 3. Perform steps 3 through 4 once again.

?

What if no Account Name, or a wrong one, has been entered?

% If no Account Name is entered, a message appears that tells that no Account Names have been entered. Enter the correct Account Name.

% If a user name not registered with the machine is entered in the "Account Name" box, a message appears that tells that the Account Name entered in the box is illegal. Click [OK] to go back to the screen of step 3. Perform steps 3 through 4 once again.

?

What steps should be performed to change the User Box setting?

% For the procedure to change the User Box setting, see

"Changing the User Box Password and user attributes and account attributes" on page 3-23

.

5

Check the message that tells that the setting has been completed. Then, click [OK].

VarioLink 3622/4222/5022 3-22

User Operations

3.4.2

3

Changing the User Box Password and user attributes and account attributes

2

Note

Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user operation mode.

<From the Control Panel>

0 For the procedure to call the User Box screen to the display, see steps 1 through 5 of

"Setting the User

Box" on page 3-17

.

1

Call the User Box screen to the display from the control panel.

2

Select the target User Box and touch [Edit].

3

Enter the currently set 8-digit User Box Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 2.

4

Touch [OK].

– If the User Box Type has been changed, go to step 5. If the User Box Password has been changed, go to step 9.

– To change the owner user or owner account, perform steps 6 to 8.

VarioLink 3622/4222/5022 3-23

User Operations

3

?

What happens if there is a mismatch in the User Box Password?

% If there is a mismatch between the currently registered User Box Password and the User Box Password entered, a message appears that tells that there is a mismatch in the User Box Password and the screen of step 2 reappears. Perform steps 2 through 4 once again.

% If the Enhanced Security Mode is set to [ON], entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine, the screen of step 2 reappears and the machine is set into an access lock state. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

5

Select the User Box Type.

– [Change Owner] appears if the Box Type has been changed to [Personal]. Select the desired user name of the owner.

– [Change Account Name] appears if the Box Type has been changed to [Group]. Select the desired account name of the owner.

VarioLink 3622/4222/5022 3-24

User Operations

3

?

What happens when the User Box Type is changed?

% Changing the User Box Type clears the User Box Password. Perform steps 9 through 15 to set the

User Box Password.

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules when [Public] is set for the box type?

% If the User Box Password entered does not comply with the Password Rules with [Public] set for the box type, a message appears that tells that the User Box Password entered cannot be used. For details of the Password Rules, see

"Password Rules" on page 1-9

.

6

Touch [Change Owner] if the box type is [Personal] and touch [Change Account Name] if the box type is [Group].

7

For [Change Owner], select the desired user.

– For [Change Account Name], select the desired user.

8

Touch [OK].

VarioLink 3622/4222/5022 3-25

User Operations

9

Touch [Password].

3

10

Enter the currently set 8-digit User Box Password from the keyboard or keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 9.

11

Touch [OK].

?

What happens if the User Box Password entered does not meet the requirements of the Password

Rules?

% If the User Box Password entered does not match the current password, a message appears that tells that the User Box Password entered is wrong. Enter the correct User Box Password.

% If the Enhanced Security Mode is set to [ON], entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine, the screen of step 2 reappears and the machine is set into an access lock state. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

VarioLink 3622/4222/5022 3-26

User Operations

12

Enter the new 8-digit User Box Password from the keyboard and keypad.

3

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 9.

13

Touch [OK].

?

What precautions should be used when User Box Type is set to Public?

% If the User Box Password entered does not meet the requirements of the Password Rules with

[Public] set for User Box Type, a message appears that tells that the User Box Password entered cannot be used. Enter the correct User Box Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

14

To prevent entry of a wrong password, enter the 8-digit User Box Password again.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 9.

15

Touch [OK].

?

What happens if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Passwords, a message appears that tells that there is a mismatch in the User Box Passwords. Perform steps 12 through 15 once again.

VarioLink 3622/4222/5022 3-27

User Operations

<From Web Connection>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the Web Connection.

2

Click the [Box] tab and the [Open User Box] menu.

3

3

Enter the User Box Number and User Box Password of the target User Box and click [OK].

?

What if there is a mismatch between the User Box Number and User Box Password?

% If there is a mismatch between the User Box Number and User Box Password, a message appears that tells that authentication has not been successful. Click [OK] and perform step 3 once again.

% If the Enhanced Security Mode is set to [ON], entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

VarioLink 3622/4222/5022 3-28

User Operations

4

Click the [User Box Setting].

3

– Go to step 5 if the selected User Box Type is [Personal] or [Group], and go to step 6 if the selected

User Box Type is [Public].

?

What steps should be performed to delete a User Box?

% To delete a User Box, click [Delete User Box]. A message will then appear for confirming whether the specific User Box can definitely be deleted. Click [OK] to delete the specified User Box.

5

Click the "User Box Owner is changed." check box and change the user attributes of the box.

– Click [User List] to select a specific user from the registered User List.

– A user name may be directly entered in the Owner Name box.

– The following screen appears if the account attributes are to be changed.

– Click [Account List] to select a specific user from the registered User List.

– An account name may be directly entered in the Account Name box.

VarioLink 3622/4222/5022 3-29

User Operations

3

?

What happens if User Box Owner is changed. is clicked?

% If the "User Box Owner is changed." check box is clicked, it clears the User Box Password. Be sure to set the User Box Password again.

% If the "User Box Owner is changed." check box is not clicked, the changes made will not be validated. If the changes need to be made, make sure that the "User Box Owner is changed." check box has been clicked.

?

What steps can be taken to change the User Box Type?

% To change the User Box Type, click the User Box Type pull-down menu and select the desired User

Box Type.

?

What precautions should be used when entering the Owner Name?

% Enter the User Name that has been registered through User Registration for the Owner Name.

?

What precautions should be used when entering the Account Name?

% Enter the Account Name that has been registered through Account Track Registration for the Account Name.

6

Click the "User Box Password is changed." check box and enter the User Box Password.

?

What precautions should be used when entering the User Box Password?

% In the "Current Password" box, enter the currently set User Box Password.

% If the User Box Type has been set to [Public], enter a User Box Password that meets the requirements of the Password Rules in the "New Password" box. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% Enter the same User Box Password as that entered in the "New Password" box in the "Retype New

Password" box.

7

Click the [OK].

?

What if there is a mismatch in the Current User Box Passwords?

% If there is a mismatch in the Current User Box Passwords, a message appears that tells that there is a mismatch in the Current User Box Passwords. Click [OK] to go back to the screen of step 3.

Perform steps 3 through 7 once again.

?

What happens if the New User Box Password entered does not meet the requirements of the Password Rules with [Public] selected for the box type?

% If the User Box Password entered in the "New Password" box does not meet the requirements of the Password Rules with [Public] selected for the box type, a message appears that tells that the

User Box Password that has been entered cannot be used. Click [OK] to go back to the screen of

step 3. Perform steps 3 through 7 once again. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

?

What happens if there is a mismatch in the New User Box Password and the Retype New User Box

Password?

% If there is a mismatch in the password between that entered in the "New Password" box and that entered in the "Retype New Password" box, a message appears that tells that there is a mismatch in the User Box Password. Enter the correct User Box Password.

VarioLink 3622/4222/5022 3-30

User Operations

3

?

What if no Owner Name, or a wrong one, has been entered?

% If no Owner Name is entered, a message appears that tells that no Owner Names have been entered. Enter the correct Owner Name.

% If a user name not registered with the machine is entered in the "Owner Name" box, a message appears that tells that the Owner Name entered in the box is illegal. Click [OK] to go back to the screen of step 3. Perform steps 3 through 7 once again.

?

What if no Account Name, or a wrong one, has been entered?

% If no Account Name is entered, a message appears that tells that no Account Names have been entered. Enter the correct Account Name.

% If a account name not registered with the machine is entered in the "Account Name" box, a message appears that tells that the Account Name entered in the box is illegal. Click [OK] to go back to the screen of step 3. Perform steps 3 through 7 once again.

8

Click the [OK].

VarioLink 3622/4222/5022 3-31

User Operations

3.4.3

3

Accessing the User Box and User Box file

<For control panel>

Operation Menu Type

Save Document

Use Document

File Document

Functions that can be Performed

Read new document

Print, Send (fax, e-mail, file)

Delete, Move, Copy, and Edit Name for files

Different functions can be performed on different types of files stored in the User Boxes.

See the table given below for the relation between the file type and functions that can be performed.

<For Web Connection>

File Type

Copy job files

Print job files

Scan job files

Fax job files

2

Functions that can be Performed

Print, Move/Copy, Delete

Print, Move/Copy, Delete

Print, Move/Copy, Delete, Send to other device, Download to PC

Print, Move/Copy, Delete, Send to other device, Download to PC

Note

Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user operation mode.

2

Reminder

If the destination is to be specified using the corresponding one-touch key for executing [Fax] or [Fax

TX] from the control panel, always check that the destination is correct to make sure that the data is sent to the correct destination.

If the destination is to be specified through direct input for executing [Fax] or [Fax TX] from the control panel, always check that the destination is correct to make sure that the data is sent to the correct destination.

VarioLink 3622/4222/5022 3-32

User Operations

<From the Control Panel>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the control panel.

2

Press the [Box] key.

3

Select the operation menu.

4

Select the any arbitrary User Box and touch [OK].

3

5

Enter the 8-digit User Box Password from the keyboard and keypad.

– Press the [C] key to clear all characters.

– Touch [Delete] to delete the last character entered.

– Touch [Shift] to show the upper case/symbol screen.

– Touch [Cancel] to go back to the screen shown in step 4.

6

Touch [OK].

?

What if there is a mismatch in the User Box Passwords?

% If there is a mismatch in the User Box Passwords, a message appears that tells that authentication has not been successful. The machine then prohibits entry of the User Box Password for 5 sec. Enter the correct User Box Password.

% If the Enhanced Security Mode is set to [ON], entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

VarioLink 3622/4222/5022 3-33

User Operations

7

Select any arbitrary file.

8

Select the desired function from Print setting, Bind setting, TX setting and binding TX.

– Selecting [Delete] will delete the specified file.

9

Press the [Start] key or touch [Start].

3

VarioLink 3622/4222/5022 3-34

User Operations

<From Web Connection>

0 For the logon procedure, see

"Performing user authentication" on page 3-2

.

1

Log on to the user operation mode through User Authentication from the Web Connection.

2

Click the [Box] tab and the [Open User Box] menu.

3

3

Enter the User Box Number and User Box Password of the target User Box and click [OK].

?

What if there is a mismatch between the User Box Number and the User Box Password?

% If there is a mismatch between the User Box Number and the User Box Password, a message appears that tells that authentication has not been successful. Click [OK] and perform step 3 once again.

% If the Enhanced Security Mode is set to [ON], entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

VarioLink 3622/4222/5022 3-35

User Operations

4

Select the desired operation from the pull-down menu and click [Changes the display].

3

– Selecting the [Delete] in step 4 will cause a message to appear that confirms whether the specified file can be deleted or not. Click [OK] to delete the specified file.

5

Select the document and perform the intended function.

VarioLink 3622/4222/5022 3-36

User Operations

3.4.4

3

Sending S/MIME box files

2

Note

Do not leave the machine while you are in the user operation mode. If it is absolutely necessary to leave the machine, be sure first to log off from the user operation mode.

To select [E-Mail Encryption], the Administrator of the machine must make the S/MIME settings in advance.

To select the destination, the Administrator of the machine must register the certificate with the destination in advance.

<From the Control Panel>

0 For the procedure to call the Use Document screen to the display, see steps 1 through 6 of

"Accessing the User Box and User Box file" on page 3-32

.

1

Call the Use Document screen to the display from the control panel.

2

Select the file to be sent and click [Send].

3

Select [Communication Settings].

VarioLink 3622/4222/5022 3-37

User Operations

4

Select [E-Mail Encryption] and touch [Close].

3

?

What happens if [E-Mail Encryption] is selected after the destination has been set?

% If [E-Mail Encryption] is selected after the destination has been set, the set destination is canceled, making it necessary to set the destination once again.

5

Select the destination and touch [Start] or press the Start key.

VarioLink 3622/4222/5022 3-38

User Operations

3.5

3

Outline of document save

What Document save can do

When the data is saved at box mode, it directly specifies the box that the document will be saved. The document to be saved is regarded same as the scan save.

<Public User Box/Personal User Box/Group User Box>

-

-

-

Printed or scanned documents using this machine are saved.

It can save the document whose printing is instructed through a computer under the network.

Personal User Box or Group User Box are available to limit the people who can use the box according to the status of user authentication or group administration.

<Annotation User Box>

When you want to add the image of date/time and filing number to the saved data for printing or sending, you save the data to this Annotation User Box. Press [System User Box] tab and then

[Annotation User Box] to select the box.

<External Memory>

Scanned data can be directly stored to the external memory that is connected to the external memory machine. Confirm that the external memory is set to the USB connector of this machine, and press

[External Memory] of [System User Box] tab.

!

Detail

Document save to external memory is set OFF at factory setting (cannot be saved). It is set OFF also when User authentication is set. When you want to utilize this function, change the setting accordingly at Administrator Set.

Initial screen of Document save

<Public user box/Personal user box/Group use box>

When you select [Public]/[Personal]/[Group] tab, list of boxes the data can be stored will appear. Select the desired box.

VarioLink 3622/4222/5022 3-39

User Operations

<System Box>

When [System User Box] tab is selected, list of boxes the data can be stored will appear. Select the desired box.

When you select [Annotation User Box], more specific box can be selected.

3

Document save screen

Item

User Box

Document Name

Scan Settings

Original Settings

2

Explanation

Public User Box/Personal User Box/Group Use Box and Annotation User Box, the save box can be changed. Press [Save box] to select the desired box.

Keyboard to enter the document name is displayed. Enter the name on the panel.

Details of scan reading conditions can be set.

Details such as original paper type or setting direction can be set.

Note

In case the external memory is used, the place the document is save cannot be changed.

VarioLink 3622/4222/5022 3-40

User Operations

File style

To select the file style to save the scanned data.

3

<File style>

The selectable file style is as follows

Item

PDF

TIFF

XPS

Explanation

Save as PDF

Save as TIFF

Save as XPS

2

Reminder

Even if the file style has already been selected at box save, you need to specify the file style when downloading data.

When the data is stored at XPS, the optional hard disk is necessary

<Setting page>

Data can be specified in bulk at save.

Item

Single Page

Multi Page

2

Explanation

File is created by saving the data per page at download.

File is created by saving whole scanned data.

Reminder

Even if the [Single Page] is selected at box save, you need to specify the page when downloading data.

VarioLink 3622/4222/5022 3-41

4

Application Software

Application Software

4

4

4.1

4.1.1

Application Software

Data Administrator

Data Administrator is an application for management purpose that allows the authentication, destination and network functions of the machine to be edited or registered from a PC connected over the network.

It allows the authentication, destination and network setting list to be downloaded in your PC, the data in the list to be edited on the PC, and then the data to be written in the machine.

A destination list of file formats including XML, CSV, TAB, LDIF, and Lotus Notes Structured Text can be downloaded. A destination list can also be downloaded by searching through or browsing destinations using the LDAP protocol for a directory server such as Active Directory.

Select [Authentication Settings/Address Settings] to edit or register the authentication or destination function of the machine, and select [Administrator settings] to edit or register the network function of the machine.

2

Note

Make sure that none of the general users of the machine will know the Administrator Password.

If the Administrator Password is forgotten, it must be set again by the Service Engineer. Contact your

Service Representative.

Do not leave the site while you are gaining access to the machine through Data Administrator. If it is absolutely necessary to leave the site, be sure first to log off from the Data Administrator.

Gaining access from Data Administrator

<From the PC>

1

Start the Data Administrator.

2

Select this machine from Device List and click [Authentication Settings/Address Settings] or

[Administrator settings].

3

Check the settings on the "Import device information" screen and click [Import].

VarioLink 3622/4222/5022 4-2

Application Software

– The following screen appears if [Authentication Settings/Address Settings] has been selected in step 2.

4

– The following screen appears if [Administrator settings] has been selected in step 2.

4

Type the 8-digit Administrator Password registered in the machine and click [OK].

– If the "Save" check box is selected, enter the 8-digit Administrator Password once again to make sure that the Administrator Password has been entered correctly.

VarioLink 3622/4222/5022 4-3

Application Software

4

?

What happens if a wrong Administrator Password is entered?

% If a wrong Administrator Password is entered, a message appears saying that there is a mismatch in the passwords and entry of the Administrator Password will be prohibited for five sec. Wait for some while before entering the correct Administrator Password.

% If a wrong Administrator Password is entered for confirmation, a message appears that tells that there is a mismatch in the Administrator Password. Enter the correct Administrator Password.

% If the Enhanced Security Mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears saying that the machine accepts no more Administrator Passwords because of unauthorized access for any subsequent entry of the Administrator Password. The machine is then set into an access lock state.

To cancel the access lock state, settings must be made by the Service Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

5

Check the data displayed on the SSL certificate check screen and click [Yes].

2

Reminder

If the "Save" check box has been selected, the Administrator Password entered is stored in the PC being used. If you do not want the Administrator Password stored, clear the "Save" check box.

VarioLink 3622/4222/5022 4-4

Application Software

4.1.2

Setting the user authentication method

2

Reminder

To change the user authentication method from "Device authentication" to "Network server authentication," it is necessary first to register the domain name of Active Directory on the machine side.

If "Network server authentication" is selected, "Active Directory" must invariably be selected.

4

<From the PC>

0

For the procedure to access the machine, see steps 1 through 5 of

"Gaining access from Data

Administrator" on page 4-2

.

1

Access the machine through [Authentication Settings/Address Settings] mode of Data Administrator.

2

Click the [Authentication settings].

3

Click the [User authentication].

VarioLink 3622/4222/5022 4-5

Application Software

4

From the pull-down menu of User authentication, select the user authentication method.

4

5

Click the [Export to the device].

2

Note

If you have already logged on to the Administrator Settings via the control panel or using Web Connection, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

If there is a job being executed or a reserved job (timer TX, fax redial waiting, etc.) in the machine, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

VarioLink 3622/4222/5022 4-6

Application Software

4.1.3

4

Changing the authentication mode

2

Note

Changing the Account Track setting erases all user and account information data that has previously been registered. This changes all Personal User Boxes owned by the users who are deleted and all

Group User Boxes owned by the accounts that are deleted to Public User Boxes. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the

Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

If you have already logged on to the Administrator Settings via the control panel or using Web

Connection, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

If there is a job being executed or a reserved job (timer TX, fax redial waiting, etc.) in the machine, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

<From the PC>

0

For the procedure to access the machine, see steps 1 through 5 of

"Gaining access from Data

Administrator" on page 4-2

.

1

Access the machine through [Authentication Settings/Address Settings] mode of Data Administrator.

2

Click the [Authentication settings].

3

From [Edit] on the tool bar, select [Authentication] and click [Change authentication mode].

4

Click the [Next].

VarioLink 3622/4222/5022 4-7

Application Software

5

Select the specific [Authentication mode] to be changed and click [Next].

4

– If [User Authentication and Account Track] has been selected, set [The ratio of the number of Users] and [The ratio of the number of Accounts].

6

Verify the new authentication mode and click [Write].

7

Click the [Finished].

VarioLink 3622/4222/5022 4-8

Application Software

– If [User Authentication and Account Track] has been selected in step 5, [Synchronize] is set for

"Synchronize user authentication and account track." If you want user authentication not synchronized with account track, click to deselect [Synchronize user authentication and account track] and execute [Export to the device] once again.

4

VarioLink 3622/4222/5022 4-9

Application Software

4.1.4

Making the user settings

<From the PC>

0

For the procedure to access the machine, see steps 1 through 5 of

"Gaining access from Data

Administrator" on page 4-2

.

1

Access the machine through [Authentication Settings/Address Settings] mode of Data Administrator.

2

Click the Authentication settings expand button.

3

Click the [User authentication settings].

4

4

Select the desired function.

– To register the user, click [Add].

– To change data registered for the user, click [Edit].

– To delete the user, click [Delete].

?

What precautions should be used when registering a user or changing registered data of a user?

% If the User Password does not meet the requirements of the Password Rules, a message appears that this particular User Password cannot be used. Click [OK] and enter the correct User Password.

For details of the Password Rules, see

"Password Rules" on page 1-9

.

% If the User Name has not been entered, a message appears that tells that the User Name is yet to be entered. Click [OK] and enter the User Name.

% A User Name that already exists cannot be redundantly registered.

5

Click the [OK].

6

Click the [Export to the device].

2

Note

If you have already logged on to the Administrator Settings via the control panel or using Web Connection, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

If there is a job being executed or a reserved job (timer TX, fax redial waiting, etc.) in the machine, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

2

Reminder

If [Delete] is selected in step 4, a screen appears that prompts you to confirm the execution of deletion.

Click [Yes] to delete the user. Note that, if a previously registered user is deleted, the Personal User Box owned by that specific user is changed to Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the

Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 4-10

Application Software

4.1.5

Making the account settings

<From the PC>

0

For the procedure to access the machine, see steps 1 through 5 of

"Gaining access from Data

Administrator" on page 4-2

.

1

Access the machine through [Authentication Settings/Address Settings] mode of Data Administrator.

2

Click the Authentication settings expand button.

3

Click the [Account track settings].

4

4

Select the desired function.

– To register the account, click [Add].

– To change data registered for the account, click [Edit].

– To delete the account, click [Delete].

?

What precautions should be used when registering a account or changing registered data of a account?

% If the Account Password does not meet the requirements of the Password Rules, a message appears that this particular Account Password cannot be used. Click [OK] and enter the correct Ac-

count Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% If the Account Name has not been entered, a message appears that tells that the User Name is yet to be entered. Click [OK] and enter the Account Name.

% A Account Name that already exists cannot be redundantly registered.

5

Click the [OK].

6

Click the [Export to the device].

2

Note

If you have already logged on to the Administrator Settings via the control panel or using Web Connection, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

If there is a job being executed or a reserved job (timer TX, fax redial waiting, etc.) in the machine, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

2

Reminder

If [Delete] is selected in step 4, a screen appears that prompts you to confirm the execution of deletion.

Click [Yes] to delete the account. Note that, if a previously registered account is deleted, the Group User

Box owned by that specific account is changed to Public User Box. If the password set for a particular box before this change does not meet the requirements of the Password Rules, however, no access can be made to the Public User Box, to which that specific box was changed. In this case, the

Administrator must first newly set a password that meets the requirements of the Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

VarioLink 3622/4222/5022 4-11

Application Software

4.1.6

4

Registering the certificate

2

Note

Set 1024 bits or more for the key length of the RSA public key for the certificate of each destination.

If the abbreviated name and E-mail address have not been entered, an input error message appears.

Then, click [OK] and enter the abbreviated name and E-mail address.

<From the PC>

0

For the procedure to access the machine, see steps 1 through 5 of

"Gaining access from Data

Administrator" on page 4-2

.

1

Access the machine through [Authentication Settings/Address Settings] mode of Data Administrator.

2

Click the Address settings expand button.

3

Click the [Address book].

4

Select the number to be registered and click [Edit].

5

Select the [E-Mail] and Click the [OK].

VarioLink 3622/4222/5022 4-12

Application Software

6

Click [Register] of S/MIME Certification file and select the certificate to be registered.

4

7

Make the necessary settings.

8

Click the [OK].

9

Click the [Export to the device].

2

Note

If you have already logged on to the Administrator Settings via the control panel or using Web Connection, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

If there is a job being executed or a reserved job (timer TX, fax redial waiting, etc.) in the machine, the machine displays a message that tells that the write operation has not been successful because of a device lock error. Click [OK] and wait for some while before attempting to execute [Export to the device] again.

VarioLink 3622/4222/5022 4-13

Application Software

4.2

4.2.1

4

Box Operator

Box Operator is application software used exclusively for changing the name of scan or fax data stored in a

User Box, downloading or deleting such scan or fax data, creating a User Box, changing the properties (user attributes) of a User Box, and performing other tasks. It allows a network-connected PC to gain access to the HDD of the machine for accomplishing these tasks.

When an attempt is made to gain access to the machine through Box Operator, the user is authenticated to be an authorized user by using an 8-to-64-digit User Password and an 8-digit User Box Password. During the authentication procedure, the password entered appears as "*." When the Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

2

Note

Do not leave the site while you are gaining access to the machine through Box Operator. If it is absolutely necessary to leave the site, be sure first to log off from the Box Operator.

Accessing User Box

2

Reminder

If the "Save logon user name" check box has been selected, the User Password entered is stored in the PC being used. If you do not want the User Password stored, clear the "Save logon user name" check box.

If the "Save box password until disconnected" check box has been selected, the User Box Password entered is stored in the PC being used. If you do not want the User Box Password stored, clear the

"Save box password until disconnected" check box.

<From the PC>

1

Start the Box Operator.

2

Double-click this machine.

3

Type the User Name and the 8-to-64-digit User Password.

?

What steps must be performed if ON (External Server) is set for the authentication method?

% If [ON (External Server)] is set for the authentication method, select the desired external server.

VarioLink 3622/4222/5022 4-14

Application Software

4

4

Click the [OK].

?

What happens if a wrong User Password is entered?

% If the User Password entered does not correspond to the registered User Name, a message appears that tells that authentication has not been successful. Click [OK] and then enter the correct User

Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Password is counted as unauthorized access. If a wrong User Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

% If [ON (External Server)] (Active Directory) is set for the authentication method and if user authentication is successful, the User Name not registered in the machine is automatically registered.

5

Click or double-click the desired User Box icon.

6

Type the 8-digit User Box Password.

7

Click the [OK].

– To delete a User Box, select the specific User Box icon and, from the [File] menu, select [Delete]. A message will then appear that prompts you to confirm that you want to delete the User Box. Click

[Yes] and enter the User Box Password corresponding to the specific User Box. This deletes the

User Box.

?

What happens if a wrong User Box Password is entered?

% If there is a mismatch in the User Box Password, a message appears that tells that authentication has not been successful. Click [OK] and then enter the correct User Box Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

VarioLink 3622/4222/5022 4-15

Application Software

4.2.2

Creating a User Box

<From the PC>

0 For the procedure to access the User Box, see steps 1 through 7 of

"Accessing User Box" on page 4-14

.

1

Access the User Box through Box Operator.

2

From the [Box Operator] menu, select [Create User Box]. Or, click .

3

Make the necessary settings.

4

– Do not fail to enter data in the "User Box name," "Password," and "Confirm password" boxes.

– A Use unused box number that already exists cannot be registered redundantly.

– If [Private] is selected for User Box Type, enter the User Name of the user who owns the User Box in the "Owner" box.

– If [Group] is selected for the User Box Type, enter the name of the account that owns the box in the

"Owner" box.

?

What happens if the Automatic check box is selected?

% If the "Automatic" check box is selected, the User Box No. is automatically assigned.

?

What happens if Public is selected for User Box Type?

% If "Public" is selected for User Box Type, set the User Box Password that meets the requirements of the Password Rules. For details of the Password Rules, see

"Password Rules" on page 1-9

.

4

Click the [Create].

2

Note

If the User Box Password entered does not meet the requirements of the Password Rules, a message appears that the User Box Password that has been entered cannot be used. Click [OK] and enter the

correct User Box Password. For details of the Password Rules, see

"Password Rules" on page 1-9

.

If there is a mismatch in the User Box Password between that entered in the "Password" box and that entered in the "Confirm password" box, a message appears that tells that there is a mismatch in the

User Box Password. Enter the correct User Box Password.

If the Owner Name is not entered with "Private" selected for User Box Type, a message appears that warns that the Owner Name is yet to be entered. Enter the correct Owner Name.

If the Account Name is not entered with "Group" selected for User Box Type, a message appears that warns that the Account Name is yet to be entered. Enter the correct Account Name.

If a user name not registered with the machine is entered in the "Owner Name" box, a message appears that tells that the Owner Name entered in the box is illegal. Click [OK] and enter the correct Owner

Name.

If a account name not registered with the machine is entered in the "Account Name" box, a message appears that tells that the Account Name entered in the box is illegal. Click [OK] and enter the correct

Account Name.

VarioLink 3622/4222/5022 4-16

Application Software

4

2

Reminder

For the procedure to change the User Box Password and properties (user attributes, account attributes), see

"Changing User Box properties (user attributes, account attributes)" on page 4-18

.

VarioLink 3622/4222/5022 4-17

Application Software

4.2.3

4

Changing User Box properties (user attributes, account attributes)

2

Reminder

If the "Save box password until disconnected" check box has been selected, the User Box Password entered is stored in the PC being used. If you do not want the User Box Password stored, clear the

"Save box password until disconnected" check box.

<From the PC>

0 For the procedure to access the User Box, see steps 1 through 7 of

"Accessing User Box" on page 4-14

.

1

Access the User Box through Box Operator.

2

Select the icon of the desired User Box.

3

From the [File] menu, select [Property], or right-click to select [Property].

4

Make the necessary settings.

– To set the User Box Password, perform steps 7 through 9.

?

What steps should be performed to change the owner of the User Box?

% To change the owner of the User Box, enter the user name that has been registered with this machine as a user for a Personal User Box and that has been registered with this machine as an account for a Group User Box.

% If Public is to be set for User Box Type, a password that meets the requirements of the Password

Rules must be entered in the "New Password" box. For details of the Password Rules, see

"Password Rules" on page 1-9

.

5

Click the [OK].

– If a User Box Password has been set, the password confirmation screen appears. Then, enter the currently set 8-digit User Box Password and click [OK].

VarioLink 3622/4222/5022 4-18

Application Software

4

?

What precautions should be used when User Box Type is changed from Personal or Group to

Public?

% If User Box Type is changed from "Personal" or "Group" to "Public" and if the User Box Password set for the Personal or Group User Box before this change does not meet the requirements of the

Password Rules, a message appears that tells that the User Box Password is illegal.

?

What happens if a wrong User Box Password is entered?

% If a wrong User Box Password is entered, a message appears that tells that the User Box Password entered is wrong. Click [OK] and then enter the correct User Box Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times

(once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

6

Select [Property] from the [File] menu or right-click to select [Property].

7

Click the [Change Password].

8

Enter the User Box Password.

?

What precautions should be used when entering the User Box Password in each of the different password boxes?

% If Public is to be set for User Box Type, a password that meets the requirements of the Password

Rules must be entered in the "New Password" box. For details of the Password Rules, see

"Password Rules" on page 1-9

.

% In the "Confirm new password" box, enter the same User Box Password as that entered in the "New password" box.

9

Click the [OK].

?

What steps should be performed to change the owner of the User Box?

% When the owner of the User Box is to be changed, enter the User Name registered in the machine as an authorized user of the machine in the Owner Name.

2

Note

When [OK] is clicked, the password confirmation screen of step 5 appears. Enter the 8-digit User Box

Password, which was set before the change of the password, and click [OK].

If the User Box Password entered does not meet the requirements of the Password Rules with "Public" selected for User Box Type, a message appears that tells that the User Box Password entered cannot be used. Click [OK] and perform steps 8 and 9 again. For details of the Password Rules, see

"Password

Rules" on page 1-9

.

If the Enhanced Security Mode is set to [ON], the entry of a wrong User Box Password is counted as unauthorized access. If a wrong User Box Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the Administrator of the machine.

VarioLink 3622/4222/5022 4-19

Application Software

4.2.4

Accessing the User Box file

Different functions can be operated depending on the file format.

Study the following table for the relationship between the file format and operable functions.

File format

PDF

TIFF

Operable functions

Icon display, thumbnail display, detail display, opening in a specific application, file acquisition, file name change, file deletion, copy to another User Box, move to another User Box, copy to another Folder, move to another Folder

Icon display, thumbnail display, detail display, opening in a specific application, opening in Box

Operator viewer, file acquisition, file name change, file deletion, copy to another User Box, move to another User Box, copy to another Folder, move to another Folder

2

Reminder

The file saved in the User Box may be saved in your PC from Box Operator through drag-&-drop.

<From the PC>

0 For the procedure to access the User Box, see steps 1 through 4 of

"Accessing User Box" on page 4-14

.

1

Access the User Box through Box Operator.

2

Select any desired file.

4

3

Select the desired function.

VarioLink 3622/4222/5022 4-20

Application Software

4.3

4.3.1

4

HDD TWAIN driver

The HDD TWAIN driver, which is to be installed in the PC of a general user, is a TWAIN driver used exclusively for allowing the HDD of this machine to be recognized as a TWAIN device.

The HDD TWAIN driver is a utility function for downloading document data stored in the User Box in the scan or fax mode in the image processing application of the PC.

When an attempt is made to gain access to the machine through the HDD TWAIN driver, the user is authenticated to be an authorized user by using an 8-to-64-digit User Password and an 8-digit User Box

Password. During the authentication procedure, the User Password entered for the authentication purpose appears as "*" on the display. When the Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

2

Note

Do not leave the site while you are gaining access to the machine through the HDD TWAIN driver. If it is absolutely necessary to leave the site, be sure first to log off from the HDD TWAIN driver.

2

Reminder

If [ON (External Server)] (Active Directory) is set for the authentication method and if user authentication is successful, the User Name not registered in the machine is automatically registered.

Accessing from the HDD TWAIN driver

<From the PC>

1

Start the image processing application.

2

From the [File] menu, click [Read], and then select [Generic HDD TWAIN Ver.3].

3

Select this machine and click [Connect].

4

Select the "Login as the Registered User" radio button and enter the User Name and the 8-to-64-digit

User Password.

?

What steps must be performed if ON (External Server) is set for the authentication method?

% If [ON (External Server)] is set for the authentication method, enter the desired external server.

VarioLink 3622/4222/5022 4-21

Application Software

4

5

Click the [OK].

?

What happens if a wrong User Password is entered?

% If a wrong User Password is entered for the corresponding User Name registered, a message appears that tells that authentication has not been successful. Enter the correct User Name and

User Password.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Password is counted as unauthorized access. If a wrong User Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

6

Enter the desired User Box No. and 8-digit User Box Password.

7

Click the [OK].

?

What happens if there is a mismatch between the User Box No. and User Box Password?

% If there is a mismatch between the User Box No. and User Box Password, a message appears that tells that authentication has not been successful. Click [OK] and perform step 6 once again.

% If the Enhanced Security Mode is set to [ON], the entry of a wrong User Password is counted as unauthorized access. If a wrong User Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears that tells that authentication has not been successful for any subsequent operation for authentication. The machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

8

Select the desired document data and click [Read].

VarioLink 3622/4222/5022 4-22

Application Software

4.4

4.4.1

4

Direct Print

Direct Print is an application that allows a PDF file or a TIFF file to be directly transmitted to, and printed on, the printer.

It permits printing of data through drag and drop to the desktop icon and using the context (right-click) menu of Windows, and automatic printing of data using a hot folder. The application also allows two or more different print job setups to be registered.

When data is to be printed through Direct Print, the user is authenticated to be an authorized user by using an 8-to-64-digit User Password or Account Password. When the Enhanced Security Mode is set to [ON], the number of times in which authentication fails is counted.

2

Note

If the "Edit Authentication/Account Track for each drag-and-drop printing" check box is not selected on the Direct Print main screen, no authentication screen appears for drag-and-drop printing. Select the "Edit Authentication/Account Track for each drag-and-drop printing" check box when using Direct

Print.

Printing through Direct Print

<From the PC>

1

Drag and drop the desired file to the Direct Print shortcut.

– Right-click the desired file. Direct Print can be selected from the menu that will then be displayed.

2

Select the "Use User Authentication" check box and the "Recipient User" radio button.

3

Enter the User Name and the 8-to-64-digit User Password that have been registered in the machine.

?

What steps must be performed if ON (External Server) is set for the authentication method?

% If [ON (External Server)] is set for the authentication method, select the desired external server.

VarioLink 3622/4222/5022 4-23

Application Software

4

To enable Account Track, click the [Use Account Track] check box.

4

5

Enter the Account Name and 8-to-64-digit Account Password registered with the machine.

6

Click the [OK].

2

Note

If there is a mismatch between the User Password and Account Password entered and the User Name and Account Password registered, the specified file is erased as an error from the machine without being printed.

If the Enhanced Security Mode is set to [ON], the entry of a wrong User Password or Account Password is counted as unauthorized access. If a wrong User Password or Account Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, the machine is then set into an access lock state, rejecting any more logon attempts. To cancel the access lock state, the Administrator of the machine must perform the Release Setting. Contact the

Administrator of the machine.

VarioLink 3622/4222/5022 4-24

Application Software

4.5

4.5.1

4

HDD Backup Utility

The HDD Backup Utility, which is to be installed in the PC of the Administrator of the machine, is application software used exclusively for accessing the HDD in this machine.

The HDD Backup Utility functions performed by the Administrator of the machine allow the image data saved in the HDD of the machine to be backed up and restored. It is not possible to open directly the backup data.

To gain access to the machine from the HDD Backup Utility, the user is authenticated to be an authorized

Administrator by using an 8-digit Administrator Password. The Administrator Password entered during the authentication procedure is displayed as "*." When the Enhanced Security mode is set to [ON], the number of times in which authentication fails is counted.

2

Note

Make sure that none of the general users of the machine will know the Administrator Password.

If the Administrator Password is forgotten, it must be set again by the Service Engineer. Contact your

Technical Representative.

Backup

2

Reminder

If the "Save the administrator password" check box is selected, the Administrator Password entered is stored in the PC being used. If you do not want the Administrator Password stored, clear the "Save the administrator password" check box.

<From the PC>

1

Start the HDD Backup Utility.

2

Select this machine and click [Backup].

3

Enter the 8-digit Administrator Password registered in the machine in the "Administrator password" box.

VarioLink 3622/4222/5022 4-25

Application Software

4

4

Click the [Next].

?

What happens if a wrong Administrator Password is entered?

% If a wrong Administrator Password is entered, a message appears saying that there is a mismatch in the passwords. Enter the correct Administrator Password.

% If the Enhanced Security mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears saying that the machine accepts no more Administrator Passwords because of unauthorized access for any subsequent entry of the Administrator Password. The machine is then set into an access lock state.

To cancel the access lock state, settings must be made by the Service Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

5

From "Backup media," select the check box of the desired media and click [Next].

6

Click [Browse] and specify the destination, in which the backup folder is to be saved.

VarioLink 3622/4222/5022 4-26

Application Software

4

7

Type a backup folder name that consists of one to 50 characters in the "Backup folder name" text box and click [Next].

8

To set a password for the backup file, select the corresponding check box and type a password that consists of one to 64 digits in the "Password for the backup files" and "Confirm the password" boxes and then click [Next].

9

Check the data that has been set and click [Start].

VarioLink 3622/4222/5022 4-27

Application Software

10

Make sure that the backup procedure has been completed. Then, click [Finish].

4

2

Reminder

In Backup, none of the following settings are backed up: Administrator Password, CE Password, HDD

Lock Password, Flash Memory Lock Password, Image Data Encryption Passphrase, and CE Lock

Release Time.

Security settings other than the above are all backed up. Pay attention to which settings are backed up and which are not when restoring data. Especially, be sure not to forget the settings made to security related data such as auth-password and priv-password during back up.

Note that the Enhanced Security Mode is turned OFF when restoring data that are backed up under the condition where the Enhanced Security Mode is set to OFF.

In backup, Image Data Encryption Passphrase cannot be backed up. If Image Data Encryption

Passphrase is changed during backup, a warning message appears saying that there is a mismatch in the Image Data Encryption Passphrases when the machine is started after restoration. To reset the warning message, the Image Data Encryption Passphrase set during backup must be set on the machine again. Be sure not to forget the Image Data Encryption Passphrase set during backup.

VarioLink 3622/4222/5022 4-28

Application Software

4.5.2

4

Restore

2

Reminder

If the "Save the administrator password" check box is selected, the Administrator Password entered is stored in the PC being used. If you do not want the Administrator Password stored, clear the "Save the administrator password" check box.

<From the PC>

1

Start the HDD Backup Utility.

2

Select this machine and click [Restore].

3

Click the [OK].

4

Click [Browse] and specify the destination, in which the backup file is to be saved.

– If a password has been set for the backup data, type the password that consists of one to 64 digits set during Backup and click [OK].

5

Click the [Next].

VarioLink 3622/4222/5022 4-29

Application Software

6

Type the 8-digit Administrator Password registered in the machine in the "Administrator Password" box.

4

7

Click the [Next].

?

What happens if a wrong Administrator Password is entered?

% If a wrong Administrator Password is entered, a message appears saying that there is a mismatch in the passwords. Enter the correct Administrator Password.

% If the Enhanced Security mode is set to [ON], entry of a wrong password is counted as unauthorized access. If a wrong Administrator Password is entered a predetermined number of times (once to three times) set by the Administrator of the machine or more, a message appears saying that the machine accepts no more Administrator Passwords because of unauthorized access for any subsequent entry of the Administrator Password. The machine is then set into an access lock state.

To cancel the access lock state, settings must be made by the Service Engineer; or, turn off, and then turn on, the main power switch of the machine. If the main power switch is turned off and on, the access lock state is canceled after the lapse of time set for [Release Time Settings]. When the main power switch is turned off, then on again, wait at least 10 seconds to turn it on after turning it off. If there is no wait period between turning the main power switch off, then on again, the machine may not function properly.

Here is the sequence, through which the main power switch and sub power switch are turned on and off:

Turn off the sub power switch

→ Turn off the main power switch → Turn on the main power switch →

Turn on the sub power switch

8

Check the data that has been set and click [Start].

VarioLink 3622/4222/5022 4-30

Application Software

9

Click the [OK].

Make sure that Restore procedure has been completed and then click [Finish].

4

2

Reminder

Restore doesn't backup Administrator Password, CE Password, HDD Lock Password, Flash Memory

Lock Password, Image Data Encryption Passphrase, and CE Lock Release Time. But please note that all other security data is backed up at restore. Especially data related security such as auth-password or priv-password, make sure to keep the back up information.

Encryption key is not backed up at restore. Therefore warning will be given for discordance of

Encryption key at the time of restart after restore when the encryption word is changed. You need to set the back up encryption word again to reset the warning. Make sure to keep the back up information.

VarioLink 3622/4222/5022 4-31

A0R599503A

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

advertisement

Table of contents