Xerox Document Services Platform Series
Common Controller
System
guide
701P25030
September, 2005
Prepared by:
Xerox Corporation
Global Knowledge and Language Services
800 Philips Road Bldg. 845-17S
Webster, New York 14580
USA
©2005 by Xerox Corporation. All rights reserved.
Copyright protection claimed includes all form s and matters of copyri ghtable material and information
now allowed by statutory judicial law or hereinafter granted, i ncluding without limitat i on, material generated
from the software programs di splayed on the screen such as i cons, screen displays, or looks.
Printed in the United States of America.
XEROX® and all Xerox product names mentioned in this publicat i on are trademarks of XEROX CORPORATION.
Other company trademark s are al so acknowledged.
Changes are periodically made to thi s document. Changes, t echnical inaccuracies , and
typographic errors will be corrected
in subsequent editions.
System Guide
This product includes software developed by the Apache Software Foundation (http://
www.apache.org/).” SWOP® is a registered trademark of SWOP, Inc.
DocuSP includes use of GNU source and object code, which is subject to the terms of
the GNU GPL. Please review the GNU GPL terms and conditions to understand the
restrictions under this license. For more information on GNU, please go to http://
www.gnu.org/licenses/gpl.txt.
As a requirement of the GNU GPL terms and conditions, source code of the above
programs list can be found on the www.xerox.com website for the applicable DocuSPbased product or can be ordered from Xerox.
This information is provided for information purposes only. Xerox Corporation makes
no claims; promises or guarantees about the accuracy, completeness, or adequacy of
the information contained in this document and disclaims all liability concerning the
information and/or the consequences of acting on any such information. Performance
of the products referenced herein is exclusively subject to the applicable Xerox
Corporation terms and conditions of sale and/or lease. Nothing stated in this document
constitutes the establishment of any additional agreement or binding obligations
between Xerox Corporation and any third party.
System Guide i
System Guide
ii System Guide
Introduction
About this guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii-vii
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii-vii
Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii-viii
Customer support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii-viii
1 Gateway and Network Configuration
SNMP gateway configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Additional features supported in SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Changing attributes support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
SNMP MIB support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Automatic Meter Reading (AMR) support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Localization of text and units of measure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
SNMP configuration variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1- 6
Local User Interface (LUI) mapping to MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Printer and job messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
AppleTalk gateway configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
Queue server options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7
NetWare gateway configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
LPD gateway configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
Network configuration settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
IP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8
Dynamic Host Config Protocol (DHCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Name services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Windows Internet Name Service (WINS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Domain Name Service (DNS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-9
Network Information Services (NIS/NIS+) . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
Active Directory Service (ADS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
Network filing configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
LP/LPR compatibility with DocuSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
NPS lp-o and lpr-c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-10
Ethernet connection speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12
Restore network factory settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-12
Table of contents
2 Backup and Restore
Backup and Restore System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
When to Backup and Restore a System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Restore System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Instructions 2
Configuration Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
When to Backup and Restore a Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
Restore Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
DocuSP 4.x to 5.x upgrade 4
Full System Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Additional backup information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Backup and Restore Tray Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Frequently asked questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
DocuSP Emergency Recovery Utility (DSPERU) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
DSPERU limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8
Required levels of expertise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8
Installing DSPERU on your DocuSP controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9
Backup procedure - DSPERU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9
Testing the backup tape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10
System Guide i
Table of contents
Recovery procedure - DSPERU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-11
Backup and recovery caveats - DSPERU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-12
Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-13
Activity logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-13
Checking the tape drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-14
Resource Backup and Restore (RBR) utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-15
Procedure for backing up and restoring resources . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-15
Helpful hints for using RBR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-16
Sample resource backup and restore scripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-17
Sample backup script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-18
Sample resource restore script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-20
3 Security
System supplied security profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-1
Enable and disable services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-3
User level changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-7
Solaris file permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-7
Disabling secure name service databases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
Multicast routing disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
OS and host information hidden . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
Sendmail daemon secured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
Network parameters secured . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
Executable stacks disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
NFS port monitor restricted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-9
Remote CDE login disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-9
DocuSP router capabilities disabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-9
Security warning banners . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-9
Disabling LP anonymous printing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-9
Remote shell internet service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-10
enable-ftp and disable-ftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-10
Creating user-defined profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-10
Setting the current and default profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-10
Account management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-11
Local users and groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-11
Default user groups and user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-11
Creating user accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-12
Group authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-12
Password security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-14
Strong Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-15
How to Enable/Disable Strong Password . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-16
Login Attempts Allowed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-16
How to Enable/Disable Login Attempts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-16
Password Expiration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-16
Security Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-17
User Activity on the System 17
Date/Time User Login/Logout 17
Changing individual passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-17
Accessing DocuSP through ADS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-17
Configure DocuSP to Join the ADS Domain . . . . . . . . . . . . . . . . . . . . . . . . . .3-18
Map the ADS groups to the DocuSP user groups . . . . . . . . . . . . . . . . . . . . . .3-18
Log on to the system with ADS user names . . . . . . . . . . . . . . . . . . . . . . . . . .3-18
Troubleshoot ADS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-18
Limiting access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-18
ii System Guide
Secure Socket Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
Network Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22
Roles and responsibilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24
Security tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
4 Printing
Printing workflow options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
Multiple job submission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Parallel RIP processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
ASCII and PCL printing utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
LP/LPR compatibility with DocuSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
Highlight color programming in ASCII job ticket . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Resource based scheduling for NPS color . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Socket gateway configuration utility: setVPSoption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7
TIFF files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Administration page controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Performance considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Using VIPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11
Repository management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
Job previewing and editing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Printing hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16
Table of contents
IP Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
Remote Workflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
Using the DocuSP SSL/TLS Security Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
Creating and Using a Self-Signed Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
Using an Existing Signed Certificate from a Certificate Authority . . . . . . . . . . . . . . . . 3-21
Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22
Xerox responsibilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24
Customer Responsibilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25
Document and backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
Online Help for security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26
First In/First Out (FIFO) printing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
Resource based scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
ASCII and the PS or PCL decomposers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
setpclcontrol utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
setlp/lprcopycount utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
NPS lp-o and lpr-c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
TIFF orientation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Supported TIFF tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Save job options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
Scan to digital input on Nuvera 100/120 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
Copy input for multiple page TIFF files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
RIP input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
Copy/move/delete saved jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
Copying and saving jobs to CD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
Saving custom templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
Editing thumbnails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Using the PDF editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
5 Finishing
Subset finishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
Creating jobs to use subset finishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
Subset offset (Page Level Jog) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
PCL offset/separator/subset finishing command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
System Guide iii
Table of contents
PCL paper source command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-3
Tray mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-4
Stacking order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-5
Mixed stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-5
Additional finishing information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-6
6 Fonts
How to choose fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-1
Fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-1
PCL Offset Stacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-3
Using the PCS Separator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-3
Mapping trays to media . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-4
Backup and restore of tray settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-5
Downloading fonts from the network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-2
Resident fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-2
PostScript resident fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-2
PCL resident fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-5
Non-resident fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7
Downloaded fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7
Optional or soft fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7
Font substitution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-8
PostScript fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-8
PCL 5e fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-8
7 Accounting and Billing
Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-1
Accounting exported values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-1
Accounting file fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-2
Job Notes window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-7
Billing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-7
Billable events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-8
Billing meters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-8
8 Troubleshooting
Calling for service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-1
Declared faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-1
Printer fault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8- 2
Disk Usage - example of a declared fault . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-2
Job fault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8- 2
Undeclared faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-2
SNMP problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-3
Client problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-4
Windows problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-4
Macintosh problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-4
DigiPath/FreeFlow problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-5
GUI problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-5
Tape Client problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-5
Print quality problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-6
Font problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-6
Inoperable system problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-7
iv System Guide
Table of contents
Job flow problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7
Job integrity problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Tray to media mapping problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Gateway problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
PDL problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
PostScript problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
TIFF problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
PDF problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
Editor problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11
Restore password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-11
Restart DocuSP software without rebooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
Productivity and performance problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
Problems when saving a job . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
Printing system logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13
all_jobs_log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13
system_log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-13
status_log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14
ep_exception_log and ep_primary_log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14
LPR logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14
Printing the accounting log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-14
LP/LPR and the ASCII job tickets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Rebooting and restarting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Loading XJDC/Unix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-16
Configuring XJDC/Unix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-17
XJDC hints and tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-17
Output files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-18
Properly ejecting a diskette on a DocuSP station . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-18
Remote Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-19
9 Hints and Tips
General . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
Disabling the Solaris Screen Saver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
Common Desktop Environment (CDE) Front Panel Removal and Workaround . . . . . . 9-1
Color Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Settings for enhanced color output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Color job processing efficiencies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Time used to generate the PDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Time used to transfer PDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
Time required to RIP PDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
Time required to print PDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
Job submission hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
Number of images . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
PostScript preScan and full scan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
PostScript factory settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Job submission order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Job RIP hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
Variable data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
Image Quality (IQ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
Job printing hints . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7
Skipped pitches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7
PCI channel interface PWB trace capture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8
Perform a trace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8
Export the trace file to floppy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9
System Guide v
Table of contents
vi System Guide
About this guide
Introduction
The System Guide provides the information needed to perform
system administration tasks for configuring and maintaining the
Xerox Document Services Platform (DocuSP) for printing
systems.
This guide is intended for network and system administrators
responsible for setting up and maintaining Xerox printers with
DocuSP software. System administrators should have an
understanding of the Sun workstation, a familiarity with Solaris,
and with basic UNIX commands. This includes the use of text
editors such as vi or te xtedit a nd the abi lity t o mane uver withi n the
Solaris environment. To enable them to setup a customer site,
system administrators are expected to have a working knowledge
of Local Area Networks (LANs), communicat ion protocols, and t he
applicable client platforms.
Contents
In general, this document covers information about the DocuSP
that is not covered in the Online Help or other availabl e guides.
The following list describes the contents of this guide:
• Gateway and Network Configuration
• Backup and Restore
• Security and Network Setup
• Printing
• Finishing
• Fonts
• MICR
• Tape Client
• Accounting and Billing
• Troubleshooting
• Hints and Tips
System Guide vii
Conventions
Customer support
This guide includes the following conventions:
• Angle brackets - Variable information that is displayed on your
screen is enclosed within angle brackets; for example, “Unable to
copy <filename>.”
• Square brackets - Names of options you select are shown in square
brackets; for example, [OK] and [Cancel].
• Notes are hints that help you perform a task or understand the text.
Notes are found in the following format:
NOTE: This is an example of a note.
To place a customer service call, dial the direct TTY number for
assistance. The number is 1-800-735-2988.
For additional assistance, dial the following numbers:
• Service and software support: 1-800-821-2797
• Xerox documentation and software services: 1-800-327-9753
viii System Guide
Gateway and Network Configuration
1 Gateway and Network
Configuration
Gateway and network configur ation is a set of feat ures that al lows
administrators to integrate DocuSP operati on with a variety of
protocols and gateways through a common user interface . The
DocuSP gateway and network configuration also enables system
administrators to select all the network configuration settings
without having to work in the UNIX operating system.
Administrators have a wide range of network options available for
configuration through DocuSP. IP settings, network speed, and
name service among other settings can be handled easily and
quickly.
This section of the guide describes how to use the DocuSP
interface for the following gateways:
• Simple Network Management Protocol (SNMP)
• AppleTalk
• Novell N etWare
• LPD
This section also addresses the DocuSP support for the following
network configuration settings:
• IP configuration
• Name services
–WINS
– DNS
– NIS/NIS+
• Dynamic NDS Updates (DDNS)
• Filing configuration - SMB
• Filing configuration - FTP/SFTP
• Dynamic (DHCP) and Static configuration
• Ethernet speed
• Restore network defaults
SNMP gateway configuration
SNMP displays the status of network devices. Using the SNMP
tab in the DocuSP Gateways..., the administrator can select
among a number of features and settings for SNMP.
System Guide 1- 1
Gateway and Network Configuration
NOTE: SNMP requires a standard license. The System
Administrator must enable SNMP in License Manager.
Xerox recommends the following third–par ty SNMP software
managers:
• IBM Network Printer Manager (XP)
• TNG Unicenter (XP)
• HP OpenView (UNIX, XP)
• Xerox CentreWare (UNIX, XP)
NOTE: The SNMP manager (for example, HP OpenView) may
have a number of requests into DocuSP for information. The
requested information may not be among the supported data sets
on DocuSP. When this occurs, the SNMP client/manager displays
“no value...etc".
NOTE: You can have more than one SNMP manager running at
the same time.
Additional features supported in SNMP
SNMP support for the following features are product dependent:
• The ability to ‘SET’ attributes.
• The ability to localize text and units of measure.
• The ability to support a number of MIBs related to finishing and
printing.
• The ability to perform automatic meter readin g.
The following table specifies which Xerox pr oducts have these
SNMP supported features:
Table 1-1
Feature 61XX and
Ability to SET Attributes Y Y Y Y N Y
Localization of
Y Y Y Y N N
Attributes
SNMP Supported Features by Product
EPS 1XX
and EPS1XX
DC2000/
6000/etc
DT75/90 iGe n
Nuvera
100/120
Finishing Capability for
YN Y NNY
a Device MIB
Finishing Capability for
YNNNNY
a Supply MIB
Finishing Capability for
YN Y NNY
Attributes
1-2 System Guide
Gateway and Network Configuration
Feature 61XX and
Print Working Group
Job Monitor MIB
Auto Meter Reading/
Billing
Enhancement to
attributes
Changing attributes support
EPS 1XX
and EPS1XX
YYYYNY
YY N YNY
YYYYNY
These attributes can be changed via ‘SET’:
• prtGeneralServicePerson
• prtAuxillarySheetStartupPage
• prtGeneralPrinterName
• hrFSLastFullBackupDate
• hrFSLastPartialBackupDate
DC2000/
6000/etc
DT75/90 iGe n
Nuvera
100/120
• sysContact
• sysLocalization
•sysName
For additional information on attri butes, MIBs, and localization,
see device profiles.
SNMP MIB support
DocuSP SNMP MIB files use the Xerox Common Management
Interface (XCMI) version 4.0. The following list indicates the MIB
files included for this version of the DocuSP software:
• rfc1213 - RFC1213-MIB (MIB-II) - specifically system, if
• rfc2790/rfc1514 - HOST-RESOURCES-MIB (XCMI rev
numbers, at, ip, tcp, icmp, udp , snmp
000817) - rfc2790 is a later version of rfc1514. Specifically
hrDeviceTable and hrPrinter Table: hrSystem, hrStorage,
hrDeviceTable, hrPrinterTable, hrDiskStorageTable,
hrPartitionTable
• rfc2790t - HOST-RESOURCES-TYPES (XCMI rev 000815) same as 2.
• rfc1759 - Printer-MIB (XCMI rev 000818) - except fin tables
• 06gentc - X
• 07gen - X
System Guide 1- 3
EROX-GENERAL-TC
EROX-GENERAL-MIB
Gateway and Network Configuration
• 10 hosttc - XEROX-HOST-RESOURCES-EXT- TC - same as
• 11hostx - XEROX-HOST-RESOURCES-EXT-MIB - same as 2
• 15prtrxtc - XEROX-PRINTER-EXT- TC
• 16prtx - XEROX-PRINTER-EXT-MIB
• rfc1215 - SNMP traps version 1
Additionally the following MIBs files are supported:
• RFC 1213 MIB file
2
– The system Group
– The Interface Group
– The ip Group
– The icmp Group
– The tcp Group
– The udp Group
– The snmp Group
• Host Resource MIB file
– The System Group
– The Stora ge Group
– The Device Group
• Printer MIB file
– The General Printer Group
– The Input Group
– The Extended Input Group
– The Input Media Group
– The Output Group
– The Extended Output Group
– The Output Features Group
– The Marker Group
– The Marker Supplies Group
– The Marker Colorant Group
– The Media Path Group
– The Interpreters Group
– The Channels Group
– The Console Group
– The Alerts Groups
• Finishing MIB
– Finisher Device Group
1-4 System Guide
Gateway and Network Configuration
– Finisher Supply Group
– Finisher Supply, Media Input Group
– Finisher Device Attribute Group
• PWG Job Monitor MIB
– The General Group
– The Job ID Group
– The Job Group
– The Attribute Group
• XCMI Host Extensions
– Device Information Group
– Device Detail Group
• XCMI Service Monitoring MIB, Service Group for Print, Co py
and Scan
• Xerox General MIB file (uses only the 06gentc and 07gen files )
• The xcmGen Base Group
NOTE: The other files in Xerox General MIB are not supported.
Automatic Meter Reading (AMR) support
Automatic Meter Reading (AMR) is a function that assists in the
accounting and billing process. The featur e can be supported
using:
• xcmHrDevDetailIndex
• xcmHrDevDetailValue Integer
• xcmHrDevDetailValueString
Localization of text and units of measure
With DocuSP SNMP text and units of measure can be
independent of the locality selected as part of the Local User
Interface (LU I) .
System Guide 1- 5
Gateway and Network Configuration
Although the default is set so that the SNMP locality and unit of
measure is the same as that of the LUI, the new feature allows the
administrator to select a dif ferent locality or uni t of measure for the
SNMP gateway.
Remote SNMP clients can control the localization of text objects
of syntax
LocalizedDescriptionStringTC by setting the MIB object :
prtGeneralCurrentLocalization
Access is changed from Read-only to Read/Write.
However, Remote SNMP clients cannot control the units of
measure localization of numeric MIB objects. The localization of
these objects can only be controlled fr om the LUI.
SNMP configuration variables
Of the many parameters that are available for SNMP
configuration, only the ones of common interest to Xerox
customers are shown in the following table:
Table 1-2
Parameter Name Description
Configuration Variables
Value
Range
CommandLine Turn on/off the following flags:
–l: logging to SNMP_DEBUG_LOG
–w: logging to window
Printer operator The name of the printer operator Stri ng
(0...127)
Printer administrator The name of the printer administrator String
(0...127)
Printer administrator
location
Printer administrator
Phone
The location of the office of the printer
administrator
The telephone number for contac ting the
printer administrator
String
(0...127)
String
(0...127)
Printer location The location of the printer String
(0...127)
Default
Value
<empty>
<empty>
<empty>
<empty>
<empty>
1-6 System Guide
Gateway and Network Configuration
Local User Interface (LUI) mapping to MIB
The following table shows the mapping between the LUI and MIB:
Table 1-3
PrinterOperator prtGeneralCurrentOperator
PrinterAdministrator prtGeneralServicePersonsysCont
PrinterAdmin,
PrinterAdminURL
PrinterAdminPhoneNumbe
r
PrinterLocation sysLocation
LUI Mapping to MIB
Local User Interface MIB
Printer and job messages
SNMP can broadcast messages about the printer and the jobs on
the system. Printer messages may announce that the printer is
idle, printing, or out of paper. Job messages announce that jobs
are pending, processing, or completed. Other job-related
information may include the job owner’s name, the job quantity,
the job identifier, etc.
The information that is displayed at an SNMP Manager may not
always reflect the exact status of a job or printer on the DocuSP
Controller. Those Managers that do not support loading of
Management Information Bases (MIBs) only displays the printer
and job status that they support.
act
prtGeneralServicePersonsysCont
act
NOTE: “Forwarding” is not a job state that is broadcast by the
controller; therefor e, job forwardi ng information i s not displayed by
the SNMP job managers.
AppleTalk gateway configuration
In Gateways, using the Appl eTalk tab the administ rator can ena ble
or disable the protocol. If t he protocol is enabled, the administrator
can also select a default queue set for Appletalk.
Queue server options
In Gateways using the Queue Server tab, the administ rator has
the option to enable or disable NetWare and to define a Preferred
Server Name. This entry field allows the administrator an easy
method to directly point to a replica or NDS server name.
System Guide 1- 7
Gateway and Network Configuration
NOTE: It is recommended to set this after th e first connect attempt
has been made since the Preferred Server Name should be
automatically available under normal conditions.
NetWare gateway configuration
In Gateways using the NetWar e tab, the administrator can
configure the NetWare Network automatically or manually. If the
automatic mode is selected, a “wizard” steps the administrator
through the configuration of the Novell Server and the NetWare
Printer queues for DocuSP.
If the manual mode is selected, the interface enables manual
entry and filtering for the Novell setups and printer queues.
LPD gateway configuration
In Gateways using the LPD (Line Printer Daemon) tab, the
administrator can enable or disable the LPD protocol, set the
default queue, and set the LPD port. The default port is 515, the
most commonly used port.
Network configuration settings
Within the System Administration part of the user interface a
Network configuration options are present ed.
IP configuration
In Network Configuration, using the IP Address tab, the
administrator can enable or disable IP. If IP is enabled, the
administrator can adjust or change the following settings:
• IP Address
•Host name
• Subnet mask
• Default gateway
The administrator must also select the IP Configuration Method.
The drop down menu presents two options: a “Static” IP
configuration which allows the user to specify the IP values, or
“DHCP” method which allows a DHCP server to provide IP
information.
NOTE: The user is prompted whenever a reboot is required.
1-8 System Guide
Dynamic Host Config Protocol (DHCP)
Name services
Windows Internet Name Service (WINS)
Gateway and Network Configuration
DHCP automates the configuration of computers using TCP/IP
and performs the following functions:
1. Automatically assigns IP Addresses.
2. Delivers TCP/IP stack configuration parameters like the
subnet masks and default gateway.
3. Provides other configuration infor mation such as printer
addresses, time and news servers.
The following services are supported by DocuSP software.
This network configuration opti on all o ws the administrator to
enable/disable the WINS service. The text entry option when left
blank allows WINS to broadcast the request to the first available
WINS server on the network. WINS provides the ability to easily
locate devices on the network, similar to Domain Name System
(DNS). WINS maintains a database of NetBIOS names-to-IP
address mappings so administrators and applications can specify
a name rather than an IP address for a particular network
resource. One of the problems it solves is the need for manual
updates to a database when information for p articular clients is
changed.
Domain Name Service (DNS)
The DNS service maintains host names to IP Address mappings.
DNS is also a Directory Service that stores arbitrar y objects not
necessarily related to name-to-IP inf ormation.
In Network Configuration, using the DNS tab, the administrator
can enable/disable DNS. If enabled is selected, the administrator
must provide the information requested in the text entry windows.
The DNS protocol has also been enhanced to allow for dynamic
updating of DNS. The enhancement is referred to as Dynamic
Domain Name Service (DDNS). To invoke this service the
administrator enables it on the DNS tab.
NOTE: For specific procedures see the Online Help.
System Guide 1- 9
Gateway and Network Configuration
Network Information Services (NIS/NIS+)
NIS and NIS+ are network lookup services that provide
information that must be known t hrou ghout the ne twor k as well as
all machines on the network.
The administrator can enable or disable either the NIS or NIS+
service. If either of these is enabl ed, the adminis trator must s upply
the information requested by the text fiel ds or choose “Find NIS+
server” which will provide this same information.
NOTE: The server must be configured to accept broadcast
requests.
Active Directory Service (ADS)
The DocuSP interface provides a “wizard” that enables the
administrator to add ADS domains and permits DocuSP
integration into Windows NT ADS networks.
Network filing config uration
In Network Configuration, the SM/FTP t ab allows the admi nistrator
to enable or disable fil ing using one of t hree different technolog ies:
1. SMB, the protocol behind WINS.
2. FTP, File Transfer Protocol.
3. SFTP, Secure File Transfer Prot ocol with encryption.
NOTE: If SMB is selected, the administrator must enable WINS
and specify a NetBIOS name.
LP/LPR compatibility with Doc uS P
DocuSP-driven systems can now be targeted to existing NPS
customers for both black and white, and highlight color. DocuSP
now supports the following options.
NPS lp-o and lpr-c
There is support for NPS lp-o and lpr-c options; the lp/lpr options
are received by the LPR gateway and mapped to DocuSP
attributes.
The following NPS lp/lpr options are supported:
1. NPS general options
• C”(acct=< te xt)” (account inf o rmation)
1-10 System Guide
Gateway and Network Configuration
• C”(collated)”
• C”(uncollated)”
• C”(copies=<n>)”
• C”(drilled)”
• C”(format=<pdl>)” (document format)
• C”(media=<n>x<m>)”
• C”(pr=<n>-<m>)” (pages to print)
• C”(size=<n>)”
• C”(xshift)” (horizontal image shift)
• C”(yshift)” (horizontal side 2 shift)
• C”(xshiftback=<n>)” (vertical image shift)
• C”(yshiftback=<n>)” (vertical side 2 shift)
• C”(<nostich”l nost aple l stich l staple>l
2. Page order override
• C”(ton)”
• C”(nto1”)
3. Background forms
• C”(bf=<background form>”) (background form)
• C”(cf=<n>) (cycle from start location)
• C”(disposition=<savemaskG4 llsaveformG4>)”
4. Selectable halft one (not including full color)
• C”(halftone=<defaultHalftone l course l medium l fine l
extrafine>)”
5. Highlight color (highlight pri nting color)
• C”(hc=<color>)” (highl ight color mismatch action)
• C”(hcm=<abort l ignore l operator>)” (highlight mapping
color scheme)
• C”(hrc=<pictorial l presentation l colorToHighlight l
automatic )” (highlight mapping color)
• C”(mc= <color>)”
6. Hold job for manual release
• C”(hold)”
7. Selectable resolution
• C”(res=< l 300 l 600 l>)
8. Other
•C”(pcl5c)”
NOTE: See “Printing” in this guide for further informati on on
Highlight color options.
System Guide 1-11
Gateway and Network Configuration
Ethernet connection speed
In Network Configuration, using the Connections tab, the
administrator can select the speed of the Ethe rnet. The default is
set to automatic and the software/NIC card automatically detects
and transmits at the highest speed available. However, the
interface also offers 10 mb/sec, 100 mb/sec and 1000 mb/sec as
the situation requires.
The need to set a specific speed may occur if a switch is set to a
particular speed and does not support automatic negotiation.
Under these conditions, the full DocuSP controll er may need to be
set to the same speed as the switch.
Restore network factory settings
With the addition of several interface options as well as user
settings, the administrator may want to restore factory settings.
The interface provides a [Restore Defaults] button in Network
Configuration that permit s the admininst rator to rest ore all settings
or to restore factory settings for onl y those of specific protocols.
1-12 System Guide
2 Backup and Restore
To ensure a smooth transition from DocuSP software levels and to
maintain the DocuSP system for the long term, backing up and
restoring system and configuration information on a regular basis
is part of a well-maint ained printing environment.
This section presents the backup and restore capabilities of the
DocuSP controller.
The capabilities are:
• Back up and restore configuration infor ma tion
• Back up and restore system information
Backup and Restore System
Backup and Restore
• Backup System provides an image or copy of the hard disk,
and places this copy into a protected par ti ti on on the DocuSP
hard drive.
– Backup System provides a quick and e f fici ent way to bri ng
the system back up to a known installation .
– Systems must have either 73Gbyte drives or two 36Gbyte
drives and 4.1+ DocuSP software.
• Restore System brings back the entire disk copy for the
system, including the operating system, DocuSP software,
and user options. Only one version, at a time, of a Backup
System is supported.
– For new DocuSP systems or systems that have had a
clean installation, the Backup and Restore System
capability is available through the DocuSP interface.
– For existing DocuSP systems that have been upgraded
without the reinstallation of the operating system, backup
and restore system procedures are the same as in
previous releases of DocuSP. The backup and restore
function is documented later in this cha pter.
System Guide 2- 1
Backup and Restore
When to Backup and Restore a System
The following items detail when to use the backup and restore
system option.
It is recommended that the System Backup process be completed
after the system has been running in production for a week or two.
The System Backup should be performed once a month, and it
should be completed during a time when the printer is not in use,
such as at night.
Restore System
• To restore the system disk copy after a catastrophic software,
operating system, or other software failure.
• To restore the system when DocuSP or the operating system
has been compromised i.e. from a storm or if corrupted by a
power surge.
• To restore a known image of the entire system.
•Do not use when restoring after a hard disk failure.
Instructions
Restore System is performed via the System Restore Disk within
DocuSP software kits. Before a restore is attempted a previous
backup must have been completed.
Restore takes approximately 30 to 60 minutes.
• From the System menu select [Backup/Restore].
• Select the [Restore System] button.
Users are prompted to retrieve the System Restore disk from
the software kit. The cd-rom contains a bootable OS and
pointers to the /XRXbackup folder. It does not contain user
data.
• Insert the System Restore Disk.
• Type boot cd-rom on cd
Files are automatically copied onto the main drive p a rtitions.
Configuration Backup
The Backup Configuration option allows the Administrator to
select all or some of the DocuSP configuration settings to backup
and then restore. The backup configuration all ows for fast and
efficient saving of user settings. Backup Configuration allows for
2-2 System Guide
Backup and Restore
multiple versions, network backups, and quick restoration of user
information.
Software configuration information should be saved when the
system has been installed and all queues and printers have been
set up. It should also be saved when any printer or queue
properties are changed.
The Configuration Backup option enables you to select among
items like the following:
• Queues
• User accounts
• Network Setups
• Stock Database/Trays
• Stacker/Finisher settings
• Switches/Preferences
• LCDS Resources
• ICC Profiles/TRCs
• Image Quality and Decomposition
• Any mounted local or remote drives
Ideally, the Configuration settings should be backed up at weekly
intervals.
CAUTION: Avoid selecting the option to back up Jobs. The Jobs
selection in Configuration Backup saves the contents of the inQ,
which contains all J ob Manager (Active, Inactive, and Completed)
jobs. The backup may require a significant amount of time and
space to accomplish, and does not save any j ob ticket information.
If jobs are backed up, af ter a Configu ration Restore, the j obs need
to be submitted using the Print Service in order for them to be
available for print. If a DocuSP Restart is performed before the
jobs are resubmitted, the jobs are deleted.
CAUTION: Use the Print Service save and reprint capability to
save jobs for future use. Job ticket information as well as color
information is retained for each job.
NOTE: See Online Help for detailed procedures.
System Guide 2- 3
Backup and Restore
When to Backup and Restore a Configuration
The following items detail when to use the backup and restore
configuration option.
It is recommended that the Configuration Backup process be
performed in weekly or monthly interval s, and be completed
during a time when the printer is not in use, such as at night.
The Configuration Backup file can be saved to a shared network
drive.
Restore Configuration
• To restore customer settings after a hardware or hard disk
failure.
• For restoration after a software installation tha t included an
installation of the oper ating system.
• When you only need to restore i ndividual items, s uch as queue
setups, custom security profiles, network and gateway
settings, or paper stock o r tray mappings.
It is not recommended that jobs be backed up using the
Configuration Backup. Use the Print Servi ces feature to save
jobs as TIFF or FRF files on the DocuSP controller or on
another storage location. Using Pri nt Servi ces saves job ti cket
information as well as retaining color settings over software
upgrades.
• To restore customer settings after a hardware or hard disk
failure.
• For restoration after a full software reload
If only a software upgrade is performed on the DocuSP
controller, the system configuration information is typically
retained.
DocuSP 4.x to 5.x upgrade
DocuSP upgrade 4.x to 5.x will require a full reload of the
Operating System. The recommended process is:
• In 4.x, perform a Backup Configuration (all options)
• Full load of the OS and DocuSP software
• Print seve ra l prints
• Restore Configuration of the 4.x on the 5.x release.
NOTE: See Online Help for detailed Restore Configuration
procedures.
2-4 System Guide
Full System Backup
\
Backup and Restore
It is recommended that a complete system image be bac ked up on
a regular basis. Having a current system image ensures tha t in the
event of a failure of the system or the hard disks, the system can
be easily restored.
The system requirements to enable a full system backup are the
following:
• 73 Gbyte drives are the minimum requirement s for a syst em to
utilize this function. An alternative is two 36 Gbyte 2-partition
drives.
NOTE: Do not use a System Restore when there has been a hard
drive failure. The Backup System is only a partition of the hard
drive.
NOTE: Refer to the appropriate Online Help for detailed
procedures and SUN documentation for additional information on
saving a system image.
Additional backup information
The following information is not backed up using the DocuSP
System or Configuration backup utilities, and should also be
backed up on a regular basis or when the DocuSP controller has
been modified.
• Customized scripts installed by the customer
• Unique third–party sof tware and related data, or Xerox–
developed solutions and related data
• Print Services (reprint) jobs saved to the DocuSP controller
using the Save Feature
• Non–Xerox supplied Sun patches
• Customized links to directories
• Continuous Feed custom imposition files
• Continuous Feed custom print mark files
Backup and Restore Tray Mapping
Tray Mapping is consider ed a configuration item that may be
backed up and restored to a different system if desired. The
System Guide 2- 5
Backup and Restore
administrator may do this using the Configu rat ion Backup and
Restore capabilities of DocuSP.
The primary purpose for backing up and restoring tray ma ppings
is for LCDS printing environments that require job specific tray
mappings to be copied to multiple systems.
NOTE: If the saved mapping contains programming for stocks that
physically cannot be programmed on the new syst em, then this is
an error and the oper ation does not c ontinue. Likewise, a mapping
created for a monochrome, highlight c olor, or full color system can
only be restored on the same type of system. A mapping that
contains the LCDS stocks MAIN, AUX and AUTO can only be
restored on a system with these features.
NOTE: However, if a mapping cont ains more trays than the
system to which it is restored, only those trays that can be
supported are restored. And if the mapping contains fewer trays
than the new system can support, the restore is allowed.
Frequently asked questions
What is the basic purpose of Configuration Backup and
Restore?
The basic purpose of Configuration Backup and Restore is to save
user settings for upgrade after an operating system reload.
Configuration Backup and Restore is useful for restoring user
configurations at a clean Solaris/DocuSP installation or after a
hard disk failure.
What is the basic purpose of System Backup and Restore?
The basic purpose of System Backup and Restore is to save a
snapshot of the entire Solaris and DocuSP disk for recovery at a
later time. System Backup and Restore is useful for restoring the
system quickly after the corruption of the software.
What older DocuSP tools do these options replace?
For Configuration Backup, the Bridge backup tool used by the
Xerox Service Representati ve. In addit ion, ce rtai n informati on had
to be recorded by hand or on hardcopy for manual restoration.
For System Backup, the DSPERU or UNIX UFS dump routines.
DSPERU is still available to perform a System Backup. Refer to
the procedures later in this section for more information.
What does Configuration Backup and Restore actuall y
save?
Configuration Backup saves user defined setti ngs only. It does not
save operating system or DocuSP softwar e. It does not fix
software corruption failures.
2-6 System Guide
Backup and Restore
What does System Backup save?
System Backup makes a snapshot or image of the entire disk,
including the operating system and DocuSP software. The image
is saved in a special protected/ unmounted p ar tition, /XRXBacku p,
on the DocuSP hard disk. It will fix software corruption issues.
How big are the files?
Configuration files c an be very small, depending upon the opt ions
selected during the backup.
The System Backup partition is set at 10 Gbytes specifically for
the system image.
Where are the files saved?
Configuration files may be saves to any available DocuSP
location, including t he local hard disk or a shared network drive.
System files can only be saved to the /XRXBacku p partition on t he
DocuSP hard drive.
How long does the process take?
Depending upon the number and size of the items to be saved, a
configuration backup can be very short or very long.
A system backup may take over an hour to complete.
What schedule should be used?
Configuration information should be backed up weekl y or more
often as necessary. Multiple versions of the files may be
maintained for futur e use. Saving a small set of very important
items can make the process very fast.
System information should be backed up bi-weekly or monthly.
Only one version of the system image can be maintained at a
time.
DocuSP Emergency Recovery Utility (DSPERU)
NOTE: The DSPERU utility is applicable to systems configured
with a floppy drive. This feature may not be available on all
systems.
The DocuSP Emergency Recovery (DSPERU) utili ty is specifically
designed for backing up and restoring DocuSP systems. The
utility allows you to restore the syst em fil es to a hard drive that is
larger or smaller than the one on which the files were originally
backed up, assuming there is enough space on the target drive to
hold the data. The utility formats the drives without the need to
install Solaris bef ore restorin g, which saves fr om 30 to 75 minutes.
This section conta ins instructions for runni ng the DSPERU scripts
from diskette.
The DSPERU diskette contains the following files:
•btt
• change_log.txt
System Guide 2- 7
Backup and Restore
DSPERU limita tions
• dsp_backup_run
• dsp_dump
• dsp_restore
• dsperu_setup
• format.ans
• response.txt
• sdpart_skel.txt
• The scripts on this disket te are still under development. There
is limited error checking. Therefore, the scripts may displ a y
error messages or may not run as intended, if there are
unexpected differences between your sy stem and the systems
on which the scripts were tested.
• DSPERU is designed to enable operational recovery of a
failed system. It is not intended to subs titute for a commercial
backup utility or a robust Backup/Restore and Disaster
Recovery plan. Data integrit y upon restoration cannot be
guaranteed.
• DSPERU does not back up external drives. Use the Tapetool
utility to back up external drive data.
• DSPERU does not give the option of partial or incremental
backups.
Required levels of expertise
The DSPERU tool was designed to be easy to use. However,
some assumptions have been made regarding the level of
knowledge required to perform various setu p, backup, and
recovery tasks.
Setting up the tool for use on a system and performing a recovery
requires some level of comfort with entering UNIX commands.
The commands are not complex, but if you have no UNIX
experience, you may require assistance initially.
To initiate a backup, you must know your system root password
and how to open a Terminal window.
The following levels of expertise are required to perform the
necessary functions:
• Set up DSPERU tool on system: Customer systems
administrator, Xerox system analyst or service representative.
• Initiate DSPERU backup: Printer operator, customer system
administrator, Xerox analyst or service representative
2-8 System Guide
• Initiate DSPERU recovery: Customer system administrator,
Xerox system analyst or service representative
Installing DSPERU on your DocuSP controller
1. Insert the diskette containing the scripts into the diskette drive.
2. Open a Terminal window and logon as root user.
3. Enter volcheck to mount the diskette.
4. Enter sh /floppy/floppy0/dsperu_setup to launch the setup
script.
5. Eject the diskette by entering cd;eject.
The setup script does the following:
• Creates the directory /export/home/xrxusr/backup.
• Copies the btt file to the /export/home/xrxusr directory.
• Copies the dsp_backup_run and dsp_dump files to the
backup subdirectory.
Backup and Restore
If DSPERU was previously set up on your system, an error
message may be displayed when it tries to perform the setup
again.
If the files and directory listed above are present, the installation
was successful.
Backup procedure - DSPERU
The following information and equipment are required prior to
starting the backup.
• The root password
• A tape drive connected and powered on with a blank tape
inserted. Ensure the tape is write-enabled (write-protect tab in
the closed position).
NOTE: The backup overwrites the tape cartridge that is inserted.
Ensure that no valuable data is present on the tape if it is not
blank. The tape is overwritten with no warning.
NOTE: The system is rebooted during the backup process.
Ensure that the system is not actively receiving jobs before
starting the backup. It is recommended that you set all queues to
[Accept = No] and [Release = No] in the Queue Manager prior to
initiating a backup.
1. Ensure a blank tape cartridge has been inserted into the tape
drive.
2. Open a terminal window and logon as root.
System Guide 2- 9
Backup and Restore
3. From the /export/home/xrxusr dir ectory, enter ls to list all
files. Verify that the file btt is listed. If it is not, repeat the
DSPERU installation procedure desc ribed in the previous
section.
4. Enter sh btt to initiate the backup. The system reboots and
starts the backup.
If the system returns the message btt: not found, verify that you
are in the right directory by entering pwd to verify your location. If
you are in a different directory, enter the following command to
change to the correct one.
cd /export/home/xrxusr
The system generates a message approximately every 10
minutes during the backup with an estimat e of how long it will take
to complete the backup from that point.
NOTE: If all the data cannot be stored on one cassette, the
system pauses when it detects that the tape is full, and displays
messages similar to the following:
DUMP: End-of-tape detected
DUMP: 42.23% done, finished in 1:01
DUMP: Change Volumes: Mount volume '#2' on 'bugs:/dev/rmt/0n'
DUMP: NEEDS ATTENTION: Is the new volume (#2) mounted on
'bugs:/dev/rmt/0n' and ready to go?: (yes or no)
Label the next cassette "Vol 2," insert it into the tape drive, then
enter yes. This message set is repeated for as many tapes as
required to complete the backup.
IMPORTANT: Proper labeling of the tape is essential to a
successful recovery. As the system requests additional tape
cartridges, be sure to label the t apes in the correct sequence
(for example, Vol #1, Vol #2, etc.). I f you i nsert the tapes in the
wrong order during the recovery, the restoration fails.
NOTE: Due to the current DocuSP licensing protection scheme,
tapes can be restored only to the system from which they were
backed up. In other words, tapes from one system cannot be used
to "clone" another syst em. Any attempt to do this will inval idate the
DocuSP license, and a full reloading of softwar e will be required to
make the system operational.
If you have multiple printing systems, it is recommended that
tapes be labeled with the hostname of the system to reduce the
possibility of restoring to the wrong system.
Testing the backup tape
The following procedure enables you to check if the backup tape
contains valid d ata .
2-10 System Guide
Backup and Restore
1. Ensure that the tape drive is connected and powered on.
Insert the backup t ape i n the t ape dr iv e. If t he bac kup requi re d
more than one cassette, make sure that the first tape (Vol 1) is
inserted.
2. Open a Terminal window and logon as root user.
3. Enter mt -f /dev/rmt/0 status to check the tape drive status.
The system returns a message indicating the type of tape
drive.
If the system generates the error message /dev/rmt/0: no
such file or directory, enter mt -f /dev/rmt/1 status. If the
error message is displayed again, repeat steps 1 through 3 of
the "Checking the tape drive" procedure, described later in this
chapter. If the problem persists, call for service.
4. When the tape drive location has been verified, enter the
following command:
ufsrestore tvf /dev/rmt/xbn
where x is either 0 or 1, depending on the value that you used
in step 3. After a few second s, the sy stem sta rt s displaying t he
contents of the tape cassette.
To stop the scrolling display, press <CTRL-c>. When prompted
to discontinue the display, enter y.
Recovery procedure - DSPERU
Before starting the recovery procedure, ensure that the following
has been done:
• The tape drive must be connected and powered on.
• The tape cassett e to which t he system was back ed up must be
inserted. If there are multiple tapes, tape 1 must be inserted
first. The system prompts you to insert each subsequent
cassette when it is required.
• The system must be powered on with the controller screen
displaying the ok prompt. (To display this prompt, press
<Stop><A>.)
IMPORTANT: Insertion of the tape cartridges in the correct
sequence is essential to successful recovery. When the
system requests additional tape cartridges, be sure to insert
the tapes in the cor rect sequence (f or example, Vol #1, V ol #2,
etc.). If the tapes are in serted in the wrong order during the
recovery process, the restoration will fai l.
1. Insert the appropriate Solaris CD for the control ler and
DocuSP software version that i s being restored (Solar is 2.6 for
DocuSP 2.X, Solaris 8 for DocuSP 3.X, etc.).
System Guide 2-11
Backup and Restore
NOTE: Systems equipped with Tandberg Data tape drives must
be booted with Solaris 8 CDs, regardless of the version of DocuSP
being restored. The Solaris 2.6 CD does not properly recognize
these drives and causes an unrecoverable read error during the
recovery operation.
2. Write-enable the DSPERU diskette (tab window closed) then
insert the DSPERU diskette into the floppy drive.
3. From the Ok prompt, enter boot cdrom -sr to boot the system
from CDROM into single-user mode. It may take up to five
minutes to boot.
NOTE: To stop the system at the ok prompt, power on the
controller, then press <Stop> and <A> simultaneously as soon as
the screen lights.
If the system is already powered on, logon as root, then enter halt
to display the ok prompt.
1. Enter mount /dev/diskette /a to mount the diskette.
2. Enter sh /a/dsp_restore to launch the recovery script.
3. If multiple tapes were used during the backup, the system
pauses at the end of each tape and displays a message
similar to the fo llo w ing:
Mount volume 2 then enter volume name (default: /dev/rmt/
0bn)
Insert the cassettes in sequence as t he sys tem re quest s them.
The system reboots when the recovery is complete.
NOTE: The UNIX ufsrestore utility does not provide the option for
estimating how a long a recovery will take. However, the normal
amount of time required for recovery is approx imately 3 times as
long as backing up the system.
Examples:
• 4mm Tape, DocuSP 2.X system, very few or no customer files:
0:20 to backup, 1:00 to restore
• QIC Tape, DocuSP 6180 EPS 2.X, 500 Meg customer
resource files: 1:30 to backup, 4:30 to restore
• 4mm Tape, DocuSP 3.X, very few or no customer files: 45
minutes to backup, 2:15 to restore
Backup and recovery caveats - DSPERU
Because recovery returns the system to the state that it was in
when it was last backed up, certain unexpected or undesirab le
situations may be encountered. A list of known issues is provi ded
below and will be updated on a continuous basis. Where
available, a workaround is provided.
2-12 System Guide
Troubleshooting
Backup and Restore
• Accounting logs are restored to their pr evious values. If you
use the accounting logs for your own internal billing, you need
to be aware of this and make the necessary adjustments.
• Jobs that are saved on the system or in a Hold state are
restored. If you are sure that you do not want these job files
restored, you must delete them prior to performing a backup.
• User and file permission changes made after a backup are lost
after system recovery. In some instances this could pose a
security risk and must be understood by your system
administrator.
• Any software problem exis ti ng in t he system when it is bac ked
up is likely to resurface after a recovery. Perform a backup
performed only on a properly functioning system. Do not
initiate a backup while the system is in diagnostics.
Activity logging
The file backup.log is used to record backup act ivities. I t is saved
in the /export/home/xrxusr directory. The first line of the backup
log contains the system name and the time and date the backup
was initiated.
To prevent the log being overwritten by a subsequent backup,
rename the log. Y o u should give it a name that is somehow related
the date that the backup was made (for example,
backup040402.log).
To rename the log, perform the following steps:
1. Open a terminal window and logon as root user
2. Enter pwd to verify that /export/home/xrxusr is the current
directory.
If it is not, enter cd /export/home/xrxusr to change to it.
3. Enter ls to display the content s of the directory. One of the files
listed should be backup.log.
4. Change the log name to your desired name by entering the
following command:
mv backup.log logname
where logname is the name you have selected fo r your backup
log.
The file restore.log is used t o record recovery ac tivities. It is in the
root directory of the DSPERU diskette. Please note that this
diskette, and therefore t he log is only r eadable o n a UNI X system.
The first line of the log, contains the ti me and date the recovery
was initiated. To prevent the log from being overwritten the next
time a recovery is performed, rename th e log . You should give it a
System Guide 2- 13
Backup and Restore
name that is somehow related the date that the recovery was
made (for example, restore040402.log).
Checking the tape drive
If the backup or recovery script generates an error message
indicating that the tape drive cannot be found, perform the
following steps:
1. If DocuSP is running, follow the procedures in your customer
documentation to s hut down and power of f the controll er. If the
system displays a # prompt, enter halt. When the OK prompt
is displayed, power off the controller.
2. Power off the tape drive.
3. Ensure that the SCSI cable connecting the tape drive to the
controller is securely connected. If the tape drive is your
system's only external SCSI device, there should be only one
SCSI cable connected to the tape drive, and it should be
connected to the In connector.
If there are other SCSI devices (for example, external hard
drives), ensure that the cable connected to the In connect or leads
back towards the controller (even if there is another device
between the tape drive and the controller). Also verify that there
are no bent pins on the connector.
1. If the tape drive is an older unit (for example, an 8mm
DocuTech tape drive) with a 50-pin SCSI connector, a
terminator must be installed on the Out connector if the tape
drive is the last device on the SCSI chain.
NOTE: The 50-pin connector is approximately 1.5 inches wide.
Newer tape devices have a 68-pin Ultra-SCSI connector, which is
1.75 inches wide.
NOTE: The 4mm and QIC tape drives are all Ultra-SCSI devices.
These are auto-terminating so no external terminator is needed.
2. Check the SCSI ID selector and ensure that i t is not set to 0, 1,
3 or 6. These settings could pos sibly conflict wit h internal SCSI
devices on some controller types. If there are other external
devices, ensure that no two devices are set to the same SCSI
ID.
NOTE: The SCSI device ID selector is a small window with two
small buttons, located on the back of the drive. Press the buttons
to change the value, if necessary.
3. Ensure that the tape inserted in the drive is a regular tape and
not a cleaning tape.
4. Power on the tape drive, and wait 10 seconds.
5. Power on the controller.
6. Press <Stop + A> as soon as the banner screen appears.
2-14 System Guide
7. Ultra-SCSI devices only: Check that both green LEDs on the
back of the tape drive are lit.
8. At the ok prompt, enter boot -r to perform a reconfiguration
boot.
If problems recognizing the ta pe dri ve persist, call for service.
Resource Backup and Restore (RBR) utility
The Resource Backup and Restore (RBR) utility allows you to
back up and restore customer resour ces such as Post Script font s,
LCDS resources (JSLs, JDLs, etc.), VIPP files, and cust om color
profiles on color printi ng syst ems. The RBR util ity backs u p files t o
either magnetic tape or the controller internal hard drive. You can
then use the backup disk file or t ape to rest ore t he resource s onto
your controller or other DocuSP controller s.
The following resource files may be backed up to either tape or
file:
Backup and Restore
• LCDS resources: All files in the lcds resource library, located
at:
/var/spool/XRXnps/resources/lcds
• PS fonts: All PostScript font files in the following directory:
/var/spool/XRXnps/resources/ps/fonts
• Color resources: User TRCs, user ICC profiles, and the
ccprof.tv file, which associ ates the ICC pr ofiles wit h your stock
database
• VIPP resources: Customer VIPP files in t he followin g directory :
/var/spool/XRXnps/resources/XRXxgfc
• Stock Programming database: The media.tv file
NOTE: Use the Media Restore option (Options 3 and 4 of the
Restore Menu) only if you are restoring files to the same release
of software from which you backed them up. Otherwise, the
results are unpredict able and may require scraping the machine.
Procedure for backing up and restoring resources
This procedure requires root access to the DocuSP cont roller so
that the necessary permissions are available to restore the
resources.
NOTE: For these instructions, it is assumed that you have some
working knowledge of the UNIX operating system.
The RBR script file is available in the /opt/XRXnps/bin directory
of your installed DocuSP 3.6 controller.
System Guide 2- 15
Backup and Restore
Helpful hints for using RBR
1. Open a Terminal window.
2. Enter su.
3. Enter the root password for your system.
4. Change to the directory containing the script.
5. cd /opt/XRXnps/bin
6. Ensure that the executable permission is assigned by
following this procedure:
7. Enter ls -l.
8. If x permission is not assigned, enter - chmod +x RBR.
9. Start the script by entering ./RBR.
10. Follow the instructions as they appear on screen to complete
the resource backup procedure.
• If you are backing up a large amount of resources, you can
monitor the progress of the backup by opening an additional
Terminal window and entering:
tail -f /var/spool/XRXnps/log/Resource_BandR.log
• If you are backing up the resources to tape, you need to know
the device ID of the tape drive. There are several ways to
verify the ID and operability of your tape drive.
– If you have only one tape drive, the ID is usually 0.
– If you have two tape drives, each drive is assigned an ID
starting with 0.
– You should use the mt command to check the operation of
your tape before beginning. Following are some examples of
the mt command.
mt -f /dev/rmt/0 status
mt -f /dev/rmt/0 rewind
mt -f /dev/rmt/0 erase
• When restoring files, the RBR script fi rst makes a backup of
the resources that are currently installed on the system. After
the original files are backed up, the backup files are restored,
and then the original files are restored. This ensures that
newer files are not overwr itten wit h older fi les that are restor ed
from the backup.
If this is not your intent, use the mv command to remove the
existing resources from their direct ory so that all the resources
from the backup are restored. For example:
mv /var/spool/XRXnps/resources/lcds /export/home/
xrxusr
2-16 System Guide
• Unless you are backing up files and restoring them to the
same software release, do not use the RBR utility to rest ore
the Stock Database programming.
You can use the Restore Stock Database option to back up
files from DocuSP 2.1 or 3.1 and restore them to DocuSP 3.6
or above.
However , if you restore the stock dat abase progr amming from
DocuSP 2.1 to DocuSP 3.1, the database manager may not
comprehend the older version of the stock database file, and
the Restore process would render the software inoperable. A
scrape would then be required to correct the problem.
Use the Backup and Restore Bridge tool delivered with your
DocuSP software to perform the Stock Database Restore.
Sample resource backup and restore scripts
Following are examples of resource backup and restore scripts.
Responses by the user and user-specific information provided by
the RBR utility are shown in boldface type.
Backup and Restore
System Guide 2- 17
Backup and Restore
Sample backup script
# ./RBR
MAIN MENU
Please enter your selection:
1) Backup resources
2) Restore resources
3) EXIT
Select (1,2,or 3)? > 1
You have selected Backup resources.
Backing up 10895 LCDS resources to /export/home/xrxusr/j bs/
wiggum_25_Jul_09:54.tar.
This may take some time.
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
Backing up 180 PS fonts to /export/home/xrxusr/jbs/
wiggum_25_Jul_09:54.tar.
This may take some time.
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
No user trc's were found. No user trc's were backed up,
No ICC profiles were found. No ICC profiles were backed up.
Backing up ccprof.tv file to /export/home/xrxusr/jbs/
wiggum_25_Jul_09:54.tar.
This may take some time.
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
No customer VIPP files found.
Backing up media.tv file to /export/home/xrxusr/jbs/
wiggum_25_Jul_09:54.tar.
This may take some time.
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
a /opt/XRXnps/configuration/media.tv.bak 44K
Done
Compressing /export/home/xrxusr/jbs/wiggum_25_Jul_09:54.tar.
Please wait ...
Done.
Your files have been successfully backed up and compressed.
File name is /export/home/xrxusr/jbs/wiggum_25_Jul_09:54.tar.Z
Do you want to copy file to QIC tape? (Y/N) > y
Please enter a device ID for the QIC tape drive [Generally 0 (digi t
zero)]:0
2-18 System Guide
Backup and Restore
Please insert a QIC tape into QIC tape drive
Press RETURN/ENTER when ready. >
Copying file to QIC tape. A blinking light on the tape drive is an
indication that backup is progressing.
See /var/spool/XRXnps/log/ Resource_BandR.log for list of files
that were backed up.
Press RETURN/ENTER to continue. >
System Guide 2- 19
Backup and Restore
Sample resource restore script
MAIN MENU
Please enter your selection:
1) Backup resources
2) Restore resources
3) EXIT
Select (1,2,or 3)? 2
RESTORE MENU
Please enter your selection:
1) Restore Resources from Tape
2) Restore Resources from File
3) Restore stock programming from Tape
4) Restore stock programming from File
5) Back to Main Men u
Select (1,2,3,4 or 5)? > 1
You have selected Restore Resources from Tape.
Please enter a device ID for the QIC tape drive [Generally 0 (digi t
zero)]:0
Please insert a QIC tape into QIC tape drive
Press RETURN/ENTER when ready. >
Backing up current resources, so that newer files will not be
overwritten.
This may take some time.
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
No user TRC's were found.
No ICC profiles were found.
Done.
We will now restore your resources from the QIC tape.
A blinking light on the tape drive is an indication
that backup is progressing.
About to uncompress /export/home/xrxusr/j bs/
wiggum_25_Jul_09:54.tar.Z
This may take some time. Please wait ...
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
Uncompress and tar successful.
We will now restore the newer files.
This may take some time.
Check /var/spool/XRXnps/log/Resource_BandR.log file to view
progress.
2-20 System Guide
Done.
Press RETURN/ENTER to continue. >
MAIN MENU
Please enter your selection:
1) Backup resources
2) Restore resources
3) EXIT
Select (1,2,or 3)? 3
You have selected EXIT.
Cleaning up.\:
Done.
Backup and Restore
System Guide 2- 21
Backup and Restore
2-22 System Guide
3 Security
This section describes the DocuSP system-supplied security
profiles. It outlines the charact eristic s of each profil e and indicates
how each can be customized to create user- defined profiles. The
enhanced security features in DocuSP protect the system against
unauthorized access and modification.
This section also addresses the options available to the
administrator in setting up and managing user accounts.
Finally this section offers general guidelines to security-related
procedures that can be impl emented to imp rove the securi ty of the
DocuSP controller and the Solaris OS.
System supplied security profiles
Security
The four system-supplied profiles are: none, low, medium, and
high. The following table describes the characteristics of each
security level and the configurable settings that restrict access to
various devices and operating system ser vices.The default set ting
is “Low .”
Table 3-1
Profile Characteristics User Compatibility Comments
None Default Solaris and
system security.
All ports are open.
Walkup users can repr int
anything.
Full workspace menu is
available.
Auto logon is enabled.
Security Profiles
Physically
closed
environments.
Close to
DocuSP 2.1
and 3.1.
Similar to
DocuSP 3.X
“Medium”.
Anonymous FTP is
read-only and
restricted.
The Solaris
desktop is removed
from all settings
except none.
System Guide 3- 1
Security
Profile Characteristics User Compatibility Comments
Low FTP is enabled.
Telnet, rsh is disabled.
NFS client is enabled.
AutoFS is enabled.
Walkup users can repr int
from “Saved Jobs” and
CD-ROM.
Terminal window is
password protected.
Auto-login is enabled.
Medium FTP is enabled.
telnet, rsh is disabled.
NFS client is disabled.
AutoFS is disabled, e.g./
net/<hostname>and
home/<username> are
not automatically
mounted.
NFS server is filtered via
RPC tab.
Walkup user can reprint
from CD_ROM.
Terminal window is
password protected.
First choice
setting for
most
environments.
Environments
requiring high
security but
with a need to
integrate
DigiPath.
Similar to
DocuSP 3.x
“High”.
Supports
DigiPath
workflow.
Supports
DigiPath
workflow.
Anonymous FTP is
ready-only and
restricted.
T o enable telnet , go
to [Setup], [FTP/
Remote
Diagnostics].
“Low” is the default
setting.
Anonymous FTP is
ready-only and
restricted.
T o enable telnet , go
to [Setup], [F T P /
Remote
Diagnostics].
High FTP is disabled.
telnet, rsh is disabled.
NFS client is disabled.
AutoFS is disabled, e.g./
net/<hostname>and
home/<username> are
not automatically
mounted.
NFS server is disabled on
customer network.
Walkup users cannot
reprint anything.
Terminal window is
password protected.
Auto login is disabled
(login is always required
from GUI).
Custom Any profile can be edited
to adjust to user needs
NOTE: Regardless of the security profile, anonymous FTP is
Read-only with restricted access to /export/home/ftphome only.
For
government
market.
Does not
support
DigiPath
workflow.
File FTP is
disabled.
File transfer can be
done via Secure
FTP.
For CFA support,
that is FTP upload
of outload, go to
[Setup], [FTP/
Remote
Diagnostics] menu.
3-2 System Guide
Enable and d is a b le se rvices
The following tables provide a list of the ser vices that can be
enabled and disabled from the DocuSP “Setup > Security Profiles”
menu options.
Security
Table 3-2
System Service Description
Allow_host.equiv_plus Background: The /etc/hosts. equiv and /.rhost s files provide the remote
authentication database for rlogin, rsh, rcp, and rexec. The fil es
specify remote hosts and users that are considered to be trusted.
Trusted users are allowed to access the local system without
supplying a password. These files can be removed or modified to
enhance security. DocuSP is provided with both of these files deleted
entirely. The setting All_host.equiv_plus is set to disabled, then
anytime that security settings are applied, the + will be removed from
host.equiv . IMPOR T ANT NOTE: Removing the + from the host s.equiv
file will prevent the use of the Xerox command line client print from
remote clients. An alterna ti ve would be to remove the + and add the
name of each trusted host that requires this functionality. Leaving the
+ will allow a user from any remote host to access the system wit h the
same username
BSM Enable or disable the Basic Security Module (BSM) on Solaris
Executable Stacks Some security exploits take advantage of the Solaris OE kernel
executable system stack to attack the system. Some of these exploits
can be avoided by making the system stack non-executable. The
following lines are added to /etc/system/fP file:set
noexec_user_stack=1s et noexec_user_stack_log=1
“System” ta b
Remote CDE Logins Deny all remote access (direct/broadcast) to the X server running on
DocuSP by installing an appropriate /etc/dt/config/Xac cess file.
Router Disable router mode by creating an empty the empty file: /etc/
notrouter.
Secure Sendmail Force sendmail to only handle outg oing mail. No i ncoming mai l wi ll b e
handled by sendmail.
Security Warning
Banners
RC2 Service Description
S40LLC2 Class II logical link control dri ver
S47ASPPP Asynchronous PPP link manager. This service is re-enabled via
System Guide 3- 3
Enable security warning banners to be displayed when a user logins
or telnets into the DocuSP server.
Table 3-3 “INIT” tab RC2 section
enable-remote-diagnostics command.
Security
RC2 Service Description
S70UUCP UUCP server
S71LDAP.CLIENT LDAP daemon to cache server and client information for NIS lookup s.
S72AUTOINSTALL Script executed during stub JumpStart or AUTOINSTALL JumpStart
S72SLPD Service Location Protocol daemon
S73cachefs.daemon Starts cachef s file systems
S73NFS.CLIENT NFS client service. Disables the statd servi ce which is only required if
your system is an NFS server or a client.
S74AUTOFS The automountd service is only required if your system uses NFS to
automatically mount file systems. Stopping the autofs subsystem will
kill the running automountd daemon and unmount any autofs file
systems currently mounted.
S80SPC SunSoft Print Client daemon
S88SENDMAIL The sendmail daemon is used to send mail over the internet.
Sendmail has some security issues that are addressed by more
recent Solaris patches than those currently loaded with the DocuSP
software. If sendmail is not required, it can be disabled with the
following procedure.
S90WBEM CIM Boot Manager. Disables WBEM clients from accessing DocuSP
server.
Table 3-4
RC3 Service Description
“INIT” tab RC3 section
S15NFS.SERVER NFS Server. Disable ability to export DocuSP Server file systems.
This service is enabled if DigiPath and Decomposition Ser vices
(NetAgent) are enabled.
S17BWNFS.DAEMON Secure mounted file systems. There are two shared file systems that
are exported by DocuSP. The two directories are only required for
anyone with XDOD version 3.0 or below. With the release of DigiPath
Version 1.0, it is not necessary to export these file systems.
S76SNMPDX Sun Solstice Enterprise Master Agent. Solaris SNMP services are
disabled. This does not prevent DocuSP SNMP services from
operating.
S77DMI Sun Solstice Enterprise DMI Service Provider
S80MIPAGENT Mobile IP agent
3-4 System Guide
Security
Table 3-5
INETD Service Description
amiserv RPC Smart Card
“INETD” tab
Not used by DocuSP
Interface
cachefs Cached File System
Not used by DocuSP
server
chargen Character Generator
Protocol server
Sends revolving pattern of ASCII characters.
Sometimes used in packet debugging and can
be used for denial of service attack s. Not used
by DocuSP
comsat Biff server comsat is the server process which listens for
reports of incoming mail and notifies users who
have requested to be told when mail arrives . Not
used by DocuSP
daytime Daytime Protocol
server
Displays the date and time. Used primarily for
testing. Not used by DocuSP
discard Discard Protocol server Discards everything sent to it .Used primaril y for
testing. Not used by DocuSP
dtspc CDE sub-process
Control Servic e
CDE sub-process Control Service (dtspcd) is a
network daemon that accepts requests from
clients to execute commands and launch
applications remotely. Not used by DocuSP
echo Echo Protocol server Echoes back any character sent to it. Sometimes
used in packet debugging and can be used for
denial of service attacks. No t used by DocuSP
exec Remote execution
server
Used by rexec(1) command. Potentially
dangerous— passwords and subsequent
session is clear text (not encrypte d). Not used by
DocuSP.
finger Remote user
information server
Display information about local and remot e
users. Gives away user information. Not used by
DocuSP
fs X font server Used by CDE to dynamically render fonts.
DocuSP uses bit-map fonts.
ftp File transfer protocol
server
This can be used to enable/disable the ftp
server. This does not affect using the ftp client
from the DocuSP server to another host running
an FTP server. Note that DigiPath requires this
service to be enabled.
kcms_server KCMS library service
daemon
Allows the KCMS library to access profiles on
remote machines. Not used by DocuSP.
System Guide 3- 5
Security
INETD Service Description
login Remote login server Used by the rlogin(1) command. Potentially
dangerous— uses ~/.rhosts file for
authentication; passwords and subsequent
session is clear text (not encrypted).
name DARPA trivial name
server
in.tnamed is a server that supports the DARPA
Name Server Protoco. Seldom used anymore.
Not used by DocuSP
rpc.cmsd Calendar manager
service daemon
rpc.cmsd is a small database manager for
appointment and resource-scheduling data. Its
primary client is Calendar Manager. Not used by
DocuSP
rpc.rusersd network username
server
Gives intruder information about accounts. Not
used by DocuSP.
rpc.rwalld Network rwall server Server that handles rwall(1M) command
requests. Can be used for spoo fing at ta cks. Not
used by DocuSP.
rpc.sprayd Spray server Records the packets sent by the spray(1M)
command. Can be used in denial of service
attacks. Not used by DocuSP
rcp.ttdbserverd RPC-based ToolTalk
database server
The RPC-based tooltalk database server is
required for CDE action commands. In particular ,
the CDE front panel has various menu i tems that
rely on CDE actions. Late in the CP3.1 release,
the Server UI team disabled t he front p anel. With
the panel disabled, the need for the tooltalk
database server no longer exists
rquotad Remote quota server Used by the quota (1M) command to display
user quotas for remote file systems. Not used by
DocuSP
sadmind Distributed system
administration daemon
Used by Solstice AdminSuite applications to
perform distributed system administration. Not
used by DocuSP.
shell Remote execution
server
Used by rsh(1) and rcp(1) commands.. The pri nt
command line client relies on the remote shell
internet service being enabled since it uses the
rcp(1) command to transfer files onto the
DocuSP server. However, this service
represents a security risk. Not used by DocuSP
talk Server for talk program The talk utility is a two-way, screen oriented
communication program. Not used by DocuSP.
3-6 System Guide
INETD Service Description
Security
telnet TELNET protocol
server
time Time Protocol server Outdated time service. Seldom used anymore.
uucp UUCP server UNIX to UNIX system copy over networks.
This can be used to enable/disable the telnet
server This does n ot affect using the tel net c lient
from the DocuSP server to another host running
an TELNET server
Not used by DocuSP
UUCP is not securely set up and can be
exploited in many ways. Not used by DocuSP
User level changes
The following user-level changes are made:
• all users for at, cron, and batch are disallowed
• nuucp account is disabled
• listen account is disabled
• password entry locked for bin, sys, adm, uucp, nobody,
noaccess, nobody4, and anonymous
Solaris file permissions
Secure File Permission options can be enabled or disabled
through the DocuSP interface. Fix-modes include:
• fixmodes-xerox: fix file permissions for all packages to
make them more secure. Available under the System tab
under the “Secure File Permissions” drop-down menu.
• fixmodes-solari s: fix file permissions only for Solaris
packages to make them more secure. Available under the
System tab under the “Secure File Permissions” dropdown menu.
The fix-modes utility (from the Solaris Secur ity Toolkit) adjusts
group and world write permissions. It is run with the '-s' option to
secure file permissions for Solaris files that were created at install
time only. Customer-generated files are not affected.
NOTE: When this command is run, a file called /var/sadm/install/
content.mods is left . Do not delete this file. It contains valuable
information needed by fix modes to revert the changes to the
system file permissions if the security setting is changed back to
medium.
System Guide 3- 7
Security
Disabling secure name service databases
The following databases are disabled when security is invoked:
• passwd(4)
• group(4)
• exec_attr(4)
• prof_attr(4)
• ser_attr(4)
Multicast routing disabled
Multicast is used to send data to many systems at the same time
while using one address.
OS and host information hidden
The ftp, telnet and sendmail banners are set to nul l so that users
in cannot see the hostname and OS level.
NOTE: All of these services are prohibited with a 'high' secu rity
setting, but if they are re-enabled manually the hostname
information will remain hidden.
Sendmail daemon secured
Sendmail is forced to perform only outgoing mail. No incoming
mail will be accepted.
Network paramete rs secured
Sun's nddconfig security tool is run. For additional information,
view Sun's document, Solaris Operating Environment Network
Settings for Security, at
http://www.sun.com/solutions/ blueprints/1200/network-updt1.pdf.
Executable stacks disabled
The system stack is made non-executable. This is done so
security exploitation programs cannot take advantage of the
3-8 System Guide
Solaris OE kernel executable system st ack and thereby att ack the
system.
NFS port monitor restricted
The NFS server normally accepts requests fr om any port number.
The NFS Server is altered to process only those request s from
privileged ports. Note that wit h the high security setting, NFS is
disabled; however if the service is re-enabled manually, the port
restriction will still apply.
Remote CDE login disabled
The Remote CDE login is disabled.
Security
DocuSP router capabilities disabled
The DocuSP router capabilities is disabled (empty/etc/notrouter
file created).
Security warning banners
Security warning banners are displayed when a user logs in or
telnets into the DocuSP server. This message explains that only
authorized users should be using the system and that any others
face the possibility of being monitored by law enforceme nt
officials.
NOTE: DRW (DocuSP Remote Workflow) is not impacted by
security settings.
Disabling LP anonymous printing
You can choose to disable anonymous printing on all existing LP
printer queues that are associated with the DocuSP virtual
printers. When anonymous LP is di sabled, onl y systems tha t have
their IP address in the DocuSP controller /etc/hosts table are
authorized to submit LP requests. Answer “y” for yes to disable
this printing option.
System Guide 3- 9
Security
Remote shell internet service
If you are using the legacy Xerox print command line client (the
software is not distrib uted with this release), you will need to use
the remote sh e ll in te r n et service to tr an s f e r f il es to th e Do c u S P
controller. However, if you are not using the print command line
client, it is strongly recommende d that the remote shell internet
service is disabled. When t hese thr ee que stions are answere d, a ll
remaining aspects of the "High" security setting are implemented.
enable-ftp and disable-ftp
These options allow for enabling and disabling FTP alone. You
must have FTP enabled when using a Continuous Feed system,
or FreeFlow Production Print and NetAgent.
FTP is also required for the Call fo r Assistan ce (CF A) feat ure. This
uses FTP to push IOT logs and a DocuSP outload back to the
DocuSP controller.
NOTE: Temporarily enable FTP through the DocuSP Setup >
FTP/Remote Diagnostics menu option.
Creating user-defined profiles
To create a customized profile, the administrator copies any
security profile and edits the profile according to the needs of the
customer environment. This new user profile can be selected,
edited, set as current, and set as default.
Setting the current and default profiles
The administrator can select any profile and set it as the Current
Profile. This Current Profile persists throughout reboot and
software upgrades until it is changed by the administrator.
Similarly, the administrator can select a Default Profile that
remains in effect until it is changed by the administrator.
3-10 System Guide
Account management
Local users and groups
Security
Any interaction between a user and the DocuSP is assoc iated with
a user account and is done vi a a logon session, which is the bas is
for granting access.
DocuSP user accounts are defined either locally at the device or
remotely at a trusted network location like ADS. The local user
account is composed of a logon user name and an assigned user
group. A user account can be a member of one and only user
group. It is the user group that is associated wit h a security pr ofil e
that defines the privileges of the group.
Default user accounts are provided to allow easy transition from
DocuSP versions 3.8 and earlier.
Local user accounts are constructed based on the Solaris model,
with its limitations and restrictions, using the [User & Group
Management] selection on the DocuSP interface.
• Each local user account has an associated user name
between 2-8 characters in length and is case sensitiv e.
• The user name is a string of characters from the set of
alphabetic characters (a-z, A-Z), numeric characters (0-9),
period (.), underscore (_), and hyphen (-); the fi rst character
must be alphabetic and the string must contain at least one
lower case alphabetic character.
• Each account has the following attributes: user name,
password, user group, account disabled/enabled, and
comments.
• The maximum number of user accounts is 25,000.
• Each local user account has an associated us er password t hat
is a sequence of characters that is case sensiti ve and between
0 - 8 characters in length.
Default user groups and user accounts
DocuSP provides three default user groups: Users, Operators,
and System Administrators. It also supplies four default user
accounts: User, Operator, SA and CSE. User and Operator
System Guide 3-11
Security
Figure 1: Assignment to Groups
Figure 1: Assignment to Groups
accounts correspond to User and Operator User Group s whi le SA
and CSE both correspond to the System Administrators group.
.
User Accounts
User Accounts
Users
Users
Operators
Operators
System Administrator
System Administrator
CSEs
CSEs
The User , Operator and SA user accounts cannot be edited,
deleted, disabled, or removed from the assigned group. The CSE
account can be removed from the System Administrator group
and assigned to another group
User Groups
User Groups
Users
Users
Operators
Operators
System Administrators
System Administrators
Creating user accounts
The DocuSP user interface enables the Administrator to manage
accounts easily by selecting [Setup], [Users & Groups], and the
[Users] tab.
When the administrator selects the Users tab, a pop-up window
appears that enables the administ rator to cr eate, edit, or delete an
account and indicate whether the account should be enabled or
disabled.
Group authorization
Job Management and Customer Diagnostics are two functions of
DocuSP that the administrator may choose to restrict. From the
Setup > Users & Groups menu option, select the “Group
Authorizations” tab i n the inter face. The admini strator can choose
to enable or disable the service for a particular user group.
3-12 System Guide
Security
Table 3-6
Function Users Operators
Job
- Enabled Enabled Yes
Management
(release, hold,
proof, promote,
move, delete,
… etc)
Queue
- Enabled Enabled No Possible to change
Management
(New, Delete,
Properties)
Queue Job
- Enabled Enabled No
Operations(Acc
ept Jobs,
Release Jobs,
…etc)
Enable/disable from the “Group Authorizations” tab
Administrat
ors( sa and
cse)
Changeable
via GUI
Comment
this via GUI in
DocuSP 4.2.
Reprint
Management
Printer
Manager(Finish
ing, Image
Quality …etc)
Resource
Managemen(L
CDS
Resources,
PDL Fonts,
Forms, ….etc )
Accounting,
Billing
Enabled Enabled Enabled No The ”reprint_path” in
Security Profile
controls the
directories that users
can reprint. The
defaults are:None ->
everythingLow ->
“saved”Med -> CDROMHigh -> nothing
- - Enabled No
- Enabled Enabled No Possible to change
this via GUI in
DocuSP 4.2.
- Enabled Enabled No
System
Preferences
-Can set
Internatio
Enabled No
nal,Job
Processin
g, Stocks
& Trays
System Guide 3- 13
Security
Function Users Operators
Setup (System
configuration,
- View &
Print only
Gateways)
Setup (Feature
- - Enabled No
licenses,
Network
configuration)
Setup (Security
- - Enabled No
profile, SSL/
TLS, IP Filter)
Setup (Users &
- - Enabled No
Groups)
Change
Self Self Enabled No
password
Service
- - Enabled No
Diagnostics
Administrat
ors( sa and
cse)
Changeable
Enabled No
via GUI
Comment
Customer
Enabled Enabled Enabled Yes
Diagnostics
Backup /
- Enabled Enabled No
Restore
Password security
When the system is installed, the Change System Password
dialog box appears and prompts users to est ablish all System
Default Accounts with new passwords. For security reasons, all
system passwords must be changed.
• root: has super user access to the workstation. The initial
password for this account i s s et during installation of the
operating system and should be obtained from the Xerox
service personnel.
NOTE: For security reasons, the root acc ount password sh ould be
changed as soon as the Xerox ser vice personnel have completed
the installation.
• The Xerox user name is the account from which the Xerox
software runs. Enter the Xerox user password for this account.
Contact your Customer Service Representative if this is
unknown.
3-14 System Guide
Security
NOTE: The administrator should verify access to the Xerox
application for all levels before the service installation personnel
leave the site
• ftp: an account to permit some clients to retrieve their sof tware
from the DocuSP controller using the TCP/IP communication
protocol. This account will be set to Read-only access to t he
/export/home/ftp directory
NOTE: To maintain system security, it is recommended that any
restricted access login be terminated as soon as the session has
been completed.
NOTE: The user and group identifications, uid and gid, for the
Xerox accounts that are listed above cannot be arbitrarily changed
in the password and group files to new values because the
software is based on the proper access to the Xerox supplied fi les.
NOTE: Please be aware that Xerox Customer Support Personnel
must have access to the new root password for service and
support. It is the customer's responsi bility to ensure that the root
and system administrator passwords are available for them.
Strong Passwords
DocuSP provides additional security for users required to adhere
to strict security guidelines. It provides a means in which a strong
password policy can be enforced.
Strong Passwords can be Enabled and Disabled (default setting)
via the Password Policies window.
Strong passwords must consist of ALL of the following
• A minimum of 8 characters in length
• Contain at least one capital letter
• Contain at least one number
• Contain at least one special character {!, @, #, $, %, ^, &, *},
NOTE: In DocuSP 4.x - The minimum password length is set in
the security profiles. To enable the remaining requirements, the
root (su) user must run the setstro ngsecurity script located in the /
opt/XRXnps/bin directory and reboot the system. Once the strong
password feature is enabled, upon creat ion, new users will be
forced to have a strong password assigned to their account. The
passwords for exist ing user s wil l remai n the s ame and continu e t o
work as before, but can be updated if necessary.
including open and close parentheses { ( ) }, hyphen{ - },
underscore{ _ }, and period{ . }.
System Guide 3- 15
Security
NOTE: The strong password requirements cannot be modifi ed. A
strong password cannot be set for roo t or any other Solaris user
accounts that are not created by DocuSP.
NOTE: Remote Network Server: If running NIS+ name service,
strong passwords would be enforce d via the NIS + serv er.
This policy can be set by using the -a <# of allowed attempts>
argument with rpc.nispasswdd. For example, to limit users to no
more than four attempts (the default is 3) , you would type:
rpc.nispasswd -a 4.
How to Enable/Disable Strong Password
• From the Setup menu select [Users and Groups]
• From the Policies drop down menu select [Password]
• Enable/Disable Strong Password from the Password Policie s
window . The default setting is “Disable”.
Login Attempts Allowed
DocuSP has provided a means to lockout users after reaching th e
maximum number of consecutive attempts. Once this is done, the
user will need to apply (reset) a security pol icy and reboot the
system.
The number of failed attempts and enable/disable is configurable
via the Password Policy screen. When enabled, login attempts
can be set from 1-6 attempts before the user is locked out. This
function will only apply to failed login attempts via the DocuSP UI
and does not apply to the root (su) user.
How to Enable/Disable Login Attempts
• From the Setup menu select [Users and Groups]
• From the Policies drop down menu select [Password]
• Enable/Disable Login Attempts from the Password Policies
window . The default setting is “Disable”.
Password Expiration
The System Administrator can set a password expirat ion via the
Solaris Management Control.
NOTE: SMC (Solaris Management Control) has replaced
AdminTool. AdminTool has been retir ed in Solaris 10.
1. Open a terminal window and login as root
2. Type: smc &
3. Go to: System Configuration -> Users -> User Accounts->
<select user> -> Password Options tab
3-16 System Guide
4. Enter values in the drop down menus associated with each
password expiration parameter.
The DocuSP UI does not handle password expiration. Thus,
DocuSP will not prompt the user to enter a new password if his/
her password has expired. Instead, a message is posted
indicating unknown user name or password. It is up to the
customer to determine that the password has expired. To do so,
the customer should open a terminal window and attempt to login
as the user in question. If the password has expired, the system
will prompt for the user to enter a new password .
Security Logs
User Activity on the System
When the High security profile is enabled, the Solar is Basic
Security Module (BSM) is activated.
Date/Time User Login/Logout
Security
This information is kept in the authlog and syslog in the /var/log
directory. Login/Logout to DocuSP is tracked as well as Network
Login/Logout.
Changing individual passwords
There are two ways to change passwords: Users can change
their own passwords using the selection on the Logon menu and
the administrator can change the password by double clicking on
the user name in the User tab of [Users and Groups
Management].
Accessing DocuSP through ADS
If DocuSP has been configured to join a Windows 2000 ADS
domain, users may log onto the printer using t heir Microsof t Active
Directory Services (ADS) user names.
To provide this option, the administrator must first configure
DocuSP appropriately for the DNS gateway (see the “Gateway
and Network Configuration” section of this guide). Additionally,
the administrator must access the [ADS Group s] tab through
[Users and Groups Management] and specify or edit the mapping
of the ADS groups to the DocuSP user groups having permis sion
to log on to the printer.
System Guide 3- 17
Security
Configure DocuSP to Join the ADS Domain
To enable the ADS user accounts, DocuSP must have DNS
enabled and joined to the appropriate ADS domain.
1. Logon to DocuSP as a member of the System Administrat ors.
From the Network Configuration option, select the DNS tab,
make sure that the Enable DNS check bo x is checked. Ensure
that the DNS Server list is filled in with the IP addresses of up
to three DNS servers to search when resolving host names to
IP addresses. (This is part of the network configuration
procedure).
2. Select the ADS tab, and enter in the fully qualified domain
name of the ADS domain.
3. Click “Join…” button to join DocuSP to the ADS domain
specified.
NOTE: If DNS is not enabled, the “Join...” button will not be
available.
Map the ADS groups to the DocuSP user groups
Limiting access
From the Setup menu, Users & Groups option, select the ADS
Groups tab. A member of the System Administrators group can
specify, view and edit the mapping of ADS Groups to the three
DocuSP user groups (Administrators, Operat or, Users) permitted
to log on to the printer.
Log on to the system with ADS user names
From the Logon menu, select ADS for authentication, then log on
to the system with your ADS user name and password.
NOTE: For this feature to work, Administrators must ensure that
DNS is enabled, DocuSP is configured to join the ADS domain,
and ADS groups are mapped to the DocuSP user groups.
Troubleshoot ADS
Refer to the online help feature when troubleshooting ADS.
DocuSP provides options that allow the administrator to block or
limit access to the system.
3-18 System Guide
IP Filtering
IP Filtering allows the administrator to block IP addresses and
provides access to services such as: LPR, IPP, HTTP, HTTPS,
SMB Printing, Raw TCP Printing, and FTP Connections.
The administrator can limit access through the DocuSP interface
[Setup > IP Filtering menu opti on]. The f ilte r allo ws the bl ocking of
specific IP addresses or a range of addresses from accessing t he
system. Available options include: Enable All Connections,
Disable All Connections, Enable Specified Connections.
Additional subnet mask can also be specified.
Refer to online help for detail ed descriptions of IP Filtering
property tabs such as: General tab, System t ab, INIT tab, INETD
tab, RPC tab.
Remote Workflow
Security
Secure Socket Layer
Remote Workfl ow allows for a re m o te c o nn e ction to the Do cuSP
controller.
The administrator can limit access through the DocuSP interface
[Setup > System Preferences menu option]. Remote Workflow
options include: Enable All Connections, Disable All Connections,
Enable Specified Connections (by specific IP Address).
NOTE: The default is Enable All Connections.
DocuSP implements Secure Socket Layer technology using
encryption, a secure port, and a signed digital certificate.
Secure Socket Layer (SSL) and Transport Layer Security (TLS)
are two network security protocols that encrypt and transmit data
via HTTP and IPP over the TCP/IP network. SSL is a protocol
layer placed between a reliable connection- oriented networ k layer
protocol and the application protocol layer.
The network client and the web server (printing system) decide
which protocol to use for data transfer and communicat ion.
The encryption level can be either secure or normal. Normal
security in the SSL/TLS tab means that the user can access IPP
or HTTP via http or https.
System Guide 3- 19
Security
Using the DocuSP SSL/TLS Security Feature
The Secure Socket Layer (SSL) and Transport Layer Security
(TLS) are two protocols used to provide a reliable end-to-end
secure and authenticated connection between two points over a
network. The DocuSP SSL/TLS feature allows a DocuSP System
Administrator to do the following:
1. Create and use a self-signed SSL/TLS certificate
2. Use an existing certificate obtained from a certificate authority
(i.e. VeriSign, Thawte, etc.)
Creating and Using a Self-Signed Certificate
– Logon to DocuSP as System Administrator or as a user who
belongs to the System Administrator group.
– Go to Setup -> SSL/TLS
– If not already enabled, cli ck the 'OK' button in the "Informat ion"
pop-up box
– Click on the 'Add Certificate Button' . This will launch the "Add
Certificate Wizard".
Step 1 - Select "Self-Signed Certificate"
Step 2 - Select and enter either the server
• Domain Name
• IP Address
•Other
Step 3 - Enter the requested information:
• Organization (required)
• Organizational Unit (optional)
• E-mail (optional)
• Locality (optional)
• State/Province (optional)
• Country (required)
Step 4 - Enter the l ength of ti me that the cer tificat e will be va lid
for.
Step 5 - Verify information entered in previous steps.
Step 6 - A message will appear indicating that the self-signed
certificate has been installed.
NOTE: During steps 2-5, the user may go back and correct any
mistakes made in previous steps .
– Click on the 'Enable SSL/TLS' checkbox at the top of the SSL/
TLS window.
3-20 System Guide
Security
– Select a SSL/TLS mode of operation:
• Normal (Encrypted and Unencrypted Access)
• Secure (Encrypted Access Only)
– Select encryption strength:
• Normal (DES-MD5-56-bit)
• Normal (DES-MD5-40-bit)
• Normal (DES-MD5-128-bit)
• Normal (3DES-MD5-128bit)
• High (RC4-MD5-128-bit)
• High (3DES-MD5-128-bit)
Using an Existing Signed Certificate from a Certificate Authority
– If SSL/TLS is not already enabled
– Click 'Add Certificate'
Step 1 - Select "Signed Certificate from a Certificate Authority"
Step 2 - Select and enter either the server
• Domain Name
• IP Address
•Other
Step 3 - Enter the requested information:
• Organization (required)
• Organizational Unit (optional)
• E-mail (optional)
• Locality (optional)
• State/Province (optional)
• Country (required)
Step 4 - Browse to the location of the signed certificate (.pem
file).
Step 5 - Verify information entered in previous steps.
Step 6 - A message will appear indicating that the self-signed
certificate has been installed.
NOTE: During steps 2-5, the user may go back and correct any
mistakes made in previous steps .
System Guide 3- 21
Security
Digital Certi ficates
SSL/TLS cannot be enabled unless a digital certifi cate has been
installed on the syst em, using the Add Cer tificate but ton. Inst alli ng
a digital certificat e can only be done by someone with
administrator privileges.
The administrator selects SSL/TLS from the [Setup] Menu and
clicks on the [Add Certificate] button. This invokes the Add
Certificate wizard. There are two option s regarding digital
certificates. One option is “Self-si gned certificate”. This is selected
when no third party Certificate Authority is being used.
Another option is “Signed Certificate from a Certificate Authority”.
In this case, the administrator needs to supply the fully qualified
domain name, IP address, organization and country of the
Certificate Authority.
If the choice is to use a Certificate Authority, all Certificate
information needs to be held in a file and sent to the Certifi cate
Authority. The Authority returns a valid certificate that must be
installed on the system.
Network Protocol
NOTE: A self-signed certificate is not as secure as a certi ficate
signed by a Certificate Authority. A self-signed certificate is the
most convenient way to begin using SSL/TLS and does not
require the use of a server functioning as a Certificate Authorit y or
a third party Certif icate Authority.
Once the Digital Certificate has been installed, the Enable SSL/
TLS selection becomes available among the [Setup] options. At
that time the administrator can selec t the mode of oper ation,
Normal or Secure, from a drop-down menu.
This section addresses Network Protocol, name service changes
and the changes that occur when security is invoked.
The table below addresses the list of Network Prot ocols that are
used by the DocuSP server software or Xerox client operations.
DocuSP network functionality as standal one and when installed
with other workflow clients such as Freeflow .
Table 3-7
Network
Protocol
XSun Required for functionality of DocuSP diagnostics software.
3-22 System Guide
Network Protocols
Required
Security
Network
Protocol
Required
HTTP Used when connecting to the server via the HTTP gateway.
Connections can also be filtered using the IP Filter feature
under Setup -> IP Filter.
Tomcat web
server
Required for the functionality of the DocuSP Internet Servi ces
gateway and the Xerox Remote Services application.
IPP Required for job submissions from the FreeFlow Pr int Man ager
and/or a Digipath (FreeFlow 2.0+) client. The IPP gateway can
be enabled/disabled under Setup -> Gateways -> IPP tab.
Connections can also be filtered using the IP Filter feature
under Setup -> IP Filter.
Sun RPC Used by many different clients, including DigiPath/FreeFlow
and DocuSP Remote WorkFlow (DRW), and network servi ces
such as NIS+. T ypically used to establish a connecti on to the
server , which then redirec ts the connecti on to another open port
using OS level port management. This service is shutdown
when DocuSP security is set to high. Connections can also be
filtered using the IP Filter featur e under Setup -> Security
Profiles -> <Any Profile> -> RPC tab
SNMP Used for SNMP message exchange and traps. The SNMP
gateway can be enabled/disabled under Setup -> Gateways ->
SNMP.
WINS Required when in an environment where connection to a WINS
server is necessary. WINS service can be enabled/disabled
under Setup -> Network Configuration -> WINS tab.
Socket (Raw
TCP/IP)
Printing
Required if jobs will be submitted via the socket gateway. The
socket gateway can be enabled/disabled under Setup ->
Gateways -> Socket. Connections can also be f iltered using the
IP Filter feature under Setup -> IP Filter.
LPD (LP/LPR) Required for job submissio ns via t he LP/LPR gateway (LP/ LPR
client, DocuSP Print Service (Reprint Manager), etc.). The port
assigned to the LPD can be changed and/or the gateway can
be enabled/disabled under Setup -> Gateways -> LPD.
SSH Access the server via a secure shell (SSH, SFTP, etc.).
FTP Access the server via FTP and/or submit jobs from a DigiPat h/
FreeFlow client via the Digipath/FreeFlow Print Manager. This
service (ftpd) is shutdown when DocuSP security is set to high.
In FreeFlow v2.0, the client has the ability to use secure FTP
(sFTP) when DocuSP security is set to high and FTP is not
available. Connections can also be filtered using the IP Fil ter
feature under Setup -> Security Profiles -> <Any Profile> ->
RPC tab.
System Guide 3- 23
Security
Network
Protocol
SSL Required when using the TLS/SSL security feature and/or a
FreeFlow 2.0+ client with DocuSP security is set to high.
Connections can also be filtered using the IP Filter feature
under Setup -> IP Filter.
NFS Necessary when using NFS mounted directories. This service
is disabled when DocuSP security is set to high. Connections
can also be filtered using the IP Filter feature under Setup ->
Security Profiles -> <Any Profile> -> RPC tab.
NOTE: The IP Filtering (Setup->IP Filter) feature can also help in
limiting access to the server. This is DocuSP's GUI interface to the
SunScreen Lite firewall that is p art of the Solaris 8 Operating
System. This feature allows the user to limit the number of clients
who are allowed to access the server via services such as LPR,
IPP, HTTP, HTTPS, SMB Printing, and FTP. By default, the firewal l
is disabled (all port s open), but can be enabl ed to eit her only al low
specified connections (by IP addre ss, IP addres s range, or subnet
mask) or to close all ports. For DR W cli ents, this mechanism
exists under System Preferences -> Remote Workflow -> "Enabl e
Specified Connections".
Required
NOTE: FreeFlow v2.0 and newer allows users to select whether
or not the DocuSP server they connecting to will have high
security enabled. If so, the client will use other communication
paths such as sIPP (via SSL) for job submissions and sFTP for
decomposition services (NetAgent).
Roles and responsibilities
Xerox will make every effort to assist the a dmini strat or in ensur i ng
that the customer environment is secure.
Xerox responsibilities
Xerox is committed to providing a level of security which will allow
the DocuSP controller to be a good network citizen in response to
current security intrusi ons. Additional securi ty beyond this remai ns
the responsibility of the customer.
Xerox is constantly evaluati ng the security of the DocuSP
controller and the Sun Solaris operating syst em. Xerox is
committed to providing the late st Solaris securi ty patches provi ded
by Sun Microsystems in each major DocuSP release. The
DocuSP development team will also add Solaris security patches
3-24 System Guide
in between major release cycles. All OS secur ity patches for
applications that are added during a DocuSP install will be
included, even if the application code is not normally used by
DocuSP users. Security patches for applications that are not
loaded by a DocuSP install will not be eval uated or i ncluded. Only
the version of a patch impa cting security will be included. If a
security patch has a newer version that is not security related,
then this patch will not be updated to the newer version. Any
security patch that is determined to have a negative impact to
DocuSP operation will not be added.
Customer Responsibilities
The administrator has the primary responsibility for maintaining
the security of the network within the customer's site. It is
important that network security is continuously monitored and
maintained, and that appropr iate security policies are est ablished
and followed.
The procedures outlined in this document assume a basic
knowledge of UNIX, the vi editor, and general computing
concepts. It is expected that the network administrator or system
administrator responsible f o r network security understands the
base commands (cd, chmod, cp, grep, kill, l n , ls, man, more, ps,
etc.), and the UNIX directory path and filename structures shown
in this document.
Security
There is information within the text and in the appendix sections
for reference to those who may not use UNIX often.
The DocuSP product operates on the default Solaris OS
configuration and some additional Solaris patches required by
DocuSP. Several scripts are used to provide additional secur ity for
the DocuSP. Not all scripts are public knowledge, only those that
are public are defined in this document and these can be
performed by the customer.
Xerox DocuSP engineering will evaluate the latest Sun Security
Alert Packs issued by Sun Microsystems and integrate these
patches into the DocuSP releases. Local customer support will be
responsible for loading the latest DocuSP software.
Xerox strongly recommends that the customer change passwords
from the default settings since the ultima te security of the printing
system resides with the customer.
NOTE: Please be aware that the Xerox Customer Support
Personnel must have access to the new root password for service
and support. It is the customer's responsibility to ensure that the
root password is available for them.
System Guide 3- 25
Security
Security tips
Document and backup
The following recommendations will enhance security.
Always document and backup all files that you modify in case
some unforeseen problem occurs. Example: #cp/etc/inet/
inetd.conf /etc/inet/ inetd.conf.orig <RETURN>. If, for whatever
reason, the DocuSP controller will not boot up after your
modifications, you can restore the software to its original
configuration by booting to single user mode. Thi s is done by
typing boot -s from the <ok> prompt. You will be prompted for the
root password. Upon login as root, you can copy the original files
back. For SPARC controllers running Solaris 8, this is done by
typing boot -s from the <ok> prompt. For x86 controll ers running
Solaris 9, this is done by typing reboot -- -s in a terminal window.
If you are unfamiliar with the vi editor, you can use the GUI based
Text Editor program. To launch the editor as root user, in a
terminal window login as root and enter the following: #/usr/
openwin/bin/textedit & <RETURN> Textedit leaves a backup of
the modified file in the same directory. For SPARC controllers
running Solaris 8, in a terminal window, as root, type: /usr/
openwin/bin/textedit & <RETURN>. For x86 controllers running
Solaris 9, in a terminal window, as root, type: /usr/dt/bin/dtpad &
<RETURN>. This backup file wil l have a% af ter the name. Thi s file
can be deleted if you have already backed up the original file.
When you make a manual change to the /etc/inetd.conf file, to
avoid rebooting the controller, you can retstart the inetd process.
To do this, as root user type: ps -e | grep inetd <enter> and note
the process ID returned. Then, type: kill -HUP #### (where ####
denotes the process ID).
Online Help for security
A great deal of helpful security information can be found in Onli ne
Help. Sun's security tools and blueprints may be found at:
http://www.sun.com/solutions/blueprints/
Other security information, including alerts, may be found at:
http://sunsolve.sun.com/pub-cgi/
show.pl?target=security/sec
http://www.cert.org/nav/ index_main.html
http://www.cve.mitre.org/.
3-26 System Guide
4Printing
This section addresses how to set printing workflow. It also
describes the printing utilities that are available in DocuSP
software and how to use DocuSP for TIFF orientation, MICR, and
VIPP printing.
Printing workflow options
The two printing workflow options available are First In/First Out
(FIFO) and Resource Based Scheduling (RBS).
FIFO out can be set either on a limited scheduling/pr inting basis or
as the default printing workflow for the site. In either case FIFO
printing provides the capability to force jobs to fault and print in
FIFO order without regard to available paper stocks and other
variables. Typical applications include zip sorted work, VI print-forone, direct mail and financial dat a.
Resource Based Scheduling, which is the initial default option,
places jobs for which resources are availabl e into the print stream
first. Jobs that require additiona l resource s, like media, are pl aced
in an ineligible state awaiting resource availability. Resource
Based Scheduling optimizes the utilizati on of the printer.
Printing
First In/First Out (FIFO) p rinting
Workflow is refe rred t o as FIFO when job s ar e pri nted i n t he same
order in which they are received. For FIFO printing, the Queue
must also have the Release status set to Yes.
To set FIFO scheduling, perform the following:
1. Select [Setup] on the main menu.
2. Select [System Preferences].
3. Under Scheduling Mode, click FIFO.
NOTE: See the Online Help for detailed procedures.
System Guide 4- 1
Printing
Resource based scheduling
Resource Based scheduling is the default setting on DocuSP. It
schedules jobs only as the resources available to run them
become available.
To set Resource Based scheduling, perform the following:
1. Select [Setup] on the main menu.
2. Select [System Preferences].
3. Under Scheduling Mode, click Resource Based Scheduling.
NOTE: See the Online Help for detailed procedures.
Multiple job submission
There are three menu selections in the Print Services interface
(Reprint Manager):
• Print Selected
• Proof Selected
• Print Now Selected
When one of these print options is chosen, a dialog box opens
that presents the queue options. Once the user selects the queue
to send the job, DocuSP displays a window that tracks the
progress and completion of each job submitted. The [OK] button
becomes enabled when the job is complete.
Jobs may be submitted simultaneousl y based on job size. There is
no hard limit to job submission. However, when submitting
hundreds of jobs, performance needs to be considered since it
may degrade.
The user always has the option of cancel ing th e operat ion once i n
progress. This does not disrupt any job currently being run but
prevents any further jobs from being submitted.
Parallel RIP processing
The operator can choose to enable or disable para llel RIP. If VI
Object Cache is enabled then Parallel RIP is automaticall y
disabled. Likewise if Parall el RIP i s enable d then VI Obje ct Cache
is disabled.
DocuSP processes the workflow in the following way:
1. Is the first job eligible for Parallel RIPing? If yes, DocuSP
processes the job using all the availabl e Parallel RIPs and no
additional jobs can be processed.
4-2 System Guide
2. If no, DocuSP routes the first job through a single RIP.
3. DocuSP determines whether the next job is eli gible for p aralle l
RIPing.
4. If yes, DocuSP processes the job using all the remaining RIPs.
No other job can be RIPed until one of the jobs is completed.
5. If no, DocuSP routes the job through the next single RIP path.
DocuSP continues through the cycle.
ASCII and PCL printing utilities
ASCII printing within various envi ronment s resul t s i n output t hat is
not always formatted as desired. Unfortunately, there is no
“standard” method for pri nting ASCII fil es. ASCII is a charact er set
and not a Page Description Language. Therefore, ASCII files do
not contain format commands. Furthermore, there is no de facto
standard for ASCII formatting.
Nonetheless, users often have the requi rement to match a specific
format. The utility below enables th is formatting flexibility along
with a feature in Queue Manager that allows the administrator to
select the default document format.
Printing
ASCII and the PS or PCL decomposers
The DocuSP software automatically wraps ASCII files with a
predefined set of PostScript code and sends the data through the
PostScript decomposer. Unfortunately, this predefined formatting
does not always meet customer ASCII printing needs and there
are no “knobs” to change the formatting within PostScript.
As an alternative, ASCII files can be identified as PCL and sent
through the PCL decomposer. The PCL decomposer does provide
some additional capabilit ies that can be used to modify ASCII f iles
as desired.
To force ASCII files to use the PCL decomposer, change the file
format in Job Manager. This can also be done by changing the
queue default document property from ASCII to PCL.
setpclcontrol utility
The setpclcontrol utility offers the following user controls:
• Set the site default for the PCL decomposer line term ination.
Setting these options allows both native PCL files and ASCII
streams forced through the PCL decomposer to be
conditioned with various combinations of carriage returns
(CR), line feeds (LF), and form feeds (FF). Mainframe and
System Guide 4- 3
Printing
• Set a custom paper size to map to the PCL escape sequence
NOTE: This utility is now covered on the DocuSP interface. Click
the PCL tab and make selections to Line Termination.
setlp/lprcopycount utility
The setlpcopycount utility allows the DocuSP customer to modify
how the lp/lpr gateway handles a copy count of one. Beginning
with DocuSP version 1.41.06, the default setting ignores a copy
count of one placed on the job by the lp/lpr submission protoc ol.
This allows the internal copy count set by the PDL to ta ke
precedence.
The following utility allows a customer to return the DocuSP to its
original behavior, that is, either imply a copy count of one when
none is specified or honor a copy count of one if specified on the
command line. This copy count of one takes precedence over the
copy count set by the PDL.
UNIX environments typically require some form of CR/LF/FF
adjustment.
<esc>&|101A (which denotes “print on custom stock size”).
HP printers generally respond to this command by imaging an
area of 11.7 x 17.7 inches and then printing the image,
centered, on whatever stock is supplied by the operator . The
setpclcontrol utility allows you to specify a single image and
paper size to correspond with this escape sequence.
Syntax of the utility:
setlpcopycount -f option0 - Specifies that LP will set a copy count
of 1 if received.1 - Speci fi es that LP will ignor e a copy count of 1 if
received.(d e fa u l t )N o op t i o n will d i s p la y cu rr e n t se tting
Example:
docusp_printer% su rootPassword:# cd /opt/XRXnps/bin/# ./
setlpcopycount -f 0
LP/LPR compatibility with DocuSP
DocuSP-driven systems can now be targeted to existing NPS
customers, both black and white and highlight color. DocuSP now
supports the following options.
4-4 System Guide
NPS lp-o and lpr-c
The lp/lpr options are received by the LPR gateway and mapped
to DocuSP attributes.
The following NPS lp/lpr options are supported:
1. NPS general options
Printing
• C”(acct=< te xt)” (account inf o rmation)
• C”(collated)”
• C”(uncollated)”
• C”(copies=<n>)”
• C”(drilled)”
• C”(format=<pdl>)” (document format)
• C”(media=<n>x<m>)”
• C”(pr=<n>-<m>)” (pages to print)
• C”(size=<n>)”
• C”(xshift)” (horizontal image shift)
• C”(yshift)” (horizontal side 2 shift)
• C”(xshiftback=<n>)” (vertical image shift)
• C”(yshiftback=<n>)” (vertical side 2 shift)
• C”(<nostich”l nost aple l stich l staple>l
2. Page order override
• C”(ton)”
• C”(nto1”)
3. Background forms
• C”(bf=<background form>”) (background form)
• C”(cf=<n>) (cycle from start location)
• C”(disposition=<savemaskG4 llsaveformG4>)”
4. Selectable halft one (not including full color)
• C”(halftone=<defaultHalftone l course lmediuem l fine l
extrafine>)”
5. Highlight color (highlight pri nting color)
• C”(hc=<color>)” (highl ight color mismatch action)
• C”(hcm=<abort l ignore l operator>)” (highlight mapping
color scheme)
• C”(hrc=<pictorial l presentation l colorToHighlight l
automatic )” (highlight mapping color)
• C”(mc= <color>)”
6. Hold job for manual release
• C”(hold)”
7. Selectable resolution
System Guide 4- 5
Printing
• C”(res=< l 300 l 600 l>)
8. Other
•C”(pcl5c)”
Highlight color programming in ASCII job ticket
The administrator can submit job programming p arameters that
identify the algorithm and mapping to be used for renderi ng full
color into highlight color printing. The user may also specify what
action to take if there is no match.
For monochrome printing in gray scale, black is selected as the
highlight printing color.
DocuSP supports the following record s in the ASCII job ticket:
• %XRXhighlightPrintingColor: {bl ue l red l green}
• %XRXmismatchedHighlightPrinting Color: {Abort l
SelectCurrent l Intervene}
• %XRXhighlightMappingAlgorithm: {Automatic l
ColorToHighlight l Pictorial l Presentation l Monochrome}
• %XRXhighlightMappingColor . { black l red l gree n l blue l cyan l
magenta l cardinal l royalBlue l ruby l violet l brown l yelllow,
loadedColor}
Resource based scheduling for NPS color
To support the use of DSC comments in Resource Based
Scheduling, the preprocessor scans the DSC comments and map
them to job attributes. The Job Chooser reconciles the attributes
to determine the resources required by the job.
The following table lists the highlight color DCS comments
supported.
DSC
Comment
Table 4-1
Option Parameters Notes
DCS Comments for Highlight Color
%%
Beginning
Feature
4-6 System Guide
HighlightMapping
Algorithm
{none,automatic,colorTable
s,
colorToHighlight,pictorial,
presentation}
Ignore none and
ColorTables
Printing
DSC
Comment
Option Parameters Notes
HighlightMappingColor {none, black, blue, brown,
cardinal, cyan, dontCare,
green, magenta, other , red,
royalBlue, ruby, unknown,
violet, yellow}
HighlightPrintingColor {none, black, blue, brown,
cardinal, cyan, dontCare,
green, magenta, other , red,
royalBlue, ruby, unknown,
violet, yellow}
MismatchedHighlightPrinti
ngColor
NOTE: NPS options can be specified using lp -o and lpr -C from
the command-line.
{none, abortPrint,
reuqestOperatorInterventio
n,useLoadedColor}
Ignore none,
dontCare, other,
and unknown.
Ignore all except
black, blue,
green, and red.
Ignore none,
MapabortPrint to
CancelJob. Map
RequestOperator
Intervention to
HoldJOb
Socket gateway configuration utility: setVPSoption
This utility allows you to configure the two ports of the Socket
Gateway to either remove the echo commands (VPS) or l eave the
data unaltered (NONVPS).
If you are a DT61xx or DT65/75/90 non-LCDS customer , conf igure
both ports as NONVPS. DP1xxxEPS and DT 75/90 customers
using LCDS need to decide whether to configur e one or both port s
as VPS. If a port is not being used, it is recommended to set the
port to NONVPS.
The Socket Gateway allows two ports to be configured at one
time. Regardless of the port number assigned on the Socket
Configuration Utility, the socket port configured on the first port is
always Port 1, and the second line is always Port 2. Both ports ar e
System Guide 4- 7
Printing
set as VPS upon installation. set as VPS upon installati on. Syntax
of the utility:
setVPSoption -1<option> -2<option>
0 - Specifies Port 1
1 - Specifies Port 2
option -VPS(default) or NONVPS
An example of the utility is as follows:
docusp_printer% su root
Password:
# cd /opt/XRXnps/bin
# ./setVPSoption -1VPS -2NONVPS
This sets Port 1 as VPS and Port 2 as NONVPS)
# ./setVPSoption -1VPS
This sets Port1 as VPS and leaves Port 2 unaltered.
# ./setVPSoption -2NONVPS
This leaves Port 1 unaltered and sets Port 2 as NONVPS.
Restart the DocuSP software after setting this option.
TIFF files
NOTE: See the Security section of this guide f or more inf ormati on
on the Secure Socket Layer .
This section discusses the TIFF tags supported by the DocuSP
software and the guidelines for printing TIFF files to achieve the
optimum performance.
GetTIFF and GetForm
The GetTIFF and GetForm operators provided in DocuSP
software allow the administrator to place a variety of external
objects on the page that are not supported by the native
PostScript language. These operators support TIFF files,
PostScript segments, PostScript files, EPS files and baseline
JPEG (JFIF) files.
The GetTIFF and GetForm operators take the name of the file that
contains the external object and, using the default coordinate
system, places the lower left corner of the object in the lower left
corner of the page. Then the administrator can manipulate the
object using standard PS procedures.
The GetTIFF and GetForm operators are encapsula ted and do not
affect the Graphics sta te parameters, like color or font . Additionally
4-8 System Guide
TIFF orientation
Printing
GetTIFF and GetForm execute the same sequence of calls that
are involved in Xerox Forms Caching.
If the job size is greater than 200 pages and a VIPP license or
demo license applies, then the job f ault s via standard VIPPS error
pages.
NOTE: The Enable Caching/Disable Caching (of Fast Forms)
selection found in the Postscript/PDF tab on the queue is not
overridden by the use of GetTIFF or GetForm.
NOTE: The “Enable/Disable Accelerator” cache in Preferences
activates cache for traditional PostScript jobs and does not apply
to GetTIFF or GetForm.
The DocuSP Save Feature stores TIFF images in diffe rent
orientations on the DocuTech/DocuPrint 75/90 and the DocuTech
61XX. This is done by design to optimi ze productivity and all ow for
the different finishing requirements of the print engines controlled
by the DocuSP software. The following products have these
options:
DocuTech 61xx -- The DocuT ech 61xx fini shes the trail edge of the
pages and orients the image appropr iately.
DocuTech/DocuPrint 75/90 -- The DocuTech/DocuPrint 75/90
finishes the lead edge of the pages and orients the image
properly.
This difference can result in PostScript/VIPP files that call
Decomposition Service TIFFs being incomp atible across the
different platforms. The imported TIFFs may print with a different
orientation relati ve to the PostScript image.
Prior to DocuSP 3.1, the c ontr oller uti lized a conver sion t ool ( TIFF
to PostScript) to process and print TIFF files. A native TIFF
decomposer has now been implemented to directly process TIFF
files for printing. This improves the TIFF printing performance for
certain types of files. Decomposer lev el adjustments are also now
available for the TIFF decomposer at the Queue level.
NOTE: Multipage TIFF files are now supported. Single TIFF files
can now contain multiple TIFF images to be processed and
printed.
Supported TIFF tags
Below is a list of the TIFF t ags suppor ted by t he DocuSP so ft ware .
Compression
– Default = 1
System Guide 4- 9
Printing
– DocuSP supports values of 1 (uncompressed), 2 (CCITT
Modified Huffman RLE, 32773 (PackBit s) , 3 (CCITT Group 3) ,
and 4 (CCITT Group 4).
T4 Option
– Default = 0
– This is used to determine CCITT Group 3 one or two
dimensional coding.
Fill Order
– Default = 1
– DocuSP supports values of 1 and 2.
Image Width and Image Length
– Default = none; values must be supplied.
Orientation
– Default = 1
– DocuSP supports values of 1, 3, 6, and 8. Values of 2, 4, 5,
and 7 are treated as if they were 1, 3, 6, and 8 respectively.
Photometric Interpretation
– Default = none; value must be supplied.
– DocuSP supports bi-level values of 0 and 1 only .
Resolution Units
– Default = 2
– DocuSP supports values of 2 (inches) and 3 (centimeters)
Rows Per Stri p
– Default = none
– DocuSP supports single and multiple strip images.
NOTE: Strips and tiles cannot be inter mixe d withi n the s ame TIFF
file.
Str ip Byt e Counts and Stri p Offsets
– Default = none; values must be supplied if the image data is
organized into strips.
– DocuSP supports single and multiple strip images.
X and Y Resolution
– Default = none
– Values must be supplied for printing .
Tile Wid th, Tile Length, Tile Offsets, Tile Byte Counts
– Default = none
– Values must be supplied if image data is organized into tiles.
4-10 System Guide
Administration page controls
DocuSP permits the user to enable or disable the prin ting of
Administration/Banner pages on a queue or job basis. This allows
the site to control when and how the banner and error pages are
printed.
The default setting by queue is set to enabled. The behaviors of
the banner and error pages follow DocuSP precedence, that is
overrides, job level and so forth.
Performance considerations
Optimum performance can be achieved for printing TIFF files by
following the guidelines listed below:
• Use CCITT Group 4 compression for speed.
• Use a resolution of 600 dpi to eliminate the need to scale the
image.
Printing
Using VIPP
• Use a TIFF orientation tag value of 8 to eliminate the need to
rotate the image.
• Use single strip image data to eliminate additional image data
manipulations.
• Use a value of 1 for Fill Order to eliminate additional image
data manipulations.
To specify a job as a VIPP job, a start string is required. The
required start string can be automatically added using DocuSP
functionality. This can be completed using the Command Line
Client, Queue Manager, and Job Properties.
To implement the VIPP Start feature, perform the following:
1. Copy the VIPP startup file into /var/spool/XRXnps/vipp and
then restart DocuSP. The file must exist in this directory and
cannot be changed. However, you can set a symbolic link to
other locations.
NOTE: The startup file must end with a lowercase .ini extension
2. In Queue Manager , c reate a print queue named VIPP. Change
the default document format from ASCII to PostScr ipt. If this is
not done, all VIPP jobs runs as ASCII unless the data file
begins with “%!”.
System Guide 4-11
Printing
3. Select the PDF/PostScript tab, and select [Start File]. Browse
The CACHE command stores a form across a single VIPP job so
only the first instance is a normal RIP. After the first RIP, the form
is called in the job and it is retrieved fr om hard disk in a format
natively understood by the IOT. VIPP CACHE is available f or color
products only.
Repository management
DocuSP provides a number of options in saving jobs to the Save
Job Library (SJL). Jobs can only be saved to the l ocal directory or
a CD-RW. Jobs cannot be saved to the network.
Based on the type of input there are some additional limitations to
save job options.
to the startup file and select this file.
Save job options
Under the System Preference Save selection, there are three
options to use as the default save method. The site must pick the
option that best suits its overall job workflow:
• Rename job. This option automatically attaches a version
number to the job and saves the job to the respository. The
new job has a version number in an.nnn format.
• Overwrite Job. This option replaces the old version of the job.
• Fault Job. This option aborts the save attempt.
If the new job’s name matches that of an existing job, the system
proceeds according to the user’s selection. The job format, PDF,
TIFF or other file format, is not considered in name comparisons.
If the file has the same name, it is considered a duplicat e. A new
name follows the TIFF format in creating its version number. For
example:
MyJob.ps.frf
MyJob.ps.001.frf
When a job is replaced all remnants of the previous job are
erased. Once a job has been replaced there are no provisions for
recovering that job.
System logs reflects when a job has been replaced and when new
versions have been created.
The job overwrite option is supported for the following formats:
• For scanning: PDF, single-page TIFF, multiple-page TIFF (with
job ticket)
• For copying: Multiple-page TIFF (with job ticket)
4-12 System Guide
• For RIPing: PDF, single-page TIFF, multiple-page TIFF (with
job ticket), FRF.
For highlight color, the single-page TIFF format that includes two
images per page (black and highlight color) is supported.
Scan to digital input on Nuvera 100/120
Only Nuvera 100/120 has the capability to use the Scan inte rface
and save a file. This feature enables the operator to scan a file,
browse a file path to save the job and specify a name for the
saved file. In saving, the operator is limited to these file formats:
• PDF
• Single Page TIFF
• Multi Page TIFF
Printing
Copy input for multiple page TIFF files
From the Copy user interface, the operator can Save, Pri nt or
Save &Print multiple pages in TIFF format. The job is saved or
printed per operator selection.
If the option is to save, the Save Facility calls the Save Job Library
to save the job in TIFF format.
NOTE: If the product being used supports a scanner, any image
related to the job is saved wit hout the image manipulati on that was
programmed in the job submission.However, the instructions is
stored in the Saved Job Ticket to be used in job programming
when reprinting.
RIP input
In saving, the operator is limited to these file formats:
• PDF
• Multi Page TIFF
• Single Page TIFF
From the RIP input path, the operator chooses Save, Print and
Print&Save. The input facilities (CDF or Scan Facility) call the
Common Buffer Manager to generate saved and print-ready
images for color or black and white products.
The print-ready images are sent to the Phoenix image disk while
the save images are sent to Save Facility for consumption.
System Guide 4- 13
Printing
Copy/move/delete saved jobs
For jobs saved to the local dri ve, the administr ator can copy, move
or deleted the following formats as soon as the j ob ti cket file
exists:
•FRF
• Multipage TIFF
• PDF
DocuSP invokes the Save Facility which calls the Save Job
Library to process the request.
NOTE: Copy/move/delete functions are only for file s specified with
the job ticket in the leg al job format on the DocuSP sys tem. These
functions can only be performed on the local disk with the job
ticket.
The user interface invokes the necessary scripts to complete the
operation requested.
Copying and saving jobs to CD
For jobs saved to a CD-R/W, the Save Facility calls the PM Library
to copy or save the jobs. However, move job is not supported.
The user can specify CD-RW as the Save Output Destinati on in
the Queue or Job Properties. The user then browses the
directories to save to the desired location. To improve
performance the images of a job are saved t o a temporary location
first and then written to the CD once the last page has been
RIPed.
For systems with a scanner, the user can also select the CD as a
save location.
NOTE: There is no way to delete a file from CD; a user can only
delete all sessions or the last session. Any del eted sessions
cannot be reclaimed for reuse.
NOTE: Writing to a CD requires that the data be supplied at a
constant rate. It is advise to keep activity to a minimum during high
write periods.
Saving custom templates
The operator can create a customer template as well as program
any combination of imposition settings and save them under a
4-14 System Guide
unique user-specified name as a “Save As User Defined
Template.”
The template later appears in the Layout Style drop-down menu.
When it is selected, it displays all the previously programmed
settings. These can be modified or left in tact. The template can
also be deleted at any point.
Job previewing and editing
DocuSP has a number of editing features for saved jobs.
Editing thumbnails
For the DT100/120 family of products, DocuSP enables the user
to preview saved job i n PDF, TIFF, PS or FRF file format s. The Job
Preview function allows the user to view both a thumbnail image,
that is a Thumbnail Resolution Image (TRI) and a full display of
the saved image, that is a Display Resolution Image (DRI).
The Job Preview provides a menu offering the user a number of
features:
Printing
• Fit the image to page
• Rotate the image
• Scale the image
• Fit the image to the page by height and width
• Select the page
• Go to the next page
• Go to the previous page
• Go to the end of the page
• Go to the front page
The Job Preview function can be accessed by right clicking the job
listed either in the Printer Manager or the Job Manager.
Using the PD F editor
The PDF editor allows the user to edit both FRF files for color
systems and black and white systems. The PDF editor is a full
page editor that allows the user to merge pages as long as they
are in the same file format.
The PDF editor offers the user th ese features:
• Insert page
• Delete page
System Guide 4- 15
Printing
Printing hints
• Undo functions for the saved job
• Importing pages for other saved jobs
If you compress the resolution of an embedded bitmap object at
the application level, you can produce smaller pdf files. This
allows your job to transfer across the net faster and requires less
DocuSP spool/disk space, and may process faster.
4-16 System Guide
Subset finishing
Finishi n g
5 Finishing
The following section contains information about how to use
subset finishing and mixed stacking on a printing job.
The finishing information below does not apply to Continuous
Feed (CF) systems. For CF systems, the finishing conf igurat ion is
defined at the CF (STAMPA) Controller. CF imposition files are
used to impose documents for printing in conj unction wi th specif ic
CF finishing configurations.
Subset finishing is the capabi lity to use different types of fi nishing
(or no finishing) within the same job. The ability to finish subsets
independently is a critical feature for many variable data
applications
This product allows more than one typ e of fin ishing wi th in a singl e
PostScript job. The supported finishi ng options and the output
locations that can be used vary depending upon the printer ty pe.
The finishing options and delivery locations are the following:
• Portrait Stitch
• Landscape Stitch
• Dual Stitch
• Right Portrait Stitch
• Right Landscape Stitch
• Right Dual S titch
•Bind
• Right Bind
NOTE: The DT 61xx printers allow Short Edge Feed (SEF) only i n
paper tray 3, 4, and 5. The short edges of the stocks rang e from
approximately 10 inches to 14 inches (254mm to 300mm).
Creating jobs to use subset finishing
It is important that jobs intended to be printed using subset
finishing be enabled with the following:
• PostScript code (using the “setpagedevice” operator)
• Variable Data Intelligent PostScript PrintWare (VIPP) version
2.0 or later.
System Guide 5- 1
Finishing
NOTE: Subset finishing can also be performed at the DigiPath
workstation through the Document Scan and Make Ready
application.
Subset offset (Page Level Jog)
The printer has the ability to offset on a page level. This support
allows VIPP to be utilized for offset type applications. This ability
permits jobs to be sent as one larger file wit h page level offset
commands.
The term “Jog” is used to initiate off set behavior .
• setpagedevice jog 0 (The offset command is “OFF”).
• setpagedevice jog 3 (The offset command is “ON”).
A job with a multiple copy count with a “jog 3” shoul d force offsets
between each distinct set. A job with a copy count of 1 can contain
“jog 0” or “jog 3” on a page by page basis. The system will
alternate offsets between each alternating jog 3 and jog 0
command.
The following information should be considered when using the
“Jog” command:
• The first jog command on a page will be honored and all
others will be ignored.
• Multiple cases of jog 3 without t he corresponding job 0’ s will be
ignored.
• The Printer Manager’s setting of offset “ON” or “OFF” should
not impact the action of the PDL level jog commands. For
example, if the Printer Manager’s offset is set to “OFF” and a
job has a jog 3, then the sets should be offset from one
another.
• The DT/DP 75/90 allows subset offsets to the top tray.
However , the 61xx is not mechanically capable of joggi ng to
the top tray.
PCL offset/separator/subset finishing command
The use of the PCL separator command, <ESC>&l1T, in
combination with DocuSP queue defaults enabl es subset finishing
for PCL jobs. The PCL separator command defines off set
segments of a job. PCL does not commonly support finishing.
However, the use of the PCL separator command allows offset
segments of a job to be finished based on the finishing default set
on the queue. For example, if the queue default is portrait stitch,
all segments of a job where the PCL separator command has
been used will be stitched.
The placement guidelines are as follows:
5-2 System Guide
• Current Page Offset: If the curre nt page is to be of fset from the
• Next Page Offset: If the next page in the document is to be
PCL Offset St acking
Access the Offset st acking switch by opening Printer Manager and
selecting the Stacking tab and then select [Offset Stacking].
To enable offset stackin g fo r coll ated or unco llat ed jobs, select t he
enable checkbox. Both buttons are located under the col lated
stacking and uncollated stacking sections.
Finishi n g
previous page, then the PCL separat or comma nd must be
placed on the current page before any ima ge data . Pla cement
should be within the job/pag e control section or before.
offset from the current page, the PCL separator command
must be placed at the end of the current page after any image
items.
Using the PCS Separator
The following information should be considered when using the
PCL separator command:
• The offset switch in Printer Manager in the DocuSP software
must be set to ON. If the offset switch is set to OFF and a job
with the PCL separator command is received, the sets will not
offset when the job is printed.
• Multiple uses of the PCL separator command within a job will
be honored.
• Multiple uses of the PCL separator command on a page will be
ignored.
• All finishing limitations and restrictions at the print er will apply
to a subset segment.
PCL paper source command
Use the PCL Paper Source command <esc & 1 # H> to program a
PCL print job to use a specific paper. The PCL decomposer on the
DocuSP Controller reads the paper source command and, using
the PCL Paper Sources option in the Queue Properties and map s
the command to the appropriate paper. The number code
System Guide 5- 3
Finishing
Tray mapping
corresponds to the following PCL Paper Source programmed in
Queue Properties.
To program the PCL Paper Source, use the following guidelines:
Standard: <ESC>&11H
Manual Paper Feed: <ESC>&13H
Manual Envelope Feed: <ESC>&13H
Lower: <ESC>&14H
Large Capacity: <ESC>&15H
Envelope Feed: <ESC>&16H
DocuSP allows the operator to select and save tray mappings for
recurring jobs or for jobs needing the same mapping.
From the Printer GUI, the operator selects [Save Mapping]. The
dialog box [Save Settings] enables the user to either select an
existing mapping or create a new mapping by assigning a name
and entering a description in the Comments input area. The
operator can also delete mappings.
To apply the saved mapping to another print run, the operator
accesses the Save Settings dial og box, selects the desired saved
setting and selects [OK]. This action reprograms all the trays to
the values previously stored.
Mapping trays to media
On the DocuSP printer, the media sources are set up for each
queue on the printer interface. The user can map trays to media in
the XPIF job ticket and then use the mapping with the embedded
PCL paper source commands in the data stream.
Once the print job has been sent, the user cannot change media
sources. However, the XPIF job ticket media source to tray
mapping can be overridden for all the trays on the queue.
There are two ways in which an operat or can spec if y the PCL t ray
to media mapping:
1. XPIF job ticket. This ticket must be pre-appended to the job.
2. IPP Attributes. The information in the XPIF ticket and IPP
attributes become part of the job attributes sent to the system.
5-4 System Guide
Backup and restore of tray settings
The saved mappings can be copied to a diff erent sy stem by using
the DocuSP Configuration Backup/Restore utility fr om the System
Menu. DocuSP software allows the selection of individual
components to back up and restore.
If a saved mapping contains more trays t han th e new system has ,
the user will be notified but the operation will continue with only
the supported trays programmed. If the mapping contains fewer
trays than those on the new system, the system will use only
those programmed.
In either case, the operator will be notified but the operation will
continue.
NOTE: If the saved mapping contains programming for stocks that
physically cannot be programmed on the new syst em, then this is
an error and the operation will not continue.
NOTE: A mapping created on a monochrome or highlight color
system can only be restored on another monochrome or highlight
color system.Likewise a mapping created for a color system can
only be restored on a full color system.
Finishi n g
Stacking order
Mixed stacking
NOTE: If a mapping requires LCDS stocks MAIN, AUX or AUTO
on a system that does support LCDS, then the operation will not
continue.
The user is able to specify the Output Set Stacking Order by the
combination of Output Order (1 to N or N to 1) and the Output
Delivery (Face Up/Face Down) selections.
These options can be set either at the Queue property level or at
the Job property level as part of the job ticket output option.
Mixed stacking allows all completed jobs with different finishing to
accumulate in the stacker until it is full or until the operator
empties it.
The types of finishing that can be mixed in clu de stit chi ng, bind ing,
and unfinished. The mixed stack can also include banner pages.
System Guide 5- 5
Finishing
The stacker can hold between 12 and 18 subsets of di fferent types
of finishing in the stacker before unloading.
Mixed stacking is enabled upon installation but can be disabled if
you choose to do so. If you wish to have it enabled at a later date,
a Xerox Service Representative mus t assi st you.
Additional finishing information
The DocuSP is unable to dual stapl e 3-hole punche d stock. If dual
staple is selected when using pre-drilled paper, improper
registration will occur. Select to single staple the job, or print on
non-drilled stock and manually punch the holes after finishing of
dual staple is complete.
5-6 System Guide
6 Fonts
How to choose fonts
Fonts
The following information explains how to use and choose fonts
for a job. It also covers various resident and non- resident fonts
and their availability.
Although document source files can specify almost any image on
a printed page, images t hat cont ai n lett ers, numbers, punctuat ion,
and symbols are common enough to requir e a special mechanism
for dealing with them, similar to movable type. This mechanism is
the font. The DocuSP controller support s Adobe PostScript T ype 1
and Type 3 fonts, PCL scalable and bitmap fonts, and TrueType
fonts.
Fonts
The most important thing to remember is that the font used to
create a document must also be available to the DocuSP
controller.
NOTE: DocuSP supports the euro character . Most font families
include the euro character.
At the DocuSP controller, a font can exist in three forms:
Resident fonts A resident font is an internal font that is permanently sto red on the
DocuSP controller and is always available.
Soft fonts An optional or soft font is a typeface that is loaded as needed at
the DocuSP controller. This allows the DocuSP controller to be
customized with special fonts, such as logos, or other special font
applications as needed.
Downloaded font A downloaded font is a font that has it s requirement s embedded in
the actual source file. If this font is not available at the DocuSP
controller , the downloaded information is used to process and print
the document. Although it is useful, it also creates a much larger
file size.
System Guide 6- 1
Fonts
Downloading fonts from the network
Downloading commercial fonts from the Network allows fonts to
be downloaded to the DocuSP Controller from both Mac or PC
platforms. Supported application programs for font downloading
are as follows: PC Platform - Adobe Type On Call; Apple
Macintosh Platform - Adobe OCF, Marisawa, and Font Works
Font download can also occur on a queue designed specifically
for the Appletalk gateway. This fonts usually a Japanese (doublebyte) or Chinese type font set. Applications in the FujiXerox
marketplace utilize the Applet alk two-way protocol to poll the
printer and then download the massive character sets needed in
these markets. In the U.S. marketplace the typical font loading
mechanism is to hard drive in [Administrati on]. The use of English
fonts from specific applications (e.g, Adobe has some) download
from the AppleTalk gateway is not common.
Resident fonts
The DocuSP controller comes with a wide vari ety of fonts that are
available when creating a document.
NOTE: If you are unsure of the availability of a font, always
consult with your print organization’s management to determine
which fonts are currently lo aded on the DocuSP controller.
PostScript resident fonts
The PostScript Type 1 typeface families listed in Table 7–1 are
scalable, which means that all point sizes are supported, even
intermediate point sizes. These include the typefaces that make
up the LaserWriter IINTX basic font set, plus additional Type 1
fonts supplied by Xerox.
Table 6-1. PostScript Fonts
Font family Stresses and weights
ACaslon Italic, Regular, Semi Bold, Semi Bold Italic
AGaramond Bold, Bold Italic, Italic, Regular
Americana Americana, Extra Bold
AvantGarde Book, Book Oblique, Demi, Demi Oblique
AdobeSans MM
AdobeSerif MM
Albertus Italic, Light, MT
AntiqueOlive Bold, Compact, Italic, Roman
6-2 System Guide
Table 6-1. PostScript Fonts
Font family Stresses and weights
Apple Chancery
Arial BoldItalicMT, BoldMT, ItalicMT, MT
Blackoak --Bodoni Bold, BoldItalic, Italic, Poster, Poster
Compressed
Bookman Demi, Demi Italic, Light, Light Italic
Carta --CGBrn PropRoman
Chicago --ChuGothicBB
Clarendon Bold, Light
Fonts
CooperBlack Regular, Italic, ThirtyThreeBC,
ThirtyTwoBC
Coronet --Courier Courier, Bold, Oblique, Bold Oblique,
Regular
Eurostile Regular, Bold, Bold Extended Two,
Extended T wo
ErorrHandlerFont --Garamond Light, Light Italic, Bold, Bold Italic
Geneva --GillSans Bold, BoldCondensed, BoldItalic,
Condensed, ExtraBold, Italic, LightItalic
GothicBBB Medium
Goudy Regular, Bold, BoldItalic, ExtraBold, Italic
HeiseiKakuGo-W5 --HeseiKakuGothic-W5 --HeiseiMin-W3 --HeiseiMincho-W3 --FutoGoB101 All
FutoMinA101 All
System Guide 6- 3
Fonts
Table 6-1. PostScript Fonts
Font family Stresses and weights
Helvetica Helvetica Black, Black Oblique, Bold, Bold
Oblique, Oblique, Light, Light Oblique,
Condensed, Condensed Bold,
Condensed Bold Oblique, Condensed
Oblique, Narrow, Narrow Bold, Narrow
Bold Oblique, Narrow Oblique
HoeflerText Black, BlackItalic, It alic, Ornaments,
Regular
HonMincho-M --JL-PropRoman --Jun101 --Joanna Regular (MT), Bold, BoldItalic, Italic
Kaufmann --Korinna Bold, Kursiv Bold, Kursiv Regular,
Regular
LetterGothic Regular, Bold, BoldSlanted, Slanted
Liithos Black, Regular
LubalinGraph Book, BookOblique, Demi, DemiOblique
MMMA-PropRoman --Marigold --MaruGothic --MidashiGO --MidashiMin --Mincho-PC --MonaLisa–Recut --Monaco --New Century
Roman, Bold, Italic, Bold Italic
Schoolbook
NewYork --Optima Bold, BoldItalic, Italic
Osaka --Oxford --Palatino Roman, Bold, Italic, Bold Italic
6-4 System Guide
Table 6-1. PostScript Fonts
Font family Stresses and weights
Parisian --ParkAvenue --Poetica SuppOrnaments
RLKL-PropRoman --Ryumin --ShinGo Bold, Light, Medium
StempelGaramond Bold, BoldItalic, Italic, Roman
Symbol --Tekton Tekton, Bold
Times Bold, Bold Italic, Italic, Roman
TimesNewRomanPS Bold It alic MT, Bold MT, Italic MT, MT
Fonts
Trajan Bold
Univers Regular, Bold, BoldExt, BoldExtObl,
BoldOblique, Condensed,
CondensedBold, CondensedBoldOblique,
CondensedOblique, Extended, Light,
LightOblique, Oblique
Wingdings --Woodtype Ornaments Two
XeroxLogoTypes --ZapfChancery Medium Italic
ZapfDingbats ---
PCL resident fonts
There are three types of PCL 5e resident fonts that are
permanently loaded at the DocuSP controller:
• Scalable Intellifont typefaces
• LaserJet IV bitmap typefaces
• Typefaces that match the TrueType fonts as shown in Table 7–2.
System Guide 6- 5
Fonts
NOTE: These are the same internal typefaces that are provided
with the HP LaserJet 4 printer.
Table 6-2. PCL Resident Fonts
Font family Typefaces
Arial Regular, Bold, Italic, Bold Italic
Antique Olive Antique Olive, Bold, Italic
CG Times CG Times, Bold, Bold Italic, Italic
CG Omega CG Omega, Bold, Bold Italic, Italic
Clarendon Condensed
Coronet --Courier Courier, Bold, Bold Italic, Italic
Garamond Antiqua, Halbfett, Kursiv, Kursiv Halbfett
Helvetica Bold, NR, Ob, BdOb, NrOb, NrBdOb
ITCAvantGuard --ITCBookman --Letter Gothic Letter Gothic, Bold, It alic
LinePrinter --Marigold --Times New Regular, Bold, Bold Italic
New Century
---
Schoolbook
Palatino --Symbol --Times --Wingdings --Univers Medium, Medium Condensed, Medium
Condensed Italic, Medium Italic, Bold,
Bold Italic, Bold Condensed, Bold
Condensed Italic
ZapfChancery --ZapfDingbats
6-6 System Guide
Loading...