Xerox PrimeLink B9100, PrimeLink B9110, PrimeLink B9125, PrimeLink B9136 System Administrator Guide

Download

Version 2.0 November 2020 702P08505

Xerox

PrimeLink

B9100/B9110/ B9125/B9136 Copier/Printer System Administrator Guide

FreeFlow

, SquareFold®, and CentreWare®, are trademarks of Xerox Corporation in the United States and/or other

countries. Product status, build status, and/or specifications are subject to change without notice.

Microsoft, Windows, Windows XP, Windows Vista, Internet Explorer, and Word are registered trademarks of Microsoft Corporation in the United States and/or other countries.

PANTONE

is a registered trademark of Pantone, Inc. ScanFlowStore®is a registered trademark of Nuance

Communications, Inc.

Apple

, Macintosh®, Mac OS®, and EtherTalk™are trademarks or registered trademarks of Apple Computer, Inc., registered in the U.S. and other countries. Elements of Apple's Technical User Documentation used by permission from Apple Computer, Inc.

Adobe, the Adobe logo, Acrobat, the Acrobat logo, Acrobat Reader, Distiller, Adobe PDF logo, Adobe PDF JobReady, Illustrator, InDesign, and Photoshop are registered trademarks of Adobe Systems, Inc. PostScript is an Adobe registered trademark used with the Adobe PostScript Interpreter, the Adobe page description language, and other Adobe products. This product is not endorsed or sponsored by Adobe Systems, publisher of Adobe Photoshop.

Fiery

and PrintMe®are registered trademarks of Electronics For Imaging, Inc. GBC®and AdvancedPunch™are trademarks or registered trademarks of General Binding Corporation. HP, HPGL, HPGL/2, and HP-UX are registered trademarks of Hewlett-Packard Corporation. Netscape

UNIX

is a registered trademark of the Open Group. Mozilla Firefox™is a trademark of Mozilla Foundation.

is a registered trademark of Netscape Communications.

Table of Contents

1 Introduction.............................................................................................................................13

Overview...... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... 14

Configuration Steps ........... ........... ........... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ........... ...... 15

More Information..... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... .... 16

2 Initial Setup ............................................................................................................................17

Physical Connection ... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ... 18

Initial Setup at the Control Panel ........ ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... 19

The Installation Wizard... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........ 19

Configuration Report .. ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... . 19

Printing the Configuration Report....... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... . 19

System Administrator Access at the Control Panel ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ..... 20

Locking or Unlocking the Printer... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... . 20

Manually Setting the Ethernet Interface Speed... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... . 21

Assigning a Network Address ... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... 21

Viewing Services and Options. ...... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... . 22

Embedded Web Server ....... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... . 23

Accessing the Embedded Web Server .. ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ..... 23

Enabling Services and Options ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... . 24

Enabling Services and Options at the Control Panel...... ...... ..... ........... ........... ........... ...... .. 24

Enabling Features in the Embedded Web Server . ..... ...... ........... ........... ........... ........... ...... . 24

Changing the System Administrator Password.. ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ... 25

Using the Configuration Overview Page .... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ..... 26

Assigning a Name and Location to the Printer......... ........... ...... ..... ...... ..... ...... ........... ....... 26

3 Network Connectivity.............................................................................................................27

TCP/IP ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .... 28

Enabling TCP/IP ... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........ 28

Configuring TCP/IP Settings at the Control Panel ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... . 28

Configuring TCP/IP Settings in the Embedded Web Server.. ..... ...... ........... ...... ..... ...... ..... .. 30

SNMP ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... .... 33

Enabling SNMP..... ........... ..... ...... ..... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... .. 33

Configuring SNMP .... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... .... 33

LPD...... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........ 36

Enabling LPD ..... ...... ..... ...... ........... ........... ..... ...... ........... ...... ..... ...... ..... ...... ..... ...... ..... ..... 36

Configuring LPD.... ..... ...... ..... ...... ..... ...... ..... ...... ........... ...... ..... ........... ........... ...... ..... ...... .. 36

Raw TCP/IP Printing .. ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ... 37

Enabling Port 9100 ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... . 37

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Table of Contents

Configuring Port 9100.... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... .... 37

SMTP.... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... .. 38

Configuring SMTP Server Settings .. ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .... 38

Configuring Optional SMTP Settings ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........ 38

Performing an SMTP Server Connection Test ... ...... ..... ...... ..... ...... ..... ...... ........... ........... .... 39

LDAP.. ........... ...... ..... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ..... 40

Configuring LDAP Server Settings . ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... . 40

Defining User Mappings ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... .... 41

Configuring LDAP Custom Filters. ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... .. 41

Performing an LDAP Connection Test .... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ... 42

POP3 .. ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... .... 43

HTTP . ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... ..... 44

Enabling HTTP ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........ 44

Configuring HTTP Settings ............ ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... 44

Proxy Server ....... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... 45

Microsoft Networking .. ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ........... ...... ..... ........... ........... . 46

Configuring WINS... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... 46

IPP... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ...... ..... . 47

Enabling IPP ........ ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ... 47

Configuring IPP. ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... 47

Universal Plug and Play Discovery .... ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ... 48

Enabling UPnP ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... ........... ...... ..... ...... .. 48

Configuring UPnP .... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... .... 48

SSDP..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ....... 49

WebDAV .. ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .... 50

Enabling WebDAV. ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ...... ...... ..... ...... ..... .. 50

Configuring WebDAV ..... ........... ...... ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... .... 50

WSD .. ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ..... 51

Enabling WSD. ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... .. 51

Configuring WSD ..... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .... 51

FTP ........... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ........... ...... ..... ...... ... 52

Enabling FTP.... ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ........... ....... 52

Setting Up the FTP Transfer Mode .... ........... ........... ...... ..... ...... ..... ...... ........... ........... ....... 52

Google Cloud Print......... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... .... 53

Enabling Google Cloud Print.. ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ... 53

Registering with the Google Cloud Print Service... ...... ........... ........... ........... ........... ...... ..... 53

Bonjour Multicast DNS...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ....... 54

Enabling Bonjour ..... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ..... 54

Configuring Bonjour......... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... .. 54

AirPrint ..... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ........... ...... ..... ...... ..... ...... ..... ...... ... 55

Configuring AirPrint ... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........ 55

Mopria. ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ... 57

Configuring Mopria.... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........ 57

SOAP .... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ....... 58

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Table of Contents

4 Security .....................................................................................................................................59

Setting Up Access Rights.... ........... ..... ...... ........... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... 60

Overview........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... 60

Authentication..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........ 60

Authorization....... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ... 60

Personalization ..... ..... ...... ..... ........... ...... ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... .. 61

Local Authentication. ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ...... ... 62

Setting Up Local Authentication .... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ..... 62

Defining User Information ........ ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... .... 62

Specifying Login Requirements .. ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ... 63

Network Authentication........ ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ... 64

Setting up Network Authentication ... ........... ...... ..... ...... ..... ...... ........... ........... ........... ....... 64

Configuring Authentication Server Settings for Kerberos ...... ..... ...... ..... ...... ........... ........... 64

Configuring Authentication Server Settings for SMB..... ...... ..... ........... ........... ........... ...... .. 65

Configuring Authentication Server Settings for LDAP. ..... ...... ........... ........... ........... ...... ..... 65

Authentication Using a Card Reader System ... ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ..... 66

Setting Up Authentication for Xerox

Configuring Xerox

Secure Access Login Settings .... ...... ..... ...... ..... ...... ........... ........... ....... 66

Setting Up Authentication for a USB Smart Card Reader System..... ........... ........... ...... ..... 67

Authentication Common Access Card (CAC).. ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... . 70

Authentication Common Access Card (CAC) Overview........ ..... ...... ..... ...... ..... ...... ...... ..... .. 70

Supported Card Types... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ..... 70

Supported Card Readers..... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... 71

Controlling Access to Tools and Features..... ...... ..... ...... ..... ...... ..... ...... ........... ........... ..... ...... ... 72

Controlling Access for All Users... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........ 72

Controlling Access for a Group of Users .. ..... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... .. 73

Resetting Feature Access for All Local Users........ ........... ........... ...... ..... ...... ..... ...... ........... . 74

Digital Certificates ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........ 75

Installing a Digital Certificate . ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ...... ...... ..... ...... 75

Creating a Self-Signed Certificate .... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... .. 75

Creating a Request ..... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ....... 76

Uploading a Certificate..... ........... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... . 76

Managing Certificates ....... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... 76

Certificate Revocation Settings ...... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ..... 77

Secure HTTP and SSL/TLS .... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... .... 78

Configuring Secure HTTP (SSL/TLS).......... ........... ........... ...... ..... ...... ..... ...... ........... ........... 78

S/MIME ..... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........ 79

IPsec.... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... .. 80

Configuring IPsec.. ........... ...... ..... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... .. 80

802.1X... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... . 82

Configuring 802.1X . ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... 82

FIPS140-2 Data Encryption ........... ...... ..... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... 83

Overwriting Image Data ... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... . 84

Overwriting Image Data in the Embedded Web Server . ..... ...... ........... ........... ........... ........ 84

Overwriting Image Data at the Control Panel... ...... ........... ........... ........... ........... ...... ..... ... 85

Secure Access .... ...... ..... ........... ........... ...... ..... ...... .. 66

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Table of Contents

IP Filtering.......... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... .... 86

Creating an IP Filter Rule . ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ....... 86

Unbounded Ports.... ........... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... . 87

Adding an Unbounded Port. ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ...... .... 87

Editing an Unbounded Port.... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ........... . 87

Deleting an Unbounded Port. ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ... 87

Audit Log......... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ....... 88

Enabling Audit Log. . ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... 88

Saving an Audit Log ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... 88

Interpreting the Audit Log ... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ... 88

PDF and XPS Signatures..... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... . 90

Address Book Security... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ........... ........... ..... 91

Controlling Embedded Web Server Address Book Access.... ........... ........... ........... ...... ..... ... 91

Controlling Control Panel Address Book Access .. ..... ...... ..... ...... ........... ........... ........... ...... .. 91

Restricting Access to Job Information .. ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ..... 92

Hiding or Password-Protecting Completed Job Information..... ..... ...... ..... ...... ........... ........ 92

Hiding Active Job Information .. ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... .... 92

Allowing or Restricting Job Operations . ........... ........... ........... ........... ...... ..... ...... ..... ...... .... 92

Hiding or Displaying Network Settings ... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........ 93

Restricting Service Representative Operations ... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... .. 94

Setting up Service Representative Restrictions. ...... ..... ...... ..... ...... ........... ........... ........... .... 94

Limiting Access to Folder Operations... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... 95

5 Printing......................................................................................................................................97

Selecting Print Mode Options ... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... 98

Language Emulation Settings ..... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ... 99

Configuring PostScript 3 Language Emulations .......... ........... ........... ...... ..... ...... ..... ...... .... 99

Configuring PCL

Configuring TIFF and JPEG Language Emulations ...... ........... ........... ...... ..... ...... ..... ...... .... 99

Configuring HP-GL/2 Language Emulations.... ........... ........... ........... ...... ..... ...... ..... ...... ... 100

Managing Banner Page Printing Options.. ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... .... 101

Enabling Banner Page Printing in the Embedded Web Server..... ..... ...... ..... ........... ...... .... 101

Enabling Banner Page Printing from the Control Panel .......... ........... ........... ..... ...... ...... .. 101

Enabling Banner Page Printing in the Xerox Version 3 Print Driver.... ........... ........... ......... 101

Enabling Banner Page Printing in the Xerox Version 4 Print Driver.... ........... ........... ......... 102

Print Service Settings ...... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... . 103

Allocating Memory for Print Settings..... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... . 103

Configuring Other Types of Print Settings. ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... .... 103

Media Print Service Settings..... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ... 104

UNIX

, Linux®, and AS/400 Printing ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... . 106

Xerox

Printer Manager ..... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ......... 106

Printing from a Linux

AS/400 for IBM Power Systems ......... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... 108

6/5e Language Emulations... ...... ........... ........... ........... ........... ...... ..... ... 99

Workstation.. ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... . 107

6 Copying.................................................................................................................................. 109

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Table of Contents

Creating Copy Feature Presets...... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... 110

Specifying Default Copy Settings ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 111

Copy Control.......... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ..... 112

Original Size Defaults ....... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 113

Reduce and Enlarge Presets.... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ..... 114

7 Scanning................................................................................................................................ 115

Configuring General Scan Service Settings . ...... ........... ...... ..... ........... ........... ...... ..... ...... ..... .. 116

Setting Scan Defaults.......... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ........ 116

Configuring Other Scan Settings . ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... 116

Setting Scan to PC Defaults .. ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 116

Scanning to a Folder on the Printer ... ..... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... 117

Creating and Editing a Folder. ..... ...... ..... ...... ........... ........... ..... ...... ...... ..... ...... ..... ...... ..... 117

Scheduling Deletion of Files Stored in Folders.... ..... ...... ..... ...... ........... ........... ........... ...... 117

Configuring Scan Folder Service Settings ....... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... .... 118

Scanning to an Email Address .......... ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... . 119

Configuring Email Settings.... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ...... 119

Editing Email Settings.... ...... ..... ...... ..... ...... ........... ...... ..... ........... ........... ...... ..... ...... ..... .. 120

Network Scanning..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... .. 122

Enabling Network Scanning .... ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... .... 122

Configuring Network Scanning... ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ...... . 122

Configuring File Repository Settings.... ..... ...... ..... ...... ........... ........... ........... ........... ...... ... 123

Configuring an FTP Repository . ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ... 123

Configuring an SMB File Repository ... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... .... 124

HTTP/HTTPS.... ...... ...... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... .......... 124

Configuring the Default Template.... ........... ........... ........... ........... ...... ..... ...... ..... ...... ...... 126

Configuring Template Pool Repository Settings ... ...... ........... ........... ........... ........... ...... ... 128

Updating the List of Templates at the Control Panel .... ...... ..... ........... ...... ..... ...... ..... ...... 128

Configuring a Validation Server..... ..... ...... ..... ...... ........... ........... ..... ...... ..... ...... ...... ..... .... 128

Scanning to a Home Folder for a User .. ........... ........... ...... ..... ...... ..... ...... ........... ..... ...... ..... ... 129

Configuring Scan to Home .. ........... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ... 129

Scanning to a USB Drive ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... .. 130

Enabling Scan to USB Functionality ......... ........... ........... ........... ...... ..... ...... ..... ...... ......... 130

Job Flow Sheets .. ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .. 131

Setting Up a Job Flow Sheet . ...... ........... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... 131

Job Flow Sheet Restrictions ... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ...... 132

Linking the Job Flow Sheet to a Folder ..... ..... ...... ..... ...... ........... ..... ...... ..... ...... ........... .... 133

Enabling Network Scan Utility 3 . ..... ...... ...... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... . 134

8 Faxing..................................................................................................................................... 135

Embedded Fax ... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... ...... ..... ...... ... 136

Configuring Embedded Fax Settings.. ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ..... 136

Configuring Fax General Settings ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ...... 136

Enabling the Output Destination... ........... ........... ........... ........... ...... ..... ...... ..... ...... ......... 137

Configuring Fax Control Settings ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... . 137

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Table of Contents

Setting Fax Defaults.... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ..... 138

Setting Incoming Fax Options.......... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... 139

Storing and Forwarding Received Faxes.. ...... ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... 139

Storing and Forwarding Faxes Using Fax Identifiers ........... ...... ..... ...... ..... ...... ..... ...... ..... 141

Internet Fax ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ..... 143

Configuring Internet Fax Settings ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... 143

Configuring General Internet Fax Options ... ...... ..... ...... ...... ..... ........... ........... ...... ..... ...... 143

Internet Fax Addresses. ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... .......... 144

LAN Fax .... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... . 145

9 Accounting ............................................................................................................................ 147

Xerox®Standard Accounting......... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... .... 148

Configuring Xerox

Creating a Group Account..... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ...... 148

Creating a User Account and Setting Usage Limits...... ..... ...... ...... ..... ...... ..... ...... ..... ...... . 149

Managing Group Accounts......... ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... . 149

Maximum Usage Limits .... ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ..... 149

Managing Limits for Individual Users . ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... .... 150

Managing Limits for Groups.... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ......... 150

Resetting Usage Data Values..... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... . 150

Automatically Resetting the Accounting Counters..... ........... ........... ...... ..... ...... ..... ...... ... 150

Resetting Standard Accounting to Factory Default Settings. ...... ..... ...... ..... ...... ..... ...... .... 151

Printing a Standard Accounting Report .. ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... 151

Local Accounting ....... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... . 152

Configuring Local Accounting .......... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... 152

Creating a User Account and Setting Usage Limits...... ..... ...... ...... ..... ...... ..... ...... ..... ...... . 152

Resetting Local Accounting Usage Counters........ ........... ........... ...... ..... ...... ..... ...... ..... .... 153

Automatically Resetting Local Accounting Usage Counters ...... ..... ...... ........... ........... ..... 153

Network Accounting ... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... 154

Enabling and Configuring Network Accounting . ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... 154

Configuring Accounting Login Screen Settings ... ...... ..... ...... ........... ........... ........... ........... ..... 155

Accounting and Billing Device Settings.. ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... .. 156

Enabling Accounting in Print Drivers... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... .......... 157

Enabling Accounting in a Xerox Version 3 Windows Print Driver.......... ........... ........... ...... 157

Enabling Accounting in a Xerox Version 4 Windows Print Driver.......... ........... ........... ...... 158

Enabling Accounting in an Apple Macintosh Print Driver........ ........... ........... ...... ..... ...... .. 159

Standard Accounting......... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... . 148

10 Administrator Tools........................................................................................................... 161

Monitoring Alerts and Status . ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... 162

Setting Up Job Completion Alerts..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ........... 162

Setting Up Machine Status Alerts.. ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ... 162

Activating a Supplies Plan .. ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ......... 163

Paper Tray Settings ........ ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .. 164

Accessing Paper Tray Settings .... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ...... 164

Setting Custom Paper Color Settings..... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... . 164

Custom Paper Settings..... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... 164

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Table of Contents

Establishing Start-up Attributes.... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... .......... 167

Paper Type Priority ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... ........... ..... 167

Setting Paper Tray Attributes ...... ..... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... 167

Changing Paper Settings During Loading ... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... . 168

Establishing Bypass Tray Defaults . ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ... 169

Customizing the Paper Supply Screen. ..... ...... ..... ...... ..... ...... ........... ...... ..... ........... .......... 169

Paper Tray Priority...... ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... . 169

Managing Automatic Tray Switching ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... 170

Managing Paper Size Settings for the Inserter Device. ...... ..... ...... ..... ...... ........... ........... .. 171

Paper Catalog ....... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... 172

SMart eSolutions... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 174

SMart eSolutions Overview........ ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... .. 174

Configuration Planning .... ..... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... ........... ...... 174

Configuring SMart eSolutions...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... 175

Viewing SMart eSolutions Information.. ..... ...... ..... ...... ..... ...... ..... ...... ........... ...... ..... ...... . 177

Troubleshooting.... ........... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... 177

Configuring Stored File Settings .. ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 181

Retrieving Stored Files.. ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ..... ...... .... 181

Setting Default Touch Screen Settings. ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ... 182

Taking the Printer Offline ...... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... . 183

Bringing the Printer Online ............ ........... ...... ..... ...... ..... ...... ........... ........... ........... ......... 183

Restarting the Printer in the Embedded Web Server..... ...... ..... ........... ........... ...... ..... ...... ..... .. 184

Changing the Power Saver Settings ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... ... 185

View Usage and Billing Information... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... .......... 186

Billing Information... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... .. 186

Usage Counters .... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ..... 186

Enabling the Billing Impression Mode .. ........... ...... ..... ...... ..... ...... ........... ........... ........... .. 186

Cloning ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... 187

Saving Printer Settings ....... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ......... 187

Installing a Clone File . ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ..... 187

Public Address Book . ...... ..... ...... ........... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ... 188

Address Book Options ........ ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ... 188

Editing the Public Address Book as a CSV File ............ ........... ...... ..... ...... ..... ...... ........... ... 188

Importing an Address Book File . ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ...... . 189

Adding, Editing and Deleting Address Book Entries. ........... ........... ........... ........... ...... ..... . 189

Font Management Utility... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... .......... 191

Customizing Printer Contact Information ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ..... 192

Updating the Printer Software ........ ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... .. 193

Determining the Current Software Version . ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... .. 193

Updating the Software .... ...... ..... ...... ..... ...... ........... ........... ..... ...... ...... ..... ...... ..... ...... ..... 193

Date and Time Settings ........ ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... . 194

Fax Speed Dial Setup Settings... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ... 195

Watermarks and Annotations... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ..... ...... ........... ... 196

Creating a Watermark. ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ..... 196

Creating a Universal Unique ID.. ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... . 196

Creating a Secure Watermark ........ ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ........ 196

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Table of Contents

Forced Annotations.... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... 197

Memory Settings .. ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... 198

Backing Up and Restoring Device Settings ........ ...... ..... ...... ..... ...... ........... ........... ........... ...... 199

Backing Up Device Settings.. ..... ...... ..... ...... ........... ...... ..... ........... ........... ...... ..... ...... ..... .. 199

Restoring Device Settings... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ......... 199

Printer Management ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ........... ... 200

Exporting Job History ....... ..... ...... ........... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ........... 200

Automatically Deleting Held Jobs.. ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ... 200

Locking the Printer ... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... .. 200

11 Image Quality and Registration..................................................................................... 201

Image Quality and Calibration ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... .......... 202

Setting Image Quality for the Scanner . ........... ........... ...... ..... ...... ..... ...... ........... ........... .. 202

Image Registration Adjustments.......... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ...... .. 203

Adjusting Fold Position. ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ..... ...... .... 203

Simple Image Quality Adjustment (SIQA) Tools ... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ... 208

Simple Image Quality Adjustment (SIQA) Tools Overview ......... ..... ...... ..... ...... ..... ...... .... 208

Auto Alignment Adjustment .. ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... .......... 208

Density Uniformity Adjustments ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... . 213

Adjusting Image Alignment Manually . ........... ........... ........... ...... ..... ...... ..... ...... ........... ......... 216

Alignment Adjustment Procedure... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ... 216

12 Customization and Expansion........................................................................................ 217

Xerox®Extensible Interface Platform®... ........... ........... ........... ........... ...... ..... ...... ..... ...... ...... 218

Enabling Extensible Services.... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... .......... 218

Enabling Extensible Service Registration. ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... 218

Customizing Apps on the Printer .. ...... ...... ..... ........... ........... ........... ...... ..... ...... ..... ...... .......... 220

Xerox

Customizing Apps Available at the Control Panel.. ...... ..... ...... ..... ...... ........... ..... ...... ..... ... 220

Setting Up Stored Programming ... ...... ..... ...... ..... ...... ........... ........... ..... ...... ........... ...... ..... .... 221

Enabling Stored Programming .......... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ..... 221

Setting the Audio Tones for Stored Programming Registration.. ........... ........... ...... ..... ..... 221

Plug-ins and Kits . ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... .. 222

Enabling Plug-ins . ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 222

Managing Plug-Ins... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ... 222

Enabling Digital Signature Verification for Secure Plug-Ins ... ..... ...... ........... ........... ......... 222

Auxiliary Interface Kit .. ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ......... 223

Setting Up the Inserter Module..... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... .......... 224

App Gallery ... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... ........... ...... ..... ...... ..... .. 220

13 Maintenance ......................................................................................................................225

Maintenance Overview .. ..... ...... ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ... 226

Device Parts for Maintenance .. ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... ... 226

Cleaning the Fuser Stripper Fingers ......... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... 228

Replacing the Fuser Cleaning Web Cartridge .......... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... . 232

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Table of Contents

Verifying the Fuser Cleaning Web Cartridge Usage......... ........... ..... ...... ..... ...... ...... ..... .... 232

Removing the Fuser Cleaning Web Cartridge.... ...... ..... ...... ..... ...... ........... ........... ..... ...... . 232

Installing the Replacement Fuser Cleaning Web Cartridge...... ..... ...... ........... ...... ..... ...... . 235

Clearing the Cartridge Replacement Status Message.... ..... ...... ..... ...... ........... ........... ...... 236

Replacing the Photoreceptor Drum.......... ...... ..... ...... ..... ...... ........... ........... ........... ........... ..... 237

Cleaning the ROS Window .... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ...... 240

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Table of Contents

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Introduction

This chapter contains:

• Overview.. ...... ..... ...... ..... ...... ...... ..... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... ........... ........ 14

• Configuration Steps .. ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........ 15

• More Information . ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ........... ........... . 16

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Introduction

Overview

This guide is for a system administrator with network administrator rights who understands networking concepts and has experience creating and managing user accounts. Use this guide to help you install, configure, and manage the printer on a network.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Introduction

Configuration Steps

When you configure the printer for the first time, it is recommended that you perform the steps in this order:

Note: Most configuration settings are in Embedded Web Server, on the Properties tab. If your

printer is locked, log in as the system administrator.

1. Connect an Ethernet cable from your printer to the network.

2. Confirm that your printer is recognized on your network. By default, the printer is configured to receive an IP address from a DHCP server over a TCP/IP network.

3. Provide basic information such as your location, time zone, and date and time preferences, by completing the Installation Wizard.

4. Print a Configuration Report that lists the current configuration of the printer. Review the report and locate the IP address of the printer.

5. Open a Web browser. To access the Embedded Web Server, in the Web browser address field, type the IP address of your printer. The Embedded Web Server provides administration and configuration functions for your printer.

6. Configure Authentication.

7. Configure Security.

8. Enable services in the Embedded Web Server.

9. Configure Print, Scan, and Fax features.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

10. Configure Accounting.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Introduction

More Information

For more information about your printer, refer to the following sources.

Information Source

User Guide Software and Documentation disc

www.support.xerox.com

Recommended Media List www.xerox.com/rmlna: United States

www.xerox.com/rmleu: Europe

Printer Management Tools www.support.xerox.com

Print Drivers www.support.xerox.com. Search for your device, then download the print

driver for your operating system. Search the site for print driver documents and brochures.

Online Support Assistant www.support.xerox.com

Technical Support www.support.xerox.com

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Initial Setup

This chapter contains:

• Physical Connection ..... ..... ...... ..... ...... ........... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ..... 18

• Initial Setup at the Control Panel .... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........ 19

• System Administrator Access at the Control Panel .. ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... .. 20

• Manually Setting the Ethernet Interface Speed..... ..... ...... ........... ........... ........... ........... ...... ..... ... 21

• Viewing Services and Options... ...... ..... ...... ..... ...... ........... ...... ..... ........... ........... ...... ..... ...... ..... .... 22

• Embedded Web Server ... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ... 23

• Enabling Services and Options. ...... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ..... 24

• Changing the System Administrator Password.... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... 25

• Using the Configuration Overview Page ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ....... 26

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Initial Setup

Physical Connection

To connect your printer:

1. Connect the power cord to the printer, then plug the power cord into an electrical outlet.

2. Connect one end of a Category 5 or better Ethernet cable to the Ethernet port in the back of the printer. Connect the other end of the cable to a correctly configured network port.

3. If you have purchased and installed the Fax Hardware Kit, connect the printer to a correctly configured telephone line.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

4. Power on the printer.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Initial Setup

Initial Setup at the Control Panel

TThhee IInnssttaallllaattiioonn WWiizzaarrdd

The first time the printer is turned on, the Installation Wizard starts. The wizard prompts you with a series of questions to help you configure basic settings for your printer. You are prompted to:

• Set the current date and time.

• Select your local time zone.

• Configure certification, system access level, SMTP, and LDAP.

CCoonnffiigguurraattiioonn RReeppoorrtt

After you complete the installation wizard, you can obtain a Configuration Report. The Configuration Report lists the current settings for the printer. By default, a Configuration Report prints at startup.

PPrriinnttiinngg tthhee CCoonnffiigguurraattiioonn RReeppoorrtt

To print a configuration report:

1. At the control panel, press the Machine Status button and touch the Device Information tab.

2. Touch Print Reports.

3. Touch Printer Reports.

4. Touch Configuration Report and press the Start button.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Initial Setup

System Administrator Access at the Control Panel

To configure the printer from the control panel, press the Machine Status button, then touch the Tools tab. If the printer is locked, log in as a system administrator.

The default administrator password is the device serial number. You can obtain the serial number from the back of the printer, from the configuration report, or from the home page of the Embedded Web Server. You can get the serial number from the control panel touch screen. At the control panel, press the Machine Status button, then on the touch screen, select Device Information. The serial number is in the General Information area of the touch screen. The password is case-sensitive.

Note: When the administrator password is set to the device serial number, administrator

functions are not accessible. If the administrator password is set to the device serial number, at the next administrator login attempt, you are prompted to change the default administrator password. After you change the default administrator password, you have full access to administrator privileges.

To log in as a system administrator:

1. At the control panel, press the Log In/Out button.

2. Type admin, then touch Next.

3. Type the administrator password, then touch Enter.

To log out, touch Admin, then touch Logout. On the next screen, touch Logout.

LLoocckkiinngg oorr UUnnlloocckkiinngg tthhee PPrriinntteerr

To lock or unlock the printer:

1. Log in as a system administrator.

2. At the control panel, press Machine Status, then touch the Tools tab.

3. Touch Authentication / Security Settings→System Administrator Settings→System Administrators Login ID.

4. To lock the printer, touch On. To unlock the printer, touch Off.

5. If you touched On:

a. Touch Keyboard, type the new system administrator Login ID, then touch Save.

b. Touch Keyboard, reenter the Login ID, then touch Save.

6. Touch Save.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Initial Setup

Manually Setting the Ethernet Interface Speed

The Ethernet interface of the printer automatically detects the speed of your network. If your network is connected to another auto-sensing device, such as a hub, the hub may not detect the correct speed. Refer to the Configuration Report to make sure that the printer has detected the correct speed of your network. To view the Configuration Report, see Printing the Configuration Report.

To set the Ethernet interface speed manually:

1. Log in as a System Administrator.

2. At the control panel, press Machine Status, then touch the Tools tab.

3. Touch System Settings→Connectivity & Network Setup→Protocol Settings.

4. Touch Ethernet Settings, then touch Change Settings.

5. Touch Ethernet - Rated Speed, then touch Change Settings.

6. To match the speed set on your hub or switch, select the Speed.

7. Touch Save, then touch Close.

AAssssiiggnniinngg aa NNeettwwoorrkk AAddddrreessss

By default, the printer automatically acquires a network address from a DHCP server. To assign a static IP address, configure DNS server settings, or configure other TCP/IP settings, refer to TCP/IP.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Initial Setup

Viewing Services and Options

To see which services and options are enabled or installed:

1. At the control panel, press the Machine Status button, then touch the Device Information tab.

2. Touch Device Configuration.

3. Touch Close.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Initial Setup

Embedded Web Server

The Embedded Web Server allows you to configure and administer the printer from a Web browser on any computer.

AAcccceessssiinngg tthhee EEmmbbeeddddeedd WWeebb SSeerrvveerr

Before you begin:

• Ensure that TCP/IP and HTTP are enabled. A TCP/IP or HTTP connection is required to access the

Embedded Web Server.

• To determine the IP address of your printer, do one of the following:

– Obtain a Configuration Report.

– At the control panel, press the Machine Status button.

Note: The default administrator user name is admin. When the administrator password is set

to the device serial number, administrator functions are not accessible. If the administrator password is set to the device serial number, at the next administrator login attempt, you are prompted to change the default administrator password. After you change the default administrator password, you have full access to administrator privileges.

To access the Embedded Web Server:

1. At your computer, open a Web browser.

2. In the address field, type the IP address of your printer. Press Enter. The Embedded Web Server

screen appears.

• You can access the printer using a combination of the host name and the domain name as the Internet address. A DNS (Domain Name System) is required. The DNS server requires that the printer host name is registered.

• To specify a port number, for the IP address, type : and the port number.

3. Click the Properties tab.

4. If prompted, type the user name and password of the administrator account, then confirm the login request.

You can access any administrator functions within the Embedded Web Server.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Initial Setup

Enabling Services and Options

You must enable some services and options before you can use them. To enable these special services and options, use either the control panel or the Embedded Web Server.

EEnnaabblliinngg SSeerrvviicceess aanndd OOppttiioonnss aatt tthhee CCoonnttrrooll PPaanneell

To enable services and options at the control panel:

1. Log in as a System Administrator.

2. At the control panel, press the Machine Status button, then touch the Tools tab.

3. Touch System Settings→Common Service Settings→Maintenance.

4. Touch Software Options.

5. Touch Keyboard.

6. Type the code, then touch Save.

7. Touch Close.

EEnnaabblliinngg FFeeaattuurreess iinn tthhee EEmmbbeeddddeedd WWeebb SSeerrvveerr

To enable services and options in the Embedded Web Server:

1. In the Embedded Web Server, click Properties→Security→Feature Enablement.

2. Type the Unique Function Code.

3. Click Apply.

4. Click Reboot.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Initial Setup

Changing the System Administrator Password

For security purposes, Xerox®recommends that you change the default administrator password after you configure the printer. Ensure that you store the password in a secure location.

Note: When the administrator password is set to the device serial number, administrator

To change the administrator password:

1. In the Embedded Web Server, click Properties→Security→System Administrator Settings.

2. If needed, change the Administrator Login ID.

3. For Administrator's Passcode, type the new password.

4. Retype the password.

5. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Initial Setup

Using the Configuration Overview Page

In the Embedded Web Server, the Configuration Overview page provides shortcuts to commonly accessed pages on the Properties tab. To access the Configuration Overview page, click Properties→Configuration Overview.

AAssssiiggnniinngg aa NNaammee aanndd LLooccaattiioonn ttoo tthhee PPrriinntteerr

The Description page provides a place to assign a name and location to the printer for future reference.

To assign a printer name and location:

1. In the Embedded Web Server, click Properties→Description.

2. For Device Name, type a name for the printer.

3. For Location, type the location of the printer.

4. In the fields provided, type the System Administrator contact information, the printer email address, and comment, as needed.

5. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

This chapter contains:

• TCP/IP . ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... . 28

• SNMP .. ...... ..... ...... ..... ...... ..... ...... ........... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... . 33

• LPD........ ........... ..... ...... ........... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ..... 36

• Raw TCP/IP Printing .... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... 37

• SMTP ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ...... .... 38

• LDAP.... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ....... 40

• POP3 .... ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... 43

• HTTP ... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ....... 44

• Proxy Server ... ...... ..... ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... .. 45

• Microsoft Networking... ..... ...... ........... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ........... ........... ..... 46

• IPP..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ..... ...... ... 47

• Universal Plug and Play Discovery ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... 48

• SSDP. ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... .... 49

• WebDAV .... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ........... ........... ........... . 50

• WSD .... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... . 51

• FTP ...... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ...... ..... . 52

• Google Cloud Print..... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... ...... ..... ...... ........... . 53

• Bonjour Multicast DNS.. ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... ........... .... 54

• AirPrint . ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... 55

• Mopria... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ..... 57

• SOAP ...... ...... ..... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ...... ..... ...... ..... .... 58

Note: Some changes to network connectivity require that you restart the printer. To restart the

printer, follow the onscreen instructions.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

TCP/IP

Transmission Control Protocol (TCP) and Internet Protocol (IP) are protocols within the Internet Protocol Suite. IP manages the transmission of messages from computer to computer while TCP manages the actual end-to-end connections.

EEnnaabblliinngg TTCCPP//IIPP

Note: TCP/IP is enabled by default. If you disable TCP/IP, ensure that you re-enable it at the

printer control panel to access the Embedded Web Server.

To enable TCP/IP:

1. At the control panel, log in as System Administrator, press the Machine Status button, and touch the Tools tab.

2. Touch System Settings→Connectivity & Network Setup→Protocol Settings.

3. Touch TCP/IP - Common Settings.

4. Touch Change Settings.

5. Select the item to change and touch Change Settings.

6. Touch IPv4 Mode, IPv6 Mode, or Dual Stack to enable both IPv4 and IPv6.

7. Touch Save.

8. Touch Close.

CCoonnffiigguurriinngg TTCCPP//IIPP SSeettttiinnggss aatt tthhee CCoonnttrrooll PPaanneell

MMaannuuaallllyy CCoonnffiigguurriinngg aann IIPPvv44 NNeettwwoorrkk AAddddrreessss

To configure an IPv4 network address:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch System Settings→Connectivity & Network Setup→Protocol Settings.

3. Touch TCP/IP - Network Settings, then touch Change Settings.

4. Touch IPv4 - IP Address Resolution, then touch Change Settings.

5. Touch Static, then touch Save.

6. Touch IPv4 - IP Address, then touch Change Settings.

7. Type the static IP address using the touch-screen keypad, then touch Save.

8. Touch IPv4 - Subnet Mask, then touch Change Settings.

9. Type the subnet mask using the touch-screen keypad, then touch Save.

10. Touch IPv4 - Gateway Address, then touch Change Settings.

11. Type the gateway mask using the touch-screen keypad, then touch Save.

12. Touch Close.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

MMaannuuaallllyy CCoonnffiigguurriinngg aann IIPPvv66 NNeettwwoorrkk AAddddrreessss

To configure an IPv6 network address:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch Connectivity & Network Setup→Protocol Settings.

3. Touch TCP/IP - Network Settings, then touch Change Settings.

4. Touch IPv6 Address Manual Configuration, then touch Change Settings.

5. Touch Enabled, then touch Save.

6. Touch Manually Configured IPv6 Address, then touch Change Settings.

7. Type the static IP address using the touch-screen keypad, then touch Save.

8. Touch Manually Configured IPv6 Address Prefix, then touch Change Settings.

9. Type the prefix using the touch-screen keypad, and touch Save.

10. Touch Manually Configured IPv6 Address Gateway, then touch Change Settings.

11. Type the gateway using the touch-screen keypad, then touch Save.

12. Touch Close.

CCoonnffiigguurriinngg IIPPvv44 DDyynnaammiicc AAddddrreessss SSeettttiinnggss

To configure IPv4 dynamic address settings:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch System Settings→Connectivity & Network Setup→Protocol Settings.

3. Touch TCP/IP - Network Settings, then touch Change Settings.

4. Touch IPv4 - IP Address Resolution, then touch Change Settings.

5. Touch DHCP, BOOTP, or DHCP/AutoIP, then touch Save.

6. Touch Close.

CCoonnffiigguurriinngg IIPPvv66 DDyynnaammiicc AAddddrreessss SSeettttiinnggss

To configure IPv6 dynamic address settings:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch System Settings→Connectivity & Network Setup→Protocol Settings.

3. Touch TCP/IP - Network Settings, then touch Change Settings.

4. Touch IPv6 Address Manual Configuration, then touch Change Settings.

5. Touch Disabled, then touch Save.

6. Touch Automatically Configured IPv6 Address, then touch Change Settings to see the acquired IPv6 address information.

7. Touch Close.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

CCoonnffiigguurriinngg DDNNSS//DDDDNNSS SSeettttiinnggss

Domain Name System (DNS) and Dynamic Domain Name System (DDNS) is a system that maps host names to IP addresses.

To configure DNS settings:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch System Settings→Connectivity & Network Setup→Protocol Settings.

3. Touch TCP/IP - Network Settings, then touch Change Settings.

4. Touch IPv4 DNS Server Setup, or IPv6 DNS Server Setup, then touch Change Settings.

5. Do one of the following:

a. To allow your DHCP server to provide the DNS server address, touch Get IP Address from

DHCP, then touch Change Settings. On the Get IP Address from DHCP screen, touch Enabled, then touch Save.

b. To manually provide the DNS server address, touch Preferred DNS Server IP Address then

touch Change Settings. Type the DNS server address, then touch Save.

6. Touch Close.

CCoonnffiigguurriinngg TTCCPP//IIPP SSeettttiinnggss iinn tthhee EEmmbbeeddddeedd WWeebb SSeerrvveerr

If your printer has a valid network address, you can configure TCP/IP settings in the Embedded Web Server.

CCoonnffiigguurriinngg SSeettttiinnggss ffoorr IIPPvv44

IPv4 can be used in addition to or in place of IPv6. To configure settings for IPv4:

Note: If both IPv4 and IPv6 are disabled, you cannot access the Embedded Web Server. Re-

enable TCP/IP at the control panel to access the Embedded Web Server. Disabling TCP/IP or

changing the IP address also disables any dependent protocols.

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→TCP/IP.

IPv4 is enabled by default.

2. Type a unique Host Name for your printer.

3. Select the desired method for obtaining a dynamic IP address from the IP Address Resolution drop-down menu, or select Static to define a static IP address.

4. If you select Static, type the IP Address, Subnet Mask, and Gateway Address in the appropriate fields.

Note: If you select BOOTP or DHCP, you cannot change the IP address, Subnet Mask, or

default gateway.

5. Type a valid Domain Name.

6. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

DDNNSS CCoonnffiigguurraattiioonn ffoorr IIPPvv44

To configure settings for IPv4:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→TCP/IP.

2. Next to Obtain DNS Server Address Automatically, select Enabled to allow your DHCP server to provide the DNS server address. Clear the check box to manually provide the DNS server address, and type an IP address for the Preferred DNS Server, Alternate DNS Server 1, and Alternate DNS Server 2 in the appropriate fields.

Note: If DHCP or BOOTP is the IP Address Resolution setting, you cannot change the

Domain Name, Primary DNS Server, Alternate DNS Server 1, and Alternate DNS Server 2

settings.

3. Next to Dynamic DNS Registration (IPv4), select Enabled to register the printer's host name in the DNS server. Select Overwrite if you want to overwrite existing entries in the DNS server.

Note: If your DNS Server does not support dynamic updates, you do not need to enable

DDNS.

4. Next to Generate Domain Search List Automatically, select Enabled if you want the printer to generate a list of search domains. Type the domain names if the option is disabled.

5. Next to Connection Time-Out, type the time allowed until the printer stops attempting to connect to the server.

6. Next to Release Current IP Address When the Host is Powered Off, select Enabled if you want the printer to release its IP address when it restarts.

7. Click Apply.

CCoonnffiigguurriinngg SSeettttiinnggss ffoorr IIPPvv66

IPv6 hosts can configure themselves automatically when connected to a routed IPv6 network using the Internet Control Message Protocol Version 6 (ICMPv6). ICMPv6 performs error reporting for IP along with other diagnostic functions. When first connected to a network, a host sends a link-local multicast router solicitation request for its configuration parameters. If suitably configured, routers respond to the request with a router advertisement packet containing network-layer configuration parameters.

Note: IPv6 is optional and can be used in addition to, or in place of, IPv4. If both IPv4 and

IPv6 protocols are disabled, you cannot access the Embedded Web Server. The host name is the same for IPv4 and IPv6. If you change the host name for IPv6, the host name changes for IPv4 too.

Note: If both IPv4 and IPv6 are disabled, you cannot access the Embedded Web Server. To

access the Embedded Web Server, at the control panel, re-enable TCP/IP. If you disable TCP/IP or change the IP address, the actions disable any dependent protocols.

To configure settings for IPv6:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→TCP/IP.

2. For IP Mode, select IPv6, or, to use both IPv4 and IPv6, select Dual Stack. By default, IPv6 is

disabled.

3. Type a unique Host Name for the printer.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

4. To assign an IPv6 address manually, for Enable Manual Address, select Enabled. Type the IP

Address and Gateway Address.

5. To allow your DHCP server to assign an IP address to the printer, for Get IP Address from DHCP,

select Enabled.

6. Type the required Domain Name.

7. Click Apply.

Note: If you enable or disable IPv6, then click Apply, the printer restarts.

DDNNSS CCoonnffiigguurraattiioonn ffoorr IIPPvv66

To configure settings for IPv6:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→TCP/IP.

2. Select a method for obtaining the DNS server address:

• To allow the DHCP server to provide the DNS server address automatically, for DHCPv6–Lite,

select Enabled.

• To specify the DNS server addresses manually, for DHCPv6–Lite, clear the check box for Enabled. Type the IP addresses of the Preferred DNS Server, the Alternate DNS Server 1, and the Alternate DNS Server 2.

3. To register the printer host name in the DNS server, for Dynamic DNS Registration (IPv6), select

Enabled. To replace existing entries in the DNS server, select Overwrite.

4. To generate the domain search list automatically, for Generate Domain Search List Automatically, select Enabled.

5. Type the names for Domain Name 1, Domain Name 2, and Domain Name 3.

6. For Connection Timeout, type a number between 1–60 seconds.

7. To enable DNS Resolution via IPv6 First, select Enabled.

8. To make the printer release the IP address when the printer restarts, for Release Current IP Address When the Host is Powered Off, select Enabled.

9. Click Apply.

ZZeerroo--CCoonnffiigguurraattiioonn NNeettwwoorrkkiinngg

To support zero-configuration networking, the printer assigns a self-signed address automatically. The self-signed address is for IPv4, IPv6, or both, for a dual stack configuration. If the printer cannot connect to a DHCP server to obtain an IP address, the printer assigns itself a Link-Local address.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

SNMP

Simple Network Management Protocol (SNMP) is used in network management systems to monitor network-attached devices for conditions that require administrative attention. It consists of a set of standards for network management including an application layer, a database schema, and a set of data objects. Agents, or software modules, reside in the printer's SNMPv3 engine. A manager is an SNMPv3 management application such as OpenView, that is used to monitor and configure devices on the network. The agent responds to read (GET) and write (SET) requests from the manager and can also generate alert messages, or traps, based on certain events.

SNMP settings can be configured in the Embedded Web Server. You can also enable or disable Authentication Failure Generic Traps on the printer. SNMPv3 can be enabled to create an encrypted channel for secure printer management.

EEnnaabblliinngg SSNNMMPP

To enable SNMP:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For SNMP, select Enabled.

3. To enable the UDP transport protocol if necessary, for UDP, select Enabled.

4. Click Apply.

CCoonnffiigguurriinngg SSNNMMPP

To configure SNMP settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SNMP Configuration.

2. For SNMP Properties, select Enable SNMPv1/v2c Protocols, or Enable SNMPv3 Protocol. To use SNMPv3, enable and configure HTTPS.

3. To allow remote management servers to change SNMP settings on the printer, select Allow Write.

4. To make the printer generate a trap for every received SNMP request that contains an invalid community name, for Authentication Failure Generic Traps, select Enabled.

5. Click Apply.

EEddiittiinngg SSNNMMPP vv11//vv22cc PPrrooppeerrttiieess

Note: For security purposes, Xerox recommends that you change the SNMP v1/v2c public and

private community names from the default values.

Note: Any changes made to the GET or SET community names for this printer require

corresponding changes to GET or SET community names for each application that uses SNMP

to communicate with this printer.

To edit SNMP v1/v2c properties:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SNMP Configuration.

2. Under SNMP Properties, click Edit SNMP v1/v2c Properties.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

3. Type a name up to 256 characters for the Community Name (Read Only) or use the default value of public.

GET returns the password for the SNMP GET requests to the printer. Applications obtaining information from the printer using SNMP, such as the Embedded Web Server, use this password.

4. Type a name up to 256 characters for the Community Name (Read / Write) or use the default value of private.

SET returns the password for the SNMP SET requests to the printer. Applications that set information on the printer using SNMP, use this password.

5. Type a name up to 256 characters for the default Trap Community Name or use the default value of SNMP_TRAP.

Note: The Default Trap Community Name is used to specify the default community name

for all traps generated by this printer. The Default Trap Community Name can be overridden by the Trap Community Name specified for each individual trap destination address. The Trap Community Name for one address may not be the same Trap Community Name specified for another address.

6. Type the System Administrator's Login ID.

7. Click Apply.

EEddiittiinngg SSNNMMPP vv33 SSeettttiinnggss

Note: Before SNMPv3 can be enabled, install a digital certificate on the printer, and enable

SSL.

To edit SNMP v3 properties:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SNMP Configuration.

2. Under SNMP Properties, click Edit SNMP v3 Properties.

3. Under Administrator Account, click Account Enabled to create the administrator account.

4. Type an Authentication Password then confirm it. The Authentication Password must be at least eight characters in length and can include any characters except control characters. This password is used to generate a key used for authentication.

5. Type a Privacy Password and confirm it. The Privacy Password is used for encryption of SNMPv3 data. The password used to encrypt the data needs to match with the Server.

6. Under Print Drivers/Remote Clients Account, click Account Enabled.

7. Click Apply.

AAddddiinngg IIPP TTrraapp DDeessttiinnaattiioonn AAddddrreesssseess

To configure IP trap destinations:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SNMP Configuration.

2. Click Advanced at the bottom of the page.

3. Under Trap Destination Addresses, click Add UDP IPv4 Address or Add UDP IPv6 Address.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

4. Type the IP address of the host running the SNMP manager application to be used to receive traps.

Note: Port 162/UDP is the default port for traps. Select v1 or v2c based on what the trap

receiving system supports.

5. Under Traps, select the type of traps to be received by the SNMP manager.

6. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

LPD

The Line Printer Daemon (LPD) protocol is used to provide printer spooling and network print server functionality for operating systems such as HP-UX, Linux

Note: For information on setting up print queues on your client system, refer to your client

system documentation.

, and MAC OS X.

EEnnaabblliinngg LLPPDD

To enable the LPD protocol:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. Next to LPD, select the Enabled check box.

Note: Disabling LPD affects clients printing to the printer over TCP/IP using the LPR

printing port.

3. Click Apply.

CCoonnffiigguurriinngg LLPPDD

To configure the Line Printer Daemon protocol:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LPD.

2. Type a Port Number or use the default port number of 515.

3. To enable the TBCP Filter, select Enabled.

4. Enter the Connection Timeout.

5. Enter the Maximum Number of Sessions.

6. For Character Encoding, select According to Device Language Setting or UTF–8.

7. If necessary, for TCP-MSS Mode, select Enabled.

8. If TCP-MSS mode is enabled, for IPv4, type the IP addresses for Subnets 1, 2, and 3.

Note: TCP-MSS settings are common for LPD and Port 9100.

9. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

Raw TCP/IP Printing

Raw TCP/IP is a printing method used to open a TCP socket-level connection over Port 9100, to stream a print-ready file to the input buffer of the printer. Raw TCP/IP then closes the connection after sensing an End-Of-Job character in the PDL or after expiration of a preset time-out value. Port 9100 does not require an LPR request from the computer or the use of an LPD running on the printer. Port 9100 is selected in Windows as the Standard TCP/IP port.

EEnnaabblliinngg PPoorrtt 99110000

Note: Before you enable Port 9100, enable TCP/IP.

To enable port 9100:

1. In the Embedded Web Server, click Connectivity→Port Settings.

2. For Port 9100, select Enabled.

3. Click Apply.

CCoonnffiigguurriinngg PPoorrtt 99110000

To configure port 9100:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→Port 9100.

2. If necessary, for TCP-MSS Mode, select Enabled.

Note: TCP-MSS settings are common for LPD and Port 9100.

3. If TCP-MSS mode is enabled, for IPv4, type the IP addresses for Subnets 1, 2, and 3.

4. Ensure that the TCP Port Number is set to 9100.

5. For End of Job Timeout, type a value between 2–65535 seconds. The default time is 300 seconds.

6. If necessary, for TBCP Filter, select Enabled.

7. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

SMTP

Simple Mail Transfer Protocol (SMTP) is used by the email feature on the printer to deliver scanned images and Internet Fax jobs through email. After you enable SMTP, the email button is enabled on the control panel.

CCoonnffiigguurriinngg SSMMTTPP SSeerrvveerr SSeettttiinnggss

To configure SMTP server settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SMTP Server→General.

2. In the Required Information area, for SMTP Server Setup, to locate an SMTP server, select the required method.

• To allow DNS to find an SMTP server on the network automatically, select From DNS.

• To map to a specific SMTP server, select STATIC.

Note: If you select From DNS, before you can define the SMTP server, ensure that DNS is

configured for either IPv4 or IPv6.

3. Type the SMTP server IP address or host name.

4. Enter the port numbers for sending email and Internet Fax, and for receiving email. The default port number is 25.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

5. For SMTP - SSL / TLS communication, select the type of communication.

6. Type the email address of the printer.

7. Click Apply.

CCoonnffiigguurriinngg OOppttiioonnaall SSMMTTPP SSeettttiinnggss

To configure optional SMTP settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SMTP

Server→General.

2. To improve transmission speed by fragmenting messages, for Split Send, select Enabled.

3. For Maximum Split Count, type the maximum number of fragments. You can specify 2–500

fragments.

4. Select the Split Send Method:

• Split into Pages: If you select this option, the mail client does not reassemble the job on

receipt.

• Split by Data Size: If you select this option, the mail client is required to reassemble the job

on receipt.

5. To define a maximum message size for messages with attachments, for Maximum Data Size per

Email, type a value. You can specify a value between 512–20480 Kbytes. The default is 10,240 Kbytes.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

6. To define the total message size, for Maximum Total Data Size, type a value. You can specify a

value between 512–200,000 Kbytes.

7. Specify the login credentials for the printer to access the SMTP server to send automated emails:

• To allow the printer to send automated emails without providing authentication, select None.

• To have the printer authenticate itself to the SMTP server, select SMTP AUTH.Type the login

name, then type and retype the password.

8. If authentication is enabled, specify the login credentials to use for sending emails:

• To have users specify their login credentials to send emails, select Remotely Authenticated User.

• To use the same credentials that you specified for sending automated emails, select System.

9. To set the action when a remotely authenticated user fails to log in, select Cancel Email Send, or Relogin using System Data.

10. Click Apply.

PPeerrffoorrmmiinngg aann SSMMTTPP SSeerrvveerr CCoonnnneeccttiioonn TTeesstt

To perform the connection test:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SMTP

Server→Connection Test.

2. In the Connection Test Email area, type your email address.

3. Click Send Email.

The result is displayed in the Email Delivery Status area. Check your emails for the test email from the printer.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

LDAP

Lightweight Directory Access Protocol (LDAP) is a protocol used to process queries and updates to an information directory, also known as an LDAP directory, stored on an external server. LDAP directories are heavily optimized for read performance. Use this page to define how the printer retrieves user information from an LDAP directory.

CCoonnffiigguurriinngg LLDDAAPP SSeerrvveerr SSeettttiinnggss

To configure LDAP server settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→LDAP Server.

2. In the Server Information area, type the appropriately formatted main and backup LDAP server

addresses, host name, and port numbers. The default port number is 389.

3. For LDAP Server, select the type of LDAP server.

4. In the Optional Information area, specify settings if necessary:

a. For Search Directory Root, type the search directory root path using Base DN format.

b. For Login Credentials to Search Entries, select Remotely Authenticated User, or System.

c. If necessary, type the login name, then type and retype the password.

d. For Maximum Number of Search Results, type the maximum number of addresses that can

be returned matching the search criteria. Type a number between 5–100.

e. For Search Timeout, select Use LDAP Server Timeout or Wait. If you select Wait, type a

duration between 5–120 seconds.

f. If your primary LDAP server is connected to other LDAP servers, to include the servers in your

searches, for LDAP Referrals, select Enabled.

g. For LDAP Referral Hop Limit, type the maximum number of consecutive LDAP referrals.

Specify a limit between 1–5.

5. In the Perform Query on area, select an option if necessary:

• Mapped Name Field: Select this option to specify how the fields are mapped.

• Surname and Given Name Fields: Select this option to search for the last name and first

name of the user.

6. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

DDeeffiinniinngg UUsseerr MMaappppiinnggss

LDAP servers provide different results to search queries depending on how user data is mapped. Editing the mapping allows you to fine-tune server search results.

Note: If you are using Internet Fax, ensure that the Internet Fax field is not set to No attribute

type that can be used. This setting prevents the LDAP Address Book from displaying on the

Internet Fax screen on the control panel. Select mail as the Internet Fax setting.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

To define LDAP user mappings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→LDAP User

Mappings.

The information you entered on the LDAP Server tab is summarized in the Server Information area.

2. To send a test query, type the name of the user you want to search for in the User Name field,

then click Search. If a match occurs, the information for the user is displayed.

3. Use the drop-down menus under Imported Heading to remap fields as needed.

Note: Headings are defined by your LDAP server schema.

4. Click Apply.

CCoonnffiigguurriinngg LLDDAAPP CCuussttoomm FFiilltteerrss

To configure LDAP filters:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→Custom

Filters.

2. In the User ID Query Filter field, type the LDAP search string or filter that you want to apply.

Note: The filter defines a series of conditions that the LDAP search must fulfill to return the

information that you want.

Note: Format the search string as LDAP objects inside parentheses. For example, to find the

user with a sAMAccountName of Bob, type (objectClass=user)

(sAMAccountName=Bob).

3. For Email Address Book Filter, select Enable Filter.

4. In the Email Address Book Filter field, type the LDAP search string or filter that you want to

apply.

Note: Format the search string as LDAP objects placed inside parentheses. For example, to

find all users that have an email attribute (mail enabled), type (objectClass=

user) (mail=*).

5. For Fax Address Book Filter, select Enable Filter, then type the LDAP search string or filter that

you want to apply.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

6. For Internet Fax Address Book Filter, select Enable Filter, then type the LDAP search string or

filter that you want to apply.

7. Click Apply.

PPeerrffoorrmmiinngg aann LLDDAAPP CCoonnnneeccttiioonn TTeesstt

To perform the LDAP connection test:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→Connection

Test.

2. Type a name for the test.

3. Click Search.

The Search Result area displays the test results.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

POP3

Post Office Protocol, version 3 (POP3) allows email clients to retrieve email from remote servers over TCP/IP on network port 110. To configure POP3:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→POP3 Setup.

2. Type the appropriately formatted IP address, host name, and port number. The default port

number is 110.

3. For POP Receive Password Encryption, select APOP Authentication, if required.

4. Type the Login Name assigned to the printer that is used to log in to the POP3 server.

5. Type a password. Retype the password to confirm.

6. To enable POP3 - SSL/TLS Communication, if needed, select Enabled.

7. Type a Polling Interval value between 1–120 minutes. The default value is 10 minutes.

8. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

HTTP

Hypertext Transfer Protocol (HTTP) is a request-response standard protocol between clients and servers. Clients making HTTP requests are referred to as User Agents (UAs) while servers responding to these requests for resources such as HTML pages, are referred to as origin servers. There can be any number of intermediaries, such as tunnels, proxies, or gateways between UAs and origin servers.

EEnnaabblliinngg HHTTTTPP

HTTP is enabled by default. If you disable HTTP, you will need to enable it at the printer before you can access the Embedded Web Server.

To enable HTTP:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch System Settings→Connectivity & Network Setup→Port Settings.

3. Touch Internet Services (HTTP), then touch Change Settings.

4. Touch Port Status, then touch Change Settings.

5. On the Internet Services - Port Status screen, touch Enabled, then touch Save.

6. Touch Close.

CCoonnffiigguurriinngg HHTTTTPP SSeettttiinnggss

To configure HTTP settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→HTTP.

2. Change the maximum number of sessions, if necessary. The default is 5.

3. To use cross-site request forgery protection, for CSRF Protection, select Enabled.

4. Type the Port Number, if necessary. The default is 80.

5. To encrypt HTTP communication between the printer and client computers using the Embedded

Web Server, for Secure HTTP (SSL), select Enabled. The encryption is used for data sent using IPsec, SNMP, and Audit Log. A digital certificate installed on the printer is required.

6. Type the Secure HTTP Port Number, if necessary. When SSL is enabled, HTTP traffic is routed to

this port. The default is 443.

7. Enter the amount of time for the Connection Timeout, if necessary.

8. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

Proxy Server

A proxy server acts as a go-between for clients that seek services and the servers that provide them. The proxy server filters client requests. If the requests conform to the filtering rules, the proxy server grants the request and allows the connection.

A proxy server has two main purposes:

• A proxy server keeps any devices behind the server anonymous for security purposes.

• A proxy server decreases the amount of time required to access information by caching content, such as webpages from a Web server.

Note: Proxy server settings are used for Xerox®Remote Print Services, formerly called SMart

eSolutions.

To configure proxy server settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→Proxy Server.

2. In the General area, for Use Proxy Server, select Enabled.

3. For Proxy Server Setup, select an option:

• Same Proxy for All Protocols: Select this option to use the same proxy settings for HTTP and

HTTPS.

• Different Proxy for Each Protocol: Select this option to use different proxy settings for HTTP

and HTTPS.

• Use Automatic Proxy Configuration Script: Select this option to use an automatic proxy

configuration script.

• Automatically Detect Settings: Select this option to detect proxy settings automatically.

4. For Addresses to Bypass Proxy Server, type any Web addresses or domains that you want to

bypass the proxy server. For example, type the address of your company intranet site.

5. In the HTTP Server area, type the Server Name and Port Number. The factory default port

number is 8080.

Note: Ensure that the port number that you set for the device matches the port number

that the server is configured to use for this proxy.

6. If your proxy server is configured to require authentication, for Authentication, select Enabled.

Type your credentials in the Login Name and Password fields. Retype the password to confirm.

7. To use a different proxy server for HTTPS, type the server information in the HTTPS Server area.

The default port number is 8080.

8. To use an automatic proxy configuration script, type the URL for the script in the Use Automatic

Proxy Configuration Script area.

9. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

Microsoft Networking

CCoonnffiigguurriinngg WWIINNSS

When running WINS, the printer registers its IP address and NetBIOS host name with a WINS server. WINS allows users to communicate with the printer using the host name only.

To configure primary and secondary WINS servers:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→Microsoft

Networking. The SMB client page opens.

2. To allow your DHCP server to provide your WINS server address to the printer, select DHCP next

to Obtain WINS Server Address Automatically.

3. If you want to provide the WINS server address manually, type it in the Primary Server IP

Address field.

4. If desired, type the secondary WINS server address in the Secondary Server IP Address field.

5. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

IPP

Internet Printing Protocol (IPP) is used for remote printing and managing print jobs.

EEnnaabblliinngg IIPPPP

To enable IPP:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For IPP, select Enabled.

3. Click Apply.

CCoonnffiigguurriinngg IIPPPP

To configure IPP printing:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→IPP.

2. For Add Port Number (IPP), type the port number that you want the printer to use.

3. For Add Port Number (IPPS), type the port number that you want the printer to use for secure

IPP.

4. To enable the TBCP Filter, select Enabled.

5. To allow only one specific user to control or delete any print job, for Administrator Mode, select

Enabled.

6. For Connection Timeout, type the timeout period. The default is 60 seconds.

7. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

Universal Plug and Play Discovery

The Universal Plug and Play Protocol (UPnP) network protocols are used by devices in a TCP/IP network to discover each other. The devices can establish connections for data sharing and communications. You can configure the printer to use the Simple Service Discovery Protocol in the UPnP network. For more information, refer to SSDP.

EEnnaabblliinngg UUPPnnPP

To enable UPnP:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For UDP, UPnP Discovery, and SOAP, select Enabled.

3. Click Apply.

CCoonnffiigguurriinngg UUPPnnPP

To configure UPnP:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→UPnP Discovery.

2. Type a port number. Port 1900 is the standard port for UPnP.

3. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

SSDP

The Simple Service Discovery Protocol (SSDP) can be used in Universal Plug and Play networks. When SSDP is enabled on the printer, the printer advertises itself to other Universal Plug and Play (UPnP) clients in the network. For example, the printer advertises itself to personal computers.

To configure SSDP:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→SSDP.

2. For SSDP Port Status, select Enabled.

3. Set the valid advertising period.

Note: The printer advertises itself to other devices in the network using the advertising

period. The default is every 180 minutes. You can specify an interval between 60–4320

minutes.

4. Type a Maximum TTL value.

Note: To allow the printer to reach UPnP (Universal Plug and Play) devices in other

subnetworks, type a time-to-live (TTL) value between 1–10. The TTL value specifies the

number of routers that an SSDP message can pass through.

5. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

WebDAV

Web-based Distributed Authoring and Versioning (WebDAV) is a set of extensions to HTTP that allow users to edit and manage files collaboratively on remote Web servers. WebDAV must be enabled to use Network Scan Utility 3.

EEnnaabblliinngg WWeebbDDAAVV

To enable WebDAV:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For WebDAV, select Enabled.

3. Click Apply.

CCoonnffiigguurriinngg WWeebbDDAAVV

To configure WebDAV settings:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→WebDAV.

2. Type the Port Number.

3. Type the Connection Timeout period. The default is 30 seconds.

4. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

WSD

Web Services for Devices (WSD) is technology from Microsoft that provides a standard method for discovering and using network connected devices. It is supported in all of the current Windows and Windows Server operating systems. WSD is one of several supported communication protocols.

EEnnaabblliinngg WWSSDD

To enable the WSD protocol:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. To enable the WSD print service, for WSD Print, select Enabled.

3. To enable the WSD scan service, for WSD Scan, select Enabled.

4. Click Apply.

CCoonnffiigguurriinngg WWSSDD

To configure the WSD protocol:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→WSD.

2. Edit the following settings if necessary:

• Port Number. The default is 80.

• TBCP Filter. To use the filter, select Enabled.

• Data Receive Timeout in seconds. The default is 30.

• Notification Delivery Timeout in seconds. The default is 8.

• Maximum TTL. The default maximum time to live is 1.

• Maximum Number of Subscribers. The default is 50.

3. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

FTP

File Transport Protocol (FTP) is a standard network protocol used to pass and manipulate files over a TCP/IP network. Several services running on your printer, including Network Scanning and Fax, can use FTP as a filing service.

EEnnaabblliinngg FFTTPP

To enable FTP:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For FTP Client, select Enabled.

3. Click Apply.

SSeettttiinngg UUpp tthhee FFTTPP TTrraannssffeerr MMooddee

To set up the FTP transfer mode:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→FTP.

2. For Transfer Mode, select Passive Mode, or Active Mode.

3. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

Google Cloud Print

Google Cloud Printing allows users to access the cloud print queue from any Internet-connected device in any geographic location. To allow access to the service, provide users with registration details. Users register for the service with the information that you provide.

EEnnaabblliinngg GGooooggllee CClloouudd PPrriinntt

To enable Google Cloud Print:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For Google Cloud Print, select Enabled.

3. Click Apply.

RReeggiisstteerriinngg wwiitthh tthhee GGooooggllee CClloouudd PPrriinntt SSeerrvviiccee

To allow users to use Google Cloud Print, supply users with the registration details. To print the registration details:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→Google Cloud Print.

2. Click Register this Device to Google Cloud Print. The printer prints the registration details and

instructions.

3. Tell users to complete the registration using the printed information.

The user follows the printed instructions to register the printer to their Google Cloud Print Service. The Status area in the Google Cloud Print page provides information about the registration.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

Bonjour Multicast DNS

Bonjour is a zero-configuration networking protocol developed by Apple to allow devices on a LAN to locate each other. When you enable Multicast DNS (Bonjour) on the printer, the printer responds to mDNS calls. Any computer that runs the Apple Macintosh operating system Bonjour technology can discover the printer on a network. Bonjour and IPP are required for Mopria and the Mac OS Print Center and Print Setup Utility. To use Bonjour, enable LPD and Raw TCP/IP printing on port 9100. For more information, refer to IPP, LPD, and Raw TCP/IP Printing.

EEnnaabblliinngg BBoonnjjoouurr

To enable Bonjour:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For Bonjour, select Enabled.

3. Click Apply.

CCoonnffiigguurriinngg BBoonnjjoouurr

™

Mobile Printing, AirPrint®,

To configure Bonjour:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→Bonjour.

2. Type the host name and printer name.

3. To use wide-area Bonjour, for Wide-Area Bonjour, select Enabled. Wide-area Bonjour allows

devices to discover each other even if they are in different subnets in the network.

4. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

AirPrint

AirPrint is a software feature that allows you to print from wired or wireless Apple iOS-based mobile devices and Mac OS-based devices without the need to install a print driver. AirPrint-enabled printers allow you to print or fax directly from a Mac, an iPhone, iPad, or iPod touch. To use AirPrint, enable and configure IPP and Bonjour.

Note:

• Not all iOS applications support printing using AirPrint.

• Wireless devices must join the same wireless network as the printer. You can connect the printer by its wired network interface.

• To allow devices to print from different subnets, configure your network to pass multicast DNS traffic.

• AirPrint-enabled printers work with all models of iPad, iPhone 3GS or later, and iPod touch third generation or later, running the latest version of iOS.

• The Mac OS device requires Mac OS 10.7 or later.

CCoonnffiigguurriinngg AAiirrPPrriinntt

To configure AirPrint:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→AirPrint.

2. In the General area, for AirPrint, select Enabled.

3. To use AirPrint on a USB connection, for USB Connection, select Enabled.

4. To specify printer information, in the Bonjour area, type the printer name and location.

Optionally, type the geographical coordinates.

5. To use IPP authentication:

a. In the IPP Authentication area, for Basic Authentication, select Enabled.

b. Type a user name, then type and retype a password.

6. To use a digital certificate:

a. In the Device Digital Certificate area, for Device Digital Certificate Management, click

Settings.

b. Create a certificate, or upload a signed certificate. For more information, refer to Digital

Certificates.

7. To configure AirPrint, for software updates:

a. In the Device Software area, click Update.

b. To check for software updates, in the Software Update area, click Check Now.

c. To specify when the printer checks for updates, in the Check for Update area, select Never,

Daily, Weekly, or Monthly.

d. To receive email notifications for the software upgrades, in the Email Notifications area, click

Setup. In the Software Update page, type up to three email addresses, then click Apply.

8. To check consumables, in the Consumables area, click Check Status. To return to the AirPrint

page, click Back.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

9. To specify what happens when a data error occurs, for Print Job Handling when Data Error Occurs, select Cancel Print Job or Force Print Job.

10. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Network Connectivity

Mopria

Mopria™is a software feature that enables users to print from mobile devices without requiring a print driver. To enable printing, users install the Mopria app or plug-in available from the appropriate app store. When you enable and configure Mopria on the printer, the required protocols IPP and Bonjour are enabled.

CCoonnffiigguurriinngg MMoopprriiaa

To configure Mopria:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→Mopria.

2. Select Enabled.

3. Click Apply.

Note: Before you disable Mopria, disable IPP and Bonjour. If AirPrint is configured on the

printer, disabling IPP and Bonjour disables AirPrint. To continue to use AirPrint, re-enable it.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Network Connectivity

SOAP

SOAP is an open-standard, platform-independent, XML-based messaging protocol that allows computers and networks using different operating systems to exchange information. SOAP is used by other network protocols, including Universal Plug and Play Discovery.

To enable SOAP:

1. In the Embedded Web Server, click Properties→Connectivity→Port Settings.

2. For SOAP, select Enabled.

3. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

This chapter contains:

• Setting Up Access Rights ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ... 60

• Local Authentication... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... 62

• Network Authentication.... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... ...... ........... ..... 64

• Authentication Using a Card Reader System ..... ..... ...... ........... ........... ........... ........... ...... ..... ...... . 66

• Authentication Common Access Card (CAC).... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ... 70

• Controlling Access to Tools and Features . ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... 72

• Digital Certificates . ...... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ..... 75

• Secure HTTP and SSL/TLS..... ...... ..... ........... ...... ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... .. 78

• S/MIME . ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ..... ...... ..... ..... 79

• IPsec. ..... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ..... ...... ..... ..... 80

• 802.1X..... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ... 82

• FIPS140-2 Data Encryption ....... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ... 83

• Overwriting Image Data ..... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... ..... .... 84

• IP Filtering . ..... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... . 86

• Unbounded Ports ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... ..... ... 87

• Audit Log ..... ...... ..... ...... ...... ..... ........... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... .... 88

• PDF and XPS Signatures . ..... ...... ........... ........... ........... ...... ..... ...... ..... ...... ..... ...... ........... ..... ...... ... 90

• Address Book Security ..... ...... ..... ...... ........... ........... ........... ........... ...... ..... ...... ..... ...... ........... ....... 91

• Restricting Access to Job Information... ........... ........... ..... ...... ..... ...... ...... ..... ...... ..... ...... ..... ...... ... 92

• Hiding or Displaying Network Settings ..... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ..... 93

• Restricting Service Representative Operations ..... ...... ..... ...... ........... ........... ........... ...... ..... ...... .... 94

• Limiting Access to Folder Operations ..... ...... ..... ...... ..... ...... ........... ..... ...... ..... ...... ...... ..... ...... ..... .. 95

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Setting Up Access Rights

OOvveerrvviieeww

You can control access to the printer's services and features by setting up authentication, authorization, and personalization.

AAuutthheennttiiccaattiioonn

Authentication is the process of confirming the identity of a user by comparing information provided by the user, such as their user name and password, against another source of user information such as a Lightweight Directory Access Protocol (LDAP) network directory. Users can be authenticated when accessing the control panel or when accessing the Embedded Web Server.

There are several ways to authenticate a user:

• Local: If you have a limited number of users, or do not have access to a Lightweight Directory

Access Protocol (LDAP) network directory, you can add user information, such as user names and passwords, to the internal database of the printer. You can then specify tools and feature access for all users. Users are authenticated and authorized when they log in at the control panel.

• Network: The printer retrieves user information from an LDAP network directory to authenticate

and authorize users when they log in at the control panel. Configure LDAP server settings before configuring authentication settings. The printer can use any of the following protocols to communicate with your authentication server:

– Kerberos (Solaris, or Windows 2000/2003)

– SMB (Windows 2000/2003)

– LDAP

• Card Reader: To use this feature, purchase and install a magnetic or proximity card reading

system, such as Xerox identification card.

Secure Access. To access the printer, users swipe a pre-programmed

AAuutthhoorriizzaattiioonn

Authorization is the process of defining the services and features that users are allowed to access. For example, you can configure the printer to allow a user to copy, scan, and fax, but not email. There are two types of authorization:

• Locally on the Device (Internal Database): User login information is stored locally in the printer's

internal User Information Database.

• Remotely on the Network: User login information is stored externally in a network database such

as an LDAP directory.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

PPeerrssoonnaalliizzaattiioonn

Personalization is the process of customizing services for a specific user. If your network is connected to an LDAP server, the printer can look up the home directory and email address of a user for the Scan to Home, or email scanning features.

Note: Personalization is only available when the printer is configured to use network

authentication.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Local Authentication

SSeettttiinngg UUpp LLooccaall AAuutthheennttiiccaattiioonn

To configure local authentication:

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

2. On the Authentication Configuration page, for Login Type, select Login to Local Accounts.

3. To enable Print Stored File from Folder or Folder to PC/Server, select Enabled.

4. To allow users without accounts to access the printer, for Non-account Print, select Enabled.

5. To use the domain name for print client authentication, select Enabled.

6. Click Apply, then click Reboot Device.

DDeeffiinniinngg UUsseerr IInnffoorrmmaattiioonn

User information is required before you can define access rights for users. You can add user information to the User Information Database on the printer, or edit user information in the database. You can specify a network database or LDAP server that contains user information. For information on network authentication and LDAP user information, refer to Network Authentication and LDAP.

EEddiittiinngg tthhee UUsseerr IInnffoorrmmaattiioonn DDaattaabbaassee

You can add users to the User Information Database on the printer, or edit existing user information. The database can contain a maximum of 1000 users. To edit the User Information Database:

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

2. Click Next.

3. For Account Number, type a number, then click Edit. Each user in the database has a unique number.

4. In the User Identification area, type the user information. Type the user name and user identification. Type, then retype a password if needed. Type an email address.

5. In the Feature Access area, specify the copy, scan, print, and device access for the user.

6. In the Impression / Limits area, specify the usage limits for the user.

7. For User Role, select System Administrator, Account Administrator, or User.

8. If needed, add the user to an authorization group.

9. Click Apply.

The user is added to the User Information Database. When you add other users, ensure that you type a unique Account Number for each user.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

SSppeecciiffyyiinngg LLooggiinn RReeqquuiirreemmeennttss

To specify password requirements:

1. In the Embedded Web Server, click Properties→Security→User Details Setup.

2. If you want the control panel to display text other than the User ID, for Alternative Name for User ID, type the required text.

3. To display text as asterisks on the control panel, for Mask User ID, select Hide. To display text on the control panel, select Show.

4. For Failed Access Log, type the number of allowed login attempts from 1–600 attempts. To allow an unlimited number of login attempts, type 0. If the maximum number of allowed attempts is exceeded, the printer is locked, and requires a restart.

5. To allow users to log in without case sensitivity, for User ID for Login, select Non-Case Sensitive.

6. Type the minimum, and maximum password length. You can specify a password length from 1– 63 characters. If you do not want to specify a minimum limit, for Minimum Passcode Length, type 0.

7. Specify the number of login attempts for the system administrator, and local user, from 1–10 attempts. To allow an unlimited number of login attempts, type 0.

8. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Network Authentication

If you have an LDAP server connected to your network, you can configure the printer to retrieve user information from the LDAP directory when authenticating a user at the control panel.

SSeettttiinngg uupp NNeettwwoorrkk AAuutthheennttiiccaattiioonn

To set up network authentication:

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

2. In the Authentication Configuration area, for Login Type, select Login to Remote Accounts.

3. To enable the Print Stored File from Folder, or Folder to PC/Server services, select Enabled.

4. To allow users without accounts to access the printer, for Non-account Print, select Enabled.

5. To allow a guest user to access the printer, for Guest User, select On. Type the Guest Password, then retype the password to verify.

6. To use the domain name for authentication, for Use Domain Name for Print Client Authentication, select Enabled.

7. Click Apply, then click Reboot Device.

8. After the printer restarts, refresh your browser, navigate back to the Authentication Configuration→Step 1 of 2 page, then click Next.

9. For Authentication System, click Configure.

10. On the Authentication System page, select your Authentication System.

11. Type the Server Response Timeout, and the Search Timeout.

12. To assign the UPN if needed, for Assign UPN (User Principal Name), select Enabled.

13. Click Apply.

14. Click Reboot Device.

CCoonnffiigguurriinngg AAuutthheennttiiccaattiioonn SSeerrvveerr SSeettttiinnggss ffoorr KKeerrbbeerrooss

To configure authentication settings for the Kerberos server:

1. In the Embedded Web Server, click Properties→Security→Remote Authentication Servers→Kerberos Server.

2. To enable the Kerberos validation services, for Server Certificate Validation, select Enabled.

3. For Kerberos Server 1 (Default), type the server information:

a. Type the server name or IP address of your primary server.

b. Type the Primary Server Port Number.

c. Type the server name or IP address of your secondary server.

d. Type the Secondary Server Port Number.

e. Type the Domain Name of your server.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

4. If needed, type the server name or IP address, port number, and the domain name of any additional Kerberos servers in your network.

5. Click Apply.

CCoonnffiigguurriinngg AAuutthheennttiiccaattiioonn SSeerrvveerr SSeettttiinnggss ffoorr SSMMBB

To configure settings for the Server Message Block (SMB) server:

1. In the Embedded Web Server, click Properties→Security→Remote Authentication Servers→SMB Server.

2. For SMB Server Setup, select an option:

• By Domain Name

• By Domain Name & Server Name /IP Address

3. For each of your SMB servers, type the Domain Name and Server Name / IP Address.

4. Click Apply.

CCoonnffiigguurriinngg AAuutthheennttiiccaattiioonn SSeerrvveerr SSeettttiinnggss ffoorr LLDDAAPP

To configure authentication settings for the Lightweight Directory Access Protocol (LDAP):

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→LDAP Authentication.

2. For Authentication Method, select Direct Authentication or Authentication of User Attributes.

Direct Authentication uses the user name and password entered by the user for authentication with the LDAP server.

Authentication of User Attributes allows you to specify what information the user enters, and what the printer uses to authenticate the user.

3. If you selected Authentication of User Attributes:

a. Type the Attribute of Typed User Name. Enter the LDAP attribute that corresponds to the

information you want the user to enter at the control panel. For example, if you want the user to enter the mail address, type mail. The maximum length for the attribute is 32 characters.

b. Type the Attribute of Login User Name. Enter login information registered on the LDAP

server. The maximum length for the attribute is 32 characters.

4. To add text to the user input before authentication, for Use Added Text String, select Enabled. Type the Text String Added to User Name. For example, you can add your network domain name to the user name, and use this combined string for authentication.

5. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Authentication Using a Card Reader System

SSeettttiinngg UUpp AAuutthheennttiiccaattiioonn ffoorr XXeerrooxx®®SSeeccuurree AAcccceessss

Before you begin:

• Enable Secure HTTP (SSL).

• Install the Xerox

with user accounts. For information, refer to the authentication server documentation.

• Connect and configure your card reader.

• Install the appropriate plug-in for your card reader and printer model. Download the latest plug-in

files and plug-in installation instructions at www.xerox.com.

Note: Ensure that the accounts created on the Xerox®Secure Access authentication server

match the accounts stored in the local database on the printer, or in another network

authentication server.

To configure authentication services for Xerox

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

Secure Access Unified ID System®, then configure the authentication server

Secure Access:

2. In the Authentication Configuration area, for Login Type, select Xerox Secure Access.

3. To enable the Print Stored File from Folder, or Folder to PC/Server services, select Enabled.

4. To allow users without accounts to access the printer, for Non-account Print, select Enabled.

5. To use the domain name for authentication, for Use Domain Name for Print Client Authentication, select Enabled.

6. Click Apply, then click Reboot Device.

7. After the printer restarts, refresh your browser, navigate back to the Authentication Configuration→Step 1 of 2 page, then click Next.

8. For Authentication System, click Configure.

9. For Authentication System, click Authentication Agent.

10. For the Server Response Timeout, type the number in seconds that the device waits for a response from the server. For the Search Timeout, type the number in seconds that the device waits for a response to the search request.

11. To assign the UPN if needed, for Assign UPN (User Principal Name), select Enabled.

12. Click Apply.

13. Click Reboot Device. Follow the instructions to restart the printer.

CCoonnffiigguurriinngg XXeerrooxx®®SSeeccuurree AAcccceessss LLooggiinn SSeettttiinnggss

To configure Xerox®Secure Access login settings:

1. In the Embedded Web Server, click Properties→Security→Remote Authentication Servers→Xerox Secure Access Settings.

2. Type the Default Prompt text and Default Title text.

3. To allow users to type their credentials at the control panel, for Local Login, select Enabled.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

4. To allow the printer to obtain the accounting code automatically for the user from a network accounting server when the user logs in at the control panel, for Get Accounting Code, select Enabled. Ensure that network authentication and network accounting are configured. If Get Accounting Code is not enabled, the user has to enter an accounting code when they log in at the control panel.

5. For Connection Timeout, type a connection timeout between 1–300 seconds.

6. Click Apply.

SSeettttiinngg UUpp AAuutthheennttiiccaattiioonn ffoorr aa UUSSBB SSmmaarrtt CCaarrdd RReeaaddeerr SSyysstteemm

To use the printer with a card reader system other than Xerox®Secure Access, you must order and install a card reader kit. The kit includes hardware, software, and instructions for connecting and configuring your card reader system.

Before you begin:

• Install a Kerberos authentication server and configure with user accounts.

• Connect your card reader to the printer.

CCoonnffiigguurree NNeettwwoorrkk AAuutthheennttiiccaattiioonn SSeettttiinnggss

1. Configure network authentication. For details, refer to Network Authentication.

2. Configure Kerberos server settings. For details, refer to Configuring Authentication Server Settings

for Kerberos.

CChhaannggiinngg SSmmaarrtt CCaarrdd SSeettttiinnggss iinn tthhee EEmmbbeeddddeedd WWeebb SSeerrvveerr

Enabling USB for Smart Cards

To enable the USB interface for a smart card reader:

1. In the Embedded Web Server, click Properties→Services→USB→General.

2. To enable USB for smart cards, for Smart Card, select Enabled. To use the public key infrastructure for Smart Card certificates, select Enabled (PKI Only).

3. Click Apply.

Enabling Smart Cards

To enable smart cards:

1. In the Embedded Web Server, click Properties→Security→Smart Card Settings→General.

2. For Smart Card, click Enabled.

3. To enable login and logout tones for a non-contact card reader, for, Smart Card Log In / Out Tone, select Enabled.

4. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Setting Smart Card Certificate Information

To set certificate information for smart cards:

1. In the Embedded Web Server, click Properties→Security→Smart Card Settings→Certificate Settings.

2. To verify certificates, for Certificate Verification, select Enabled.

3. Type the hexadecimal values for the object identifiers for the authentication, signing, and encryption certificates.

4. Click Apply.

CChhaannggiinngg SSmmaarrtt CCaarrdd SSeettttiinnggss aatt tthhee CCoonnttrrooll PPaanneell

Enabling Smart Card Settings

To enable Smart Card settings:

1. At the control panel, log in as Administrator, press the Machine Status button, then touch the Tools tab.

2. Touch Authentication / Security Settings→Authentication→User Details Setup.

3. Touch Use of Smart Card.

4. Touch Change Settings.

5. To enable the use of a smart card, touch Enabled. To use the public key infrastructure for the certificates, touch Enabled (PKI Only).

6. For Jobs Validated by Card, select Copy, Print, or Scan as needed, then touch Save.

You can enable the use of a smart card for the Fax feature.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

Setting the Smart Card Certificate Verification Mode

For additional security, you can set the printer to validate a Smart Card against certificates stored on the printer.

To set the Smart Card verification mode:

1. At the control panel, login as Administrator, press the Machine Status button, and touch the Tools tab.

2. Touch Authentication / Security Settings→Authentication→User Details Setup.

3. Touch Smart Card Certificate Verification.

4. Touch Change Settings.

5. Touch Enabled.

6. Touch Save.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

Note: Configure certificate revocation retrieval settings as necessary.

• Ensure that the root CA and intermediate CA of the Smart Card certificate are stored on the printer.

• Ensure that the date and time settings on the printer are correct to validate the certificate.

Setting the Smart Card Logout Timing

Use this feature to set whether the Smart Card needs to remain in the card reader while using the printer or the user can tap the card on the reader to gain access to the system. If the card does not remain in the card reader, the user has to log out at the control panel.

To set the Smart Card Logout Timing:

1. At the control panel, press the Machine Status button and touch the Tools tab.

2. Touch Authentication / Security Settings→Authentication→User Details Setup.

3. Touch Smart Card Logout Timing.

4. Touch Change Settings.

5. Touch either Log Out when Card is Removed or Log Out from Control Panel.

6. Touch Save.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Authentication Common Access Card (CAC)

AAuutthheennttiiccaattiioonn CCoommmmoonn AAcccceessss CCaarrdd ((CCAACC)) OOvveerrvviieeww

The Common Access Card (CAC) system is part of a Department of Defense initiative to increase the security of its facilities and critical information through the use of smart identification cards. Eventually all department employees will use CAC cards to gain access to computers, networks, and buildings. In many cases the department is requesting that same level of authentication at the printer level, as well. When enabled on this printer, Department of Defense employees will need to use their CAC card to access the machine to scan, fax, or copy documents, providing greater security and management of the machines.

Xerox®CAC Enablement software supports a number of card readers and allows users to authenticate at the machine. The card reader is connected to a USB port on the printer.

SSuuppppoorrtteedd CCaarrdd TTyyppeess

The CAC solution is compatible with most common CAC card types listed below.

• Axalto Pegasus 64K / V2

• Axalto Cyberflex 32K / V1

• Axalto Cyberflex 64K / V2

• Gemplus GemXpresso 64K / V2

• Oberthur 72K / V2

• Oberthur CosmopoIIC 32K / V1

• Oberthur D1 72K / V2 (contact-less and PIV)

• Gemalto GCX4 72K DI

• Oberthur ID One 128 v5.5 Dual

• Gemalto TOPDLGX4 144K

Note: Other card types may function with the Common Access Card (CAC)/Personal Identity

Verification (PIV) ID system but they have not been validated.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

SSuuppppoorrtteedd CCaarrdd RReeaaddeerrss

The following card readers are compatible with the CAC ID system:

• Gemplus GemPC USB SL

• Gemplus GemPC Twin

• SCM Micro SCR3310

• Panasonic ZU 9PS

Other USB CCID-compliant readers may function with the CAC ID system but have not been validated.

Security

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Controlling Access to Tools and Features

CCoonnttrroolllliinngg AAcccceessss ffoorr AAllll UUsseerrss

LLoocckkiinngg oorr UUnnlloocckkiinngg TToooollss aanndd FFeeaattuurreess ffoorr AAllll UUsseerrss

You can configure the printer to require users to authenticate themselves to access tools and features at the control panel and in the Embedded Web Server. To lock or unlock tools and features:

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

2. Click Next.

3. In the Access Control area, for Device Access, click Configure.

4. For Services Pathway, to require authentication for all services at the control panel, select

Locked. To allow unauthenticated access, select Unlocked.

5. For Job Status Pathway, to require authentication for all services accessed from the Job Status

button, select Locked. To allow unauthenticated access, select Unlocked.

6. For Machine Status Pathway, to require authentication for all services accessed from the Machine Status button, select Locked. To allow unauthenticated access, select Unlocked.

7. For Local UI Tools & CWIS Properties Tab, to require authentication for all services in the Tools tab at the control panel, and for the Properties tab in the Embedded Web Server, select Locked. To allow unauthenticated access, select Unlocked.

8. Click Apply.

LLoocckkiinngg,, UUnnlloocckkiinngg,, oorr HHiiddiinngg IInnddiivviidduuaall SSeerrvviicceess ffoorr AAllll UUsseerrss

You can configure the printer to require users to authenticate themselves to access services at the control panel. To lock, unlock, or hide services:

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

2. Click Next.

3. In the Access Control area, for Service Access, click Configure.

4. To require authentication for all services, click Lock All. To allow unauthenticated access to all services, click Unlock All.

5. To set the access for each individual service, select the required access:

• Locked (Show Icon): Use this setting to require authentication for the service at the control

panel. The service icon is visible to all users.

• Locked (Hide Icon): Use this setting to require authentication for the service at the control

panel. The service icon is hidden until an authorized user logs in.

• Locked: Use this option to hide the service so that it is not available at the control panel.

• Unlocked: Use this option to allow access to the service without authentication.

6. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

CCoonnttrroolllliinngg AAcccceessss ffoorr aa GGrroouupp ooff UUsseerrss

If your network is connected to an LDAP server, you can configure network authentication and control individual user or group access to services and features.

LDAP server user groups can be used to control access to services and features of the printer. For example, the LDAP server may contain a group of users called Admin. You can configure the Admin group on the printer so that only members of this group have Administrator access to the printer. When a user belonging to the group Admin logs onto the printer, the printer performs an LDAP directory lookup to verify the user. Once authenticated, the user is allowed administrative rights to the printer.

You can set up and control access to your printer:

• User Roles Access Setup

• Device Access Setup

• Service Access Setup

Before you begin:

• Configure Network Authentication.

• Configure LDAP server settings.

UUsseerr RRoolleess AAcccceessss SSeettuupp

To assign users to specific role/access groups:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→LDAP Authorization Access.

2. In the User Roles area, for System Administrator Access, click Edit. Type the name of the group, defined in the LDAP server database, that you want to use to grant System Administrator access to the printer. Click Apply.

3. For Accounting Administrator Access, click Edit. Type the name of the group, defined in the LDAP server database, that you want to use to grant Accounting Administrator access to the printer. Click Apply.

4. If needed, continue with other access settings:

• Device Access Setup

• Service Access Setup

5. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

DDeevviiccee AAcccceessss SSeettuupp

Note: Device Access setup requires that Authentication is enabled and that access is

configured to require users to log in before they can access pathways.

To set up device access:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→LDAP Authorization Access.

2. In the Device Access area, for Services Pathway, click Edit. Type the name of a group, defined at the LDAP server, that you want to use to provide access to the Services features on the printer. Click Apply.

3. Repeat the same process for the Job Status Pathway and the Machine Status Pathway.

4. If needed, continue with other access settings:

• User Roles Access Setup

• Service Access Setup

5. Click Apply.

SSeerrvviiccee AAcccceessss SSeettuupp

Note: Service Access Setup requires that Authentication is enabled and that access is

configured to require users to log in before they can access services.

You can specify access to the services of the printer under Service Access. Type the names of the LDAP groups for any of the services listed.

To set up service access:

1. In the Embedded Web Server, click Properties→Connectivity→Protocols→LDAP→LDAP Authorization Access.

2. In the Service Access area, for a service, click Edit, Type the name of the LDAP group allowed to access the service. Click Apply.

3. Repeat the process for each of the individual services in the Service Access area.

4. If needed, continue with other access settings:

• User Roles Access Setup

• Device Access Setup

5. Click Apply.

RReesseettttiinngg FFeeaattuurree AAcccceessss ffoorr AAllll LLooccaall UUsseerrss

Before you begin, configure the printer for local authentication. Add user information, and feature access information, to the User Information Database. For information, refer to Local Authentication. To reset feature access for all local users:

1. In the Embedded Web Server, click Properties→Security→Authentication Configuration.

2. Click Next.

3. In the Authentication Configuration area, for All User Accounts, click Edit.

4. For Reset All Feature Access, select Reset.

5. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

Digital Certificates

A digital certificate must be installed on the printer before you can enable secure HTTP (SSL). A digital certificate is a set of data used to verify the identity of the holder or sender of the certificate. A certificate includes the following data:

• Information about the person, organization, or computer that the certificate is issued to, including

the name, location, email address, and other contact information.

• Serial number of the certificate

• Expiration date of the certificate

• Name of the certificate authority (CA) that issued the certificate

• A public key

• A certificate authority’s digital signature

IInnssttaalllliinngg aa DDiiggiittaall CCeerrttiiffiiccaattee

There are three ways to install a certificate on the printer:

• Create a Self-Signed Certificate. A Self-Signed Certificate is the result when the printer creates its

own certificate, signs it, and creates a public key for the certificate to be used in SSL encryption.

• Create a request to have a certificate authority (CA), or a server functioning as a certificate

authority sign a certificate and then upload the certificate to the printer. An example of a server functioning as a CA is Windows Server running Certificate Services.

• Install a trusted root certificate created by a CA.

Note: Installing a self-signed certificate is less secure than installing a certificate signed by a

trusted CA. However, if you do not have a server functioning as a certificate authority this is

your only option.

CCrreeaattiinngg aa SSeellff--SSiiggnneedd CCeerrttiiffiiccaattee

1. Enable S/MIME capability for the self-signed certificate if necessary. For details, see Assigning a

Name and Location to the Printer.

2. In the Embedded Web Server, click Properties→Security→Device Digital Certificate Management.

3. Click Create New Certificate.

4. Select Self Signed Certificate.

5. Click Continue.

6. Click a digital signature encryption algorithm.

7. Select the Public Key Size and type the name of the Issuer.

8. For Days of Validity, type the number of days (1-9999) until the certificate expires.

9. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

CCrreeaattiinngg aa RReeqquueesstt

To create a request:

1. In the Embedded Web Server, click Properties→Security→Device Digital Certificate Management.

2. Click Create New Certificate.

3. Select Certificate Signing Request (CSR).

4. Fill out the form with the Digital Signature Algorithm, Public Key Size or Elliptic Curve, 2-Letter

Country Code, State/Province Name, Locality Name, Organization Name, and Organization Unit.

5. Click Apply.

Values from the form are used to generate a Certificate Signing Request.

6. When the process is complete, you are prompted to save the Certificate Signing Request. Rightclick the link, then save the csr.pem file to your computer.

7. Email the file to a trusted certificate authority for signing.

Note: If you want to use SSL/TLS for SMTP communication, for SMTP - SSL/TLS

Communication, select a method that your server supports.

UUppllooaaddiinngg aa CCeerrttiiffiiccaattee

When a signed certificate is received back from a trusted certificate authority (CA), you can upload the certificate to the printer. You can also upload certificates, root certificates, and intermediate CA certificates to establish a complete chain of trust.

To upload a certificate:

1. In the Embedded Web Server, click Properties→Security→Device Digital Certificate Management.

2. Click Upload Signed Certificate.

3. If the certificate is password protected, type the password and retype it to verify.

4. Click Browse or Choose File, navigate to the signed certificate in .crt format, and click Open or Choose.

5. Click Import.

Note: The signed certificate must match the CSR created by the printer.

MMaannaaggiinngg CCeerrttiiffiiccaatteess

To see information about the certificates installed on the printer, or specify the certificate to use for S/MIME, SSL, and IPSEC:

1. In the Embedded Web Server, click Properties→Security→Certificate Management.

2. Select a Category, Certificate Purpose, and Certificate Order to filter the display.

3. Click Display the list.

4. Select a certificate from the list and click Certificate Details.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

5. To set the certificate as the primary certificate, click Use this certificate. If Use this certificate is not available, then the selected certificate has expired or is not valid. All certificates in the certification path (chain of trust) must be installed on the printer and be valid.

6. Click Delete to remove the certificate or Export to save the certificate to your computer.

CCeerrttiiffiiccaattee RReevvooccaattiioonn SSeettttiinnggss

To configure certificate revocation retrieval settings:

1. In the Embedded Web Server, click Properties→Security→Certificate Revocation Settings.

2. In the General area, select Level of Certificate Verification.

• Low: The revocation status of certificates is not checked. The printer verifies that the

certificate has not expired and that the certificate issuer and signature are valid.

• Medium: The revocation status of certificates is checked. If the certificate status cannot be

obtained due to a network error, the certificate is still considered valid.

• High: The revocation status of certificates is checked. The certificate is considered valid after

successfully verifying that the certificate has not been revoked.

3. For Retrieval of Certificate Status, select By OCSP or By Retrieving CRL.

4. If you selected OCSP as the retrieval method:

a. In the OCSP area, for Send Query to OCSP Responder With, select URL as Specified in

Certificate or URL as Specified by Administrator.

b. For the URL of OCSP Responder, type the required URL.

c. For the OCSP Communication Timeout, type the time in seconds that the device waits for

information about certificate revocation. The permitted range is 5–60 seconds.

5. If you selected CRL as the retrieval method:

a. In the CRL area, for Auto Retrieval of CRL, select Enabled if needed.

b. For the CRL Retrieval Timeout, type the time in seconds that the device waits for

information about certificate revocation. The permitted range is 5–60 seconds.

6. To accept the changes, click Apply. To retain the previous settings, click Undo.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Secure HTTP and SSL/TLS

You can encrypt all data sent over HTTP by establishing an encrypted SSL connection. You can enable SSL encryption for the following services:

• Configuring the printer in the Embedded Web Server

• Printing from the Embedded Web Server

• Printing using IPP

• Managing scan templates

• Network scanning

• Network accounting

Before you begin:

• Install a Digital Certificate.

• Ensure that the date and time configured on the printer is correct. This is used to set the start

time for self-signed certificates.

CCoonnffiigguurriinngg SSeeccuurree HHTTTTPP ((SSSSLL//TTLLSS))

Note: Ensure that you install a digital certificate on the printer before you enable Secure

HTTP.

Note: If Secure HTTP is enabled, when you access the Embedded Web Server, all pages

contain https:// in the web page URL.

To configure HTTP (SSL/TLS):

1. In the Embedded Web Server, click Properties→Security→SSL / TLS Settings.

2. For HTTP - SSL/TLS Communication, select Enabled.

3. Type the port number that you want to use for HTTP SSL/TLS.

4. To use secure LDAP, for LDAP - SSL/TLS Communication, select Enabled.

5. To use secure email, for SMTP - SSL/TLS Communication, select STARTTLS (if available), STARTTLS, or SSL/TLS.

6. To use secure POP3, for POP3 - SSL / TLS Communication, select Enabled.

7. To use S/MIME, for S/MIME Communication, select Enabled.

8. To verify a remote server certificate, for Verify Remote Server Certificate, select Enabled.

9. For Protocol Version, select the version of TLS that you want to use.

10. Click Apply.

Note: If you are unsure what method your server supports, select STARTTLS (if available). If

you select STARTTLS, the printer attempts to use STARTTLS. If your server does not support

STARTTLS, SMTP communication is not encrypted.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

S/MIME

Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and signing of email encapsulated in MIME.

Before you begin:

• Enable SSL/TLS.

• Install an S/MIME certificate and all certificates in the certification path (chain of trust) for the S/

MIME certificate. The S/MIME certificate must be in PKCS #12 format, and the email address in the certificate must be the same as the printer's email address.

• Enable S/MIME Communication on the SSL/TLS Settings page.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

IPsec

Internet Protocol Security (IPsec) is a group of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP data packet. It allows you to control IP communication by creating protocol groups, policies, and actions for the following:

• DHCP v4/v6 (TCP and UDP)

• DNS (TCP and UDP)

• FTP (TCP)

• HTTP (Scan Out, TCP port 80)

• HTTPS (Scan Out, TCP port 443)

• HTTPS (Web Server, TCP port 443)

• ICMP v4/v6

• IPP (TCP port 631)

• LPR Print (TCP port 515)

• Port 9100 Print (TCP port 9100)

• SMTP (TCP/UDP port 25)

• SNMP (TCP/UDP port 161)

• SNMP Traps (TCP/UDP port 162)

• WS-Discovery (UDP port 3702)

• Up to 10 additional services

CCoonnffiigguurriinngg IIPPsseecc

Note: Secure HTTP (SSL) must be enabled with an installed digital certificate before you can

enable IPsec.

To configure Internet Protocol (IP) security communications:

1. In the Embedded Web Server, click Properties→Security→IPsec.

2. For Protocol, select Enabled.

3. For IKE Authentication Method, select Preshared Key, or Digital Signature.

4. If you select Preshared Key, type the Preshared Key and retype the key to verify.

5. Type the IKE SA Lifetime (5-28800 minutes).

6. Type the IPsec SA Life Time (300-172800 minutes).

7. Select the DH Group type.

8. Enable PFS if necessary.

9. Type the Specific Destination IPv4 Address.

10. Type the Specific Destination IPv6 Address.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

11. To restrict the printer from communicating with devices that are not using IPsec, for

Communicate with Non-IPsec Device, select Disabled.

12. Click Apply.

Security

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

802.1X

802.1X is an Institute for Electrical and Electronics Engineers (IEEE) standard that defines a method

for port-based network access control or authentication. In an 802.1X-secured network, the printer must be authenticated by a central authority, typically a RADIUS server, before it can access the physical network. You can enable and configure the printer to be used in an 802.1X-secured network.

Before you begin:

• Ensure your 802.1X authentication server and authentication switch are available on the network.

• Determine the authentication method supported by the server.

• Create a user name and password on your authentication server.

• Ensure that the printer can be offline for several minutes. Changing and applying 802.1X settings

causes the printer to restart.

CCoonnffiigguurriinngg 880022..11XX

To configure 802.1x network settings:

1. In the Embedded Web Server, click Properties→Security→IEEE 802.1X.

2. For Enable IEEE 802.1X, select Enabled.

3. For Authentication Method, select the method used on your network. You can select EAP-TTLS /

PAP, EAP-TLLS / CHAP, EAP-TLLS / MS-CHAPv2, or PEAP / MS-CHAPv2.

Note: EAP-TLS: This method is available if the printer is configured to use EAP-TLS.

4. Type the Login Name (Device Name) required by your authentication switch and server.

5. Type the Password, then retype to verify.

6. For Certificate Verification, select Enabled if desired.

7. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

FIPS140-2 Data Encryption

All data stored on and transmitted by the printer is encrypted. Some services and protocols, such as SMB, and the PDF Direct Print service do not use an encryption method that complies with government standard FIPS140-2. You can warn users with a control panel message when data is about to be transmitted that is not encrypted to FIPS140-2 standard. For more information, see the printer's Security White Paper on the Xerox website.

To enable the data encryption warning message:

1. In the Embedded Web Server, click Properties→Security→FIPS140 Validation Mode.

2. For FIPS140 Validation Mode, select Enabled.

3. Click Apply.

Note:

FIPS 140-2 encryption does not apply to the following services and protocols: SMB, or the PDF Direct Print Service.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Overwriting Image Data

To ensure that image data on the printer's hard drive cannot be accessed, you can delete and overwrite image data. Image data is any and all in-process or temporary user data on the hard drive, such as current jobs, queued jobs, and temporary scan files, but not saved jobs or folders. To use this feature, you must purchase and install the Data Security Kit.

OOvveerrwwrriittiinngg IImmaaggee DDaattaa iinn tthhee EEmmbbeeddddeedd WWeebb SSeerrvveerr

DDeelleettiinngg IImmaaggee DDaattaa IImmmmeeddiiaatteellyy

To delete image data on the hard drive of the printer:

1. In the Embedded Web Server, click Properties→Security→On Demand Overwrite→Immediate.

2. Select the number of overwrites to perform.

3. Click Apply.

While the data is being deleted, the printer is offline. The printer restarts when the process is complete.

SScchheedduulliinngg tthhee RRoouuttiinnee DDeelleettiioonn ooff IImmaaggee DDaattaa

To schedule a regular time to delete the image data on the hard drive of the printer:

1. In the Embedded Web Server, click Properties→Security→On Demand Overwrite→Scheduled.

2. For Scheduled Image Overwrite, select Enabled.

3. Select the Frequency of the overwrite operation.

4. To specify when you want the image data deleted, set the date, day, and time, as needed.

5. Click Apply.

MMaannuuaallllyy DDeelleettiinngg IImmaaggee DDaattaa

To remove the image data manually:

1. In the Embedded Web Server, click Properties→Security→On Demand Overwrite→Scheduled.

2. ClickStart.

While the data is being deleted, the printer is offline. The printer restarts when the process is complete.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

OOvveerrwwrriittiinngg IImmaaggee DDaattaa aatt tthhee CCoonnttrrooll PPaanneell

MMaannuuaallllyy DDeelleettiinngg IImmaaggee DDaattaa

To delete image data manually on the hard drive of the printer:

1. At the control panel, login as Administrator, press the Machine Status button, then touch the Tools tab.

2. Touch Authentication/Security Settings→Overwrite Hard Disk→Number of Overwrites.

3. Touch 1 Overwrite, or 3 Overwrites.

4. Touch Save.

5. Touch Run Image Overwrite.

6. Touch Start.

7. Touch Yes to confirm. The following are deleted:

• Secure, Sample, and Delay print jobs

• Images stored in folders

• PDL spool files

• Fax documents

• Any temporary files

Note: All image data will be deleted.

Note: While data is being deleted, the printer will be offline. The printer will restart when the

process is complete.

Note: The fax feature is an option that is available only on the Xerox®PrimeLink®B9100

device.

SScchheedduulliinngg RRoouuttiinnee DDeelleettiioonn ooff IImmaaggee DDaattaa

To schedule a regular time to delete image data from the hard drive on the printer:

1. At the control panel, press the Machine Status button, then touch the Tools tab.

2. Touch Authentication/Security Settings→Overwrite Hard Disk→Number of Overwrites.

3. Touch 1 Overwrite, or 3 Overwrites.

4. Touch Save.

5. Touch Scheduled Image Overwrite.

6. Touch Daily, Weekly, or Monthly and touch the arrow icons to specify when you want image data to be deleted.

7. Touch Save.

Note: All image data will be deleted.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

IP Filtering

You can prevent unauthorized network access by only allowing data to be transmitted to and from specific IP addresses and ports.

CCrreeaattiinngg aann IIPP FFiilltteerr RRuullee

To create an IP filter rule:

1. In the Embedded Web Server, click Properties→Security→IP Filtering.

2. For IPv4 Filtering or IPv6 Filtering, select Enabled.

3. For the option that you enabled, click Add.

4. In the Define IP Filter Rule area, type the Source IP Address. The address is the IP address of the computer or device that you want to allow access to the printer.

5. Type a number for the Source IP Mask for the filter rule. For IPv4, the range of 0–32 corresponds to the 32-bit binary number that comprises IP addresses. The number 8 represents a Class A address with a mask of 255.0.0.0. The number 16 represents a Class B address with a mask of 255.255.0.0. The number 24 represents a Class C address with a mask of 255.255.255.0.

For IPv6, the range of 0–128 corresponds to the 128-bit binary number that comprises IP addresses. For example, a mask of /64 represents a 64-bit mask, which defines a single IPv6 subnet.

6. Click Apply, then follow the prompts to restart the printer.

7. Refresh your browser, then navigate back to the IP Filtering page. For the IP Filter Rule List, select the rule that you created in the first part of the process.

8. Select your rule in the list, then click Apply.

9. To edit or delete an existing rule, click Edit or Delete.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

Unbounded Ports

The unbounded port feature provides printer security, by allowing you to register the ports that are permitted to communicate with the printer.

AAddddiinngg aann UUnnbboouunnddeedd PPoorrtt

To add a port that is allowed to communicate with the printer:

1. In the Embedded Web Server, click Properties→Security→Unbounded Port.

2. Click Add.

3. Type the port number.

4. For Port Destination, select Source or Destination.

5. For Protocol, select TCP or UDP.

6. Click Apply.

EEddiittiinngg aann UUnnbboouunnddeedd PPoorrtt

To edit an unbounded port:

1. In the Embedded Web Server, click Properties→Security→Unbounded Port.

2. Select an item in the Unbounded Port List, then click Edit.

3. Edit the port number, destination, and protocol, as needed.

4. Click Apply.

DDeelleettiinngg aann UUnnbboouunnddeedd PPoorrtt

To delete an unbounded port:

1. In the Embedded Web Server, click Properties→Security→Unbounded Port.

2. Select an item in the Unbounded Port List, then click Delete.

3. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Audit Log

When the Audit Log feature is enabled, the printer begins recording events that happen on the printer. You can download the Audit Log as a tab-delimited text file and review it to find security breaches and assess the printer's security.

EEnnaabblliinngg AAuuddiitt LLoogg

Note: Secure HTTP (SSL) must be enabled before you can enable the Audit Log. For details, see

Secure HTTP (SSL).

To enable the Audit Log:

1. In the Embedded Web Server, click Properties→Security→Audit Log.

2. For Audit Log, select Enabled.

3. Click Apply.

SSaavviinngg aann AAuuddiitt LLoogg

1. In the Embedded Web Server, click Properties→Security→Audit Log.

2. Under Export Audit Log, right-click the Export as text file link and save the compressed auditfile.txt file to your computer.

3. Open the file in an application that can read a tab-delimited text file.

IInntteerrpprreettiinngg tthhee AAuuddiitt LLoogg

The Audit Log is formatted into columns:

• Log ID: A unique value that identifies the event.

• Date: The date that the event happened in mm/dd/yy format.

• Time: The time that the event happened in hh:mm:ss format.

• Audit Event ID: The type of event. The number corresponds to a unique description.

• Logged Events: An abbreviated description of the type of event.

• User Name: User Name, Job Name, Computer Name, Printer Name, Folder Name, or Accounting

Account ID (when Network Accounting is enabled).

• Description: More information about the Logged Event. When the Logged Event is System Status

for example, the information can include: Started normally (cold boot), Started normally (warm boot), Shutdown requested, Image Overwriting started.

• Optionally Logged Items: Other information recorded when the event occurs, such as login and

authentication access method.

Note:

• For a Network Scanning scan job, an audit log entry is recorded for each network destination within the job.

• For Email jobs, an audit log entry is recorded for each SMTP recipient within the job.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

• To record user names in the Audit Log, configure network authentication.

Security

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

PDF and XPS Signatures

You can add a digital signature to PDF or XPS documents that are created by the printer scan feature. The signature uses the information in an S/MIME digital certificate.

Before you begin:

• Install an S/MIME digital certificate.

• Enable secure HTTP (SSL) and S/MIME communication.

To set digital signatures:

1. In the Embedded Web Server, click Properties→Security→PDF / XPS Signature Settings.

2. For PDF Signature, select when you want the signature added.

3. Select the required PDF Signature Hash Algorithm.

4. For XPS Signature, select when you want the signature added.

5. Select the type of signing certificate to which these changes apply.

6. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

Address Book Security

CCoonnttrroolllliinngg EEmmbbeeddddeedd WWeebb SSeerrvveerr AAddddrreessss BBooookk AAcccceessss

You can allow all users to edit the public address book in the Embedded Web Server or restrict access to System Administrators only.

To control address book access:

1. In the Embedded Web Server, click the Address Book tab.

2. Under Security, click Access Rights.

3. Select System Administrators Only or Open to All Users.

4. Click Apply.

CCoonnttrroolllliinngg CCoonnttrrooll PPaanneell AAddddrreessss BBooookk AAcccceessss

Before you begin, configure Local Authentication. You can create an Authorization Group to restrict users from using or editing the address book at the control panel.

To restrict access to the address book at the control panel:

1. In the Embedded Web Server, click Properties→Security→Create Authorization Groups.

2. Click Edit for one of the group numbers.

3. Type the Group Name.

4. For Restrict Recipient Selection Method, to allow access for the group, select No Restriction. To

require authentication for the group, select Always Apply Restriction.

5. For Restrict User to Edit Address Book, select No Restriction, or Always Apply Restriction.

6. For Allow User to Disable Active Settings, select Allow or Do Not Allow.

7. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Restricting Access to Job Information

You can control how job information is displayed at the control panel when users press the Job Status button.

HHiiddiinngg oorr PPaasssswwoorrdd--PPrrootteeccttiinngg CCoommpplleetteedd JJoobb IInnffoorrmmaattiioonn

To control access to completed job information:

1. In the Embedded Web Server, click Properties→Security→Job Status Default→Completed Jobs View.

2. For Completed Jobs View, select Allow Job Viewing at All Times, Require Login to View Jobs, or No Job Viewing.

3. If you selected Require Login to View Jobs, select All Jobs, or Jobs Run By Login User Only.

4. For Hide Job Details, select Yes or No.

5. Click Apply.

HHiiddiinngg AAccttiivvee JJoobb IInnffoorrmmaattiioonn

To hide or show active job information:

1. In the Embedded Web Server, click Properties→Security→Job Status Default→Active Jobs View.

2. for Hide Job Details, select Yes or No.

3. Click Apply.

AAlllloowwiinngg oorr RReessttrriiccttiinngg JJoobb OOppeerraattiioonnss

To control the job operations that a user can perform:

1. In the Embedded Web Server, click Properties→Security→Job Status Default→Job Operation Restrictions.

2. For Pause / Cancel, select All Users, Administrator Only, or Job Owner and Administrator.

3. For Continue / Edit Scan, select All Users, or Job Owner and Administrator.

4. For Continue / Edit Print, select All Users, or Job Owner and Administrator.

5. For Promote Print Job, select All Users, or Job Owner and Administrator.

6. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Security

Hiding or Displaying Network Settings

To show or hide the IPv4 address or host name of the printer on the control panel:

1. In the Embedded Web Server, click Properties→Security→Display Network Settings.

2. To show information, select Show IP Address (IPv4 only), or Show Host Name. To hide network information, select Hide Network Information.

3. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Restricting Service Representative Operations

You can allow a service representative full access to the printer, or restrict access to the following operations:

• Delete all data

• Secure watermark

• Image log control

• Print universal unique ID

• Data encryption

• Encryption key for confidential data

• Service representative restricted operation

• SSL / TLS settings

• S/MIME settings

• IPsec settings

• System administrator settings

• Maximum login attempts by the System Administrator

• Overwrite hard drive

• Creating or changing users with System Administrator rights

• Changing SNMPv3 settings

If you restrict access, you can specify a password for the service representative operations.

Caution:

• To recover the printer if you lose the System Administrator user ID and password can require a repair.

• If you lose the System Administrator user ID and password, you cannot change these restrictions.

• If you lose the password, the service representative cannot perform maintenance if an error occurs on the printer.

SSeettttiinngg uupp SSeerrvviiccee RReepprreesseennttaattiivvee RReessttrriiccttiioonnss

To restrict the access of a service representative:

1. In the Embedded Web Server, click Properties→Security→Service Representative Restricted Operation.

2. For Restricted Operation, select Enabled.

3. To set a password, type and retype the password.

4. Click Apply.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Limiting Access to Folder Operations

You can limit access to folder operations on the printer. Limiting access forces users to enter a password to perform a folder operation. The restriction does not apply to any folders already registered.

1. In the Embedded Web Server, click Properties→Security→Limit Access to Folder.

2. For Limit Access, select Enabled.

3. Click Apply.

Security

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Security

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Printing

This chapter contains:

• Selecting Print Mode Options ..... ..... ........... ........... ...... ..... ...... ..... ...... ........... ........... ........... ........ 98

• Language Emulation Settings . ..... ...... ...... ..... ...... ..... ........... ...... ..... ...... ..... ...... ..... ...... ........... ..... 99

• Managing Banner Page Printing Options......... ...... ..... ...... ..... ...... ..... ...... ........... ........... ..... ...... . 101

• Print Service Settings. ...... ........... ..... ...... ..... ...... ..... ...... ...... ..... ...... ..... ........... ........... ...... ..... ...... 103

• UNIX

, Linux®, and AS/400 Printing. ..... ...... ........... ........... ........... ..... ...... ...... ..... ...... ..... ...... ..... 106

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Printing

Selecting Print Mode Options

To specify the print mode that you want the printer to use for individual protocol types:

1. In the Embedded Web Server, click Properties→Services→Printing→Print Mode.

2. For each print mode listed, select Auto, PostScript 3, HP-GL/2, PCL 6/5e, or TIFF/JPEG from the menu.

3. For each print mode, select PJL if necessary.

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Printing

Language Emulation Settings

The printer can be used with SAP®Enterprise Resource Planning (ERP) software applications. In the

SAP

environment, users and automated processes create documents to support business functions. For example, to dispatch goods from a warehouse requires packing lists and goods labels. To support users and processes, you can create up to 20 logical printers. Each logical printer has print settings for the different documents produced.

CCoonnffiigguurriinngg PPoossttSSccrriipptt 33 LLaanngguuaaggee EEmmuullaattiioonnss

To configure PostScript 3 language emulations:

1. In the Embedded Web Server, click Properties→Services→Printing→Language

Emulations→PostScript 3.

2. For Logical Printer Number, type a number, then click Edit.

3. In the PostScript Logical Printer Settings area, set the printer settings as needed.

4. Click Apply.

5. For Memory Settings, select Factory Settings or Logical Printer Number.

6. Set the user details, then enable the native mode of the print driver, as needed.

7. Click Apply.

CCoonnffiigguurriinngg PPCCLL®®66//55ee LLaanngguuaaggee EEmmuullaattiioonnss

To configure PCL®6/5e language emulations:

1. In the Embedded Web Server, click Properties→Services→Printing→Language

Emulations→PCL 6 / 5e.

2. In the Language Emulations area, set the printer settings as needed.

3. Click Apply.

CCoonnffiigguurriinngg TTIIFFFF aanndd JJPPEEGG LLaanngguuaaggee EEmmuullaattiioonnss

To configure TIFF and JPEG language emulations:

1. In the Embedded Web Server, click Properties→Services→Printing→Language

Emulations→TIFF / JPEG.

2. For Logical Printer Number, type a number, then click Edit.

3. In the TIFF / JPEG Logical Printer Settings area, set the printer settings as needed.

4. Click Apply.

5. For Memory Settings, select Factory Settings or Logical Printer Number.

6. Click Apply.

Xerox

PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer

System Administrator Guide

Printing

CCoonnffiigguurriinngg HHPP--GGLL//22 LLaanngguuaaggee EEmmuullaattiioonnss

To configure HP-GL/2 language emulations:

1. In the Embedded Web Server, click Properties→Services→Printing→Language

Emulations→HP/GL-2.

2. For Logical Printer Number, type a number, then click Edit.

3. In the HP-GL/2 Logical Printer Settings area, set the printer settings as needed.

4. Click Apply.

5. For Memory Settings, select Factory Settings or Logical Printer Number.

6. Click Apply.

100

Xerox®PrimeLink®B9100/B9110/B9125/B9136 Copier/Printer System Administrator Guide

Xerox PrimeLink B9100, PrimeLink B9110, PrimeLink B9125, PrimeLink B9136 System Administrator Guide

Specifications and Main Features

Frequently Asked Questions

User Manual

Introduction

Overview

Configuration Steps

More Information

Initial Setup

Physical Connection

Initial Setup at the Control Panel

4. Touch Configuration Report and press the Start button.

System Administrator Access at the Control Panel

Manually Setting the Ethernet Interface Speed

Viewing Services and Options

Embedded Web Server

Enabling Services and Options

Changing the System Administrator Password

Using the Configuration Overview Page

Network Connectivity

TCP/IP

SNMP

Raw TCP/IP Printing

SMTP

LDAP

POP3

HTTP

Proxy Server

Microsoft Networking

Universal Plug and Play Discovery

SSDP

WebDAV

Google Cloud Print

Bonjour Multicast DNS

AirPrint

Mopria

SOAP

Security

Setting Up Access Rights

Local Authentication

Network Authentication

Authentication Using a Card Reader System

Enabling USB for Smart Cards

Enabling Smart Cards

Setting Smart Card Certificate Information

Enabling Smart Card Settings

Setting the Smart Card Certificate Verification Mode

Setting the Smart Card Logout Timing

Authentication Common Access Card (CAC)

Controlling Access to Tools and Features

• User Roles Access Setup

• Service Access Setup

• Device Access Setup

Digital Certificates

1. In the Embedded Web Server, click Properties→Security→Certificate Revocation Settings.

Secure HTTP and SSL/TLS

S/MIME

IPsec

802.1X

FIPS140-2 Data Encryption

Overwriting Image Data

IP Filtering

Unbounded Ports

Audit Log

PDF and XPS Signatures

Address Book Security

Restricting Access to Job Information

Hiding or Displaying Network Settings

Restricting Service Representative Operations

Limiting Access to Folder Operations

Printing

Selecting Print Mode Options

Language Emulation Settings