•Documentation and Support ..... ..... ........................... ........................... ..... ..... ................. ..... ..... ... 9
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
5
Introduction
Introduction
The Smart Card solution brings an advanced level of security to sensitive information. Organizations
can restrict access to the walk-up features of a Xerox
®
multifunction printer. This practice ensures that
only authorized users are able to print, copy, scan, email, and fax information.
After validation, you are logged in to the Xerox
®
printer for all walk-up features. For added security,
the functions are tracked.
This guide explains how to install and configure the Smart Card solution. The guide identifies the
resources and equipment required for a successful installation.
Note: Depending on the printer model and software version you are using, the configuration
instructions can vary.
For more information, contact your local Xerox Representative.
To identify the software version on your printer, at the control panel, touch Device, then touch About.
The software version number appears.
100.008.037.03831
100.xxx.037.03830
105.xxx.009.34422
105.xxx.009.34422
073.xxx.167.17200
6
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
Introduction
Smart Card Feature Overview
AAuutthheennttiiccaattiioonn
Xerox offers the Smart Card authentication feature. This authentication enables users who possess
smart cards to use the card for network authentication at the multifunction printer. Smart cards
contain user identity certificates and public and private keys. This certificate enables the
multifunction printer to perform a Kerberos authentication to the Windows active domain controller
that issued the identity certificate.
The Smart Card feature was developed to support smart cards and has been extended to support PIV,
CAC, Gemalto IDPrime MD, and other smart cards. This document describes the configuration
settings for these smart cards.
The multifunction printer determines automatically which type of smart card is inserted in the card
reader. The multifunction printer uses the appropriate software libraries to communicate with the
specific card. Authentication settings are configured on the multifunction printer, according to the
network infrastructure.
HHoolldd AAllll JJoobbss
The Xerox Hold All Jobs feature ensures that jobs are held securely at the multifunction printer. Jobs
are available for release only after you authenticate at the printer. The printer holds the jobs for a
specified time until they are released. It is not necessary to enter a Secure Print PIN to use this
feature.
To use the Hold All Jobs feature, configure the print driver to pull the user name alias from the Smart
Card certificate or Windows operating system. Refer to Configure the Print Driver.
This feature provides the following benefits:
•Banner Pages are not required to separate jobs, which reduces waste.
•You can manage your held jobs more efficiently. You can select only the jobs that you want to
print, and delete older versions of documents that you no longer want to print.
•Confidential jobs are held in the queue for the owner to release them, rather than the documents
waiting in the output tray to be picked up.
With Smart Card authentication, the multifunction printer has full access to the public and private
keys of the user. The printer can use these keys to sign and encrypt emails.
You can sign an email payload through the Smart Card with your private key. This action enables
other users to validate the signature with your public key, which they can obtain from you or from
LDAP. This validation assures the recipient that the content is original and was not compromised in
transit.
You can encrypt an email payload with your public key through the Smart Card or LDAP, then send
the encrypted email to the user. This option offers the benefit that, while in transit through the
infrastructure, no one can decipher the contents of the email. After the email is in your Inbox, you
can decrypt the email with your private key, making the payload readable again.
®
Xerox
Installation and Configuration Guide
AltaLink®Series Smart Card
7
Introduction
SSuuppppoorrtteedd CCaarrdd RReeaaddeerrss
The customer is responsible for providing a card reader for each Xerox®multifunction printer. Most
Chip Card Interface Device (CCID)-compliant card readers can be used, but not all card readers are
validated. It is recommended that you use the Indentive SCR3310 v2.0 smart card reader.
SSuuppppoorrtteedd CCaarrdd TTyyppeess
Customers are responsible for purchasing and configuring the access cards. The following card types
are supported:
•CAC
•PIV
•Gemalto IDPrime MD
Other card types function with the Smart Card solution, but they are not validated.
8
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
Introduction
Documentation and Support
For information about your Xerox®multifunction printer, the following resources are available:
•A System Administrator Guide provides detailed instructions and information about connecting
your printer to the network and installing optional features. This guide is intended for system
administrators.
•A User Guide provides detailed information about all the features and functions on your printer.
This guide is intended for general users.
Most answers to your questions are provided by the support documentation supplied for your printer.
Alternatively, you can contact Xerox Technical Support or access the Xerox website at www.xerox.com.
®
Xerox
Installation and Configuration Guide
AltaLink®Series Smart Card
9
Introduction
10
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
This section explains the preparation and resources required to install the Smart Card feature.
12
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
Configuration Checklist
The following items are required to complete the installation:
Preparation
Summary
1. Obtain the IP address or host name for each applicable Windows domain controller.
2. If domain controller certificate validation is required, obtain the certificate for each
applicable domain controller, including all intermediate certificates up to the root certificate.
Note: Typically, this procedure is required only for the Smart Card solution.
3. If Online Certificate Status Protocol (OCSP) is available, obtain the IP address or host name
for the OCSP server.
4. If a software upgrade is required, obtain and install the required software release.
5. Mount the Smart Card Reader to the multifunction printer, then connect the USB cable to
one of the rear ports. Refer to Connect the USB Smart Card Reader to the Multifunction
Printer.
6. Install the Smart Card software feature enablement key. Refer to Enter the Smart Card
Enablement Key.
7. Configure Smart Card authentication, the optional NTP, and the optional Alternate ControlPanel Login. Refer to Configuring the Smart Card.
Status
8. Install any required certificates, then configure the validation settings. Refer to Configure a
Security Certificate.
9. Configure the multifunction printer LDAP settings. Refer to Configure Acquiring Logged-In
User's Email Address.
10. Configure the multifunction printer SMTP email, signing and encryption settings. Refer to
Configure SMTP (Email) Settings.
11. Configure the Hold All Jobs and Secure Print policies, if necessary. Refer to Printing
Features.
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
13
Preparation
14
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
The Embedded Web Server is the administration and configuration software installed on the printer.
This software allows you to configure and administer the printer from a Web browser.
The administrator password is required to access locked settings in the Embedded Web Server or at
the control panel. Most printer models have a default configuration that restricts access to some
settings. In the Embedded Web Server, you can restrict access for settings on the Properties tab. At
the device touch screen, you can restrict settings in the Tools menu.
To access the Embedded Web Server and log in as the administrator:
1.At your computer, open a Web browser.
2.In the URL address field, type http:// followed by the IP Address of the multifunction printer.
For example: If the IP Address is 192.168.100.100, type the following into the URL address field:
http://192.168.100.100. Press Enter or Return.
3.In the top-right area of the page, click Login.
a.For User ID, type admin.
b.For Password, type the administrator password. The default administrator password is 1111,
or the printer serial number. You can obtain the serial number from inside the front door of
the printer, from the configuration report, and from the home page of the Embedded Web
Server. The password is case-sensitive.
4.Click Login.
For more information about accessing and configuring the Embedded Web Server settings, refer to
the System Administrator Guide for your Xerox multifunction printer.
Before you configure the Smart Card solution, use the Embedded Web Server to enable the Smart
Card feature on your Xerox
inside cover of the enablement guide provided within the Xerox
®
multifunction printer. The Feature Enablement Key is printed on the
®
Smart Card (CAC/PIV) kit.
To enable the device software:
1.Access the Embedded Web Server, then click the Properties tab. For more information, refer to
Accessing Administration and Configuration Settings.
20
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
2.Click the Login/Permissions/Accounting link.
3.Click the Login Methods link.
4.Click the Control Panel Login button.
a.From the Control Panel Login menu, select Smart Cards.
b.If users need an alternate method of authentication, from the Alternate Control Panel
Login menu, select User Name/Password — Validate on the Network.
Installation
c.If the device uses the email address registered to the authenticated user, select the check
box for Personalized User Profile.
Xerox®AltaLink®Series Smart Card
Installation and Configuration Guide
21
Loading...
+ 49 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.