Ricoh PRO C9100, Operating Instructions Manual

Page 1: ...Operating Instructions Security Guide For safe and correct use be sure to read the Safety Information in Read This First before using the machine...

Page 2: ......

Page 3: ...d 19 Logging out Using the Control Panel 19 Logging out Using Web Image Monitor 19 Supervisor 20 Resetting the Administrator s Password 20 Changing the Supervisor 21 2 Configuring User Authentication...

Page 4: ...ncrypting Data in the Address Book 53 Encrypting Data on the Machine 55 Enabling the Encryption Settings 56 Backing Up the Encryption Key 58 Updating the Encryption Key 59 Canceling Data Encryption 61...

Page 5: ...Encryption Key Auto Exchange Settings 92 IPsec Settings 93 Encryption Key Auto Exchange Settings Configuration Flow 99 telnet Setting Commands 103 Configuring IEEE 802 1X Authentication 108 Installin...

Page 6: ...y Importing the Device Setting Information File of a Server 155 Troubleshooting 156 Managing Eco friendly Counter 159 Configuring Eco friendly Counters 159 Resetting a Machine s Eco friendly Counter 1...

Page 7: ...ings 200 Maintenance 201 Web Image Monitor Display Eco friendly Counter 202 Web Image Monitor Job 203 Web Image Monitor Device Settings 204 Web Image Monitor Interface 212 Web Image Monitor Network 21...

Page 8: ...List of Operation Privileges for Address Books 229 INDEX 231 6...

Page 9: ...e required security settings there is a risk of security breaches by users Before setting this machine s security features and to ensure appropriate operation by users administrators must read the Sec...

Page 10: ...n System Settings 7 Press Administrator s Email Address and then specify the e mail address of the administrator of this machine 8 Create and install the device certificate from the control panel For...

Page 11: ...pecify the settings for operating the machine Their access privileges depend on the administrator type Administrators cannot perform normal operations such as printing documents Supervisor There is on...

Page 12: ...administrator Sharing administrator tasks facilitates each administrator s tasks while at the same time preventing unauthorized administrator operations Multiple administrator roles can be assigned t...

Page 13: ...14 Registering and Changing Administrators You can specify the login user name and password and encryption password for each administrator The encryption password is used for encrypting data transmit...

Page 14: ...e administrator Manages permission to access files Administrator authentication can also be specified via Web Image Monitor For details see Web Image Monitor Help You can specify User Code Authenticat...

Page 15: ...thentication to On Available Settings appears 8 Select the settings to manage from Available Settings The selected settings will be unavailable to users The available settings depend on the administra...

Page 16: ...the relevant privileges Be sure to assign all administrator privileges so that each administrator privilege is associated with at least one administrator For details about logging in and logging out w...

Page 17: ...ollow the password policy to strengthen the login password For details about the password policy and how to specify it see page 162 Specifying the Extended Security Functions 11 Enter the login passwo...

Page 18: ...rs is less easily guessed by others In Password Policy in Extended Security you can specify a password consisting of uppercase or lowercase characters numbers and symbols as well as the minimum number...

Page 19: ...key 2 Press the Login Logout key DER049 The login screen appears The login screen can also be made to appear by pressing Login in the User Tools menu 3 Press Login 4 Enter the login user name and then...

Page 20: ...bar When entering an IPv4 address do not begin segments with zeros For example If the address is 192 168 001 010 you must enter it as 192 168 1 10 to connect to the machine Enter the IPv6 address wit...

Page 21: ...n the same way Logging out Using the Control Panel 1 Press the Login Logout key and then press Yes You can log out using the following procedures also Press the Energy Saver key Logging out Using Web...

Page 22: ...ine to its default state This will result in the machine setting data counters logs and other data being lost The service call may not be free of charge For the characters that can be used for login u...

Page 23: ...the settings under Administrator Authentication Management For details see page 12 Specifying Administrator Privileges 1 Log in as the supervisor from the control panel For details on how to log in s...

Page 24: ...1 Getting Started 22...

Page 25: ...s Address Book and can only use the functions they are permitted to access by administrators By enabling user authentication you can allow only people registered in the Address Book to use the machin...

Page 26: ...ng users to operate the machine or access the machine over the network 1 2 3 4 CZB010 1 User A user performs normal operations on the machine such as printing 2 Group A group performs normal operation...

Page 27: ...at the same time User authentication configuration flow Configuration procedure Details Configuring administrator authentication page 12 Specifying Administrator Privileges page 14 Registering and Cha...

Page 28: ...od Windows authentication or LDAP authentication authentication cannot be enabled unless the external authentication device has the carried over user code account previously registered However the use...

Page 29: ...ine administrator from the control panel 2 Press System Settings 3 Press Administrator Tools 4 Press Next 5 Press User Authentication Management 6 Select User Code Auth If you do not want to enable us...

Page 30: ...inter under Functions to Restrict For details about printer job authentication see page 43 Printer Job Authentication 9 Press OK 10 Press the Login Logout key A confirmation message appears If you pre...

Page 31: ...ation is properly configured under Administrator Authentication Management 1 Log in as the machine administrator from the control panel 2 Press System Settings 3 Press Administrator Tools 4 Press Next...

Page 32: ...is specified For details about user registration in the Address Book see Registering User Information Connecting the Machine System Settings User authentication can also be specified via Web Image Mo...

Page 33: ...me 6 Enter a login user name and then press OK 7 Press Change for Login Password 8 Enter a login password and then press OK 9 Re enter the login password for confirmation and then press OK 10 Press OK...

Page 34: ...ser information automatically registered in the machine s address book is edited on the machine it is overwritten by the information from the directory server when authentication is performed Users ma...

Page 35: ...s Server 2003 2003 R2 Windows Server 2008 2008 R2 Windows Server 2012 2012 R2 To use Kerberos authentication under Windows Server 2008 install Service Pack 2 or later Data transmission between the mac...

Page 36: ...elect Windows Auth If you do not want to enable user authentication select Off 7 If you want to use Kerberos authentication press On If you want to use NTLM authentication press Off and proceed to Ste...

Page 37: ...h group the users to be authenticated You also need to register in the machine the functions available to the global group members Create global groups in the machine by entering the names of the glob...

Page 38: ...nstallation under Windows Server 2008 R2 1 On the Start menu point to Administrative Tools and then click Server Manager 2 Click Roles in the left column click Add Roles from the Action menu 3 Click N...

Page 39: ...e features you want to install and then click Next 8 Read the content information and then click Next 9 Make sure that Certification Authority is selected in the Role Services area in Active Directory...

Page 40: ...procedure 1 On the Start menu point to Administrative Tools and then click Internet Information Services IIS Manager Under Windows Server 2012 click Internet Information Services IIS Manager on the St...

Page 41: ...onfigured in capital letters For details about registering a realm see Programming the Realm Connecting the Machine System Settings If you use LDAP authentication user information registered in the LD...

Page 42: ...tive The first time an unregistered user accesses the machine after LDAP authentication has been specified the user is registered in the machine and can use the functions available under Available Fun...

Page 43: ...ctions for individuals or groups see page 50 Limiting Available Functions 10 Press Next 11 Press Change for Login Name Attribute 12 Enter the login name attribute and then press OK Use the login name...

Page 44: ...Specify unique attribute on the machine to match the user information in the LDAP server with that in the machine By doing this if the unique attribute of a user registered in the LDAP server matches...

Page 45: ...lor B C User Code Auth Color B C User Code Auth PC Control A A User Code Auth Do not Restrict A A A Printing is possible B Printing is possible if the user is authorized to print in black and white or...

Page 46: ...tems Login User Name Login Password Registration No Name 1 Key Display 1 1 If this information cannot be obtained the login user name is registered in this field You can automatically delete old user...

Page 47: ...g items The lockout function settings can be made using Web Image Monitor Setting item Description Setting values Default setting Lockout Specify whether or not to enable the lockout function Active I...

Page 48: ...7 In the Lock Out User for field enter the number of minutes until lockout is disabled 8 Click OK User Lockout Policy is set 9 Log out Canceling Password Lockout 1 Log in as the user administrator fr...

Page 49: ...in as the machine administrator from the control panel 2 Press System Settings 3 Press Timer Settings 4 Press Auto Logout Timer 5 Select On If you do not want to specify Auto Logout Timer select Off 6...

Page 50: ...You can specify Auto Logout settings for Web Image Monitor in Webpage For details see the Web Image Monitor Help 2 Configuring User Authentication 48...

Page 51: ...tor Network administrator File administrator For details on the settings that can be made by each administrator see page 187 List of Operation Privileges for Settings Register the administrators befor...

Page 52: ...f the printer browser functions and extended features 1 Log in as the user administrator from the control panel 2 Press Address Book Mangmnt 3 Select the user 4 Press Auth Info 5 In Printer and Other...

Page 53: ...Book To protect the data from unauthorized users you can also encrypt the data in the Address Book Specifying Address Book Access Permissions Access permissions can be specified by the users register...

Page 54: ...9 Select the user to whom you want to assign access permissions and then specify the permission Select one of Read only Edit Edit Delete or Full Control 10 Press Exit 11 Press OK 12 Log out Edit Edit...

Page 55: ...ess System Settings 3 Press Administrator Tools 4 Press Next 5 Press Extended Security 6 Press On for Encrypt User Custom Settings Address Book 7 Press Change for Encryption Key 8 Enter the encryption...

Page 56: ...K 13 Log out If you register additional users after encrypting the data in the Address Book their data is also encrypted The backup copy of the Address Book data stored in the SD card is encrypted For...

Page 57: ...yption algorithm is AES 256 Data that is encrypted This function encrypts data that is stored in the machine s NVRAM memory that remains even after the machine is turned off and on the hard disk The f...

Page 58: ...tings will not be initialized to their system defaults even if Format All Data File System Data Only or All Data is specified Restoring Data To transfer data to a new machine restore the encrypted dat...

Page 59: ...simultaneously and select overwrite 3 times for Random Numbers the process will take up to 7 hours and 45 minutes Re encrypting from an already encrypted state takes 7 hours and 15 minutes The Erase A...

Page 60: ...int on Paper press the Start key and print out the machine s data encryption key 9 Press OK 10 Press Exit 11 Press Exit 12 Log out 13 Turn off the main power switch and then turn on the main power swi...

Page 61: ...out the machine s data encryption key 8 Press Exit 9 Log out Updating the Encryption Key You can update the encryption key Applying the new encryption key takes the same amount of time as that for st...

Page 62: ...yption Key 7 Select the data to be carried over to the hard disk and the one not to be deleted To carry all of the data over to the hard disk select All Data To carry over only the machine settings da...

Page 63: ...be carried over to the hard disk Once the canceling of data encryption starts it cannot be stopped Make sure that the machine s main power is not turned off while the encryption process is in progres...

Page 64: ...the main power switch and then turn on the main power switch again For details about turning off the main power see Turning On Off the Power Getting Started 4 Preventing Leakage of Information from M...

Page 65: ...mpletely erase any unnecessary left behind after you edit or delete data on the machine s hard disk the data must be deleted by overwriting If you use Auto Erase Memory overwriting is done automatical...

Page 66: ...was set to Off might not be overwritten If the main power switch is turned off before Auto Erase Memory is completed overwriting will stop and data will be left on the hard disk Do not stop the overwr...

Page 67: ...he number keys and then press 10 Press OK Auto Erase Memory is set 11 Log out If you enable both overwriting and data encryption the overwriting data will also be encrypted Canceling Auto Erase Memory...

Page 68: ...service representative If the machine enters Low Power mode when overwriting is in progress press the Energy Saver key to revive the display in order to check the icon If the Data Overwrite icon cont...

Page 69: ...be possible Ensure that users do not save any data on the machine after Erase All Memory has completed Types of data that can be overwritten by Erase All Memory Information registered in the Address...

Page 70: ...ted to the machine 2 Log in as the machine administrator from the control panel 3 Press System Settings 4 Press Administrator Tools 5 Press Next twice 6 Press Erase All Memory 7 Select the method of e...

Page 71: ...wer Turn it on again and then repeat from Step 2 Suspending Erase All Memory To turn off the machine s power while Erase All Memory is enabled suspend Erase All Memory in advance Erase All Memory will...

Page 72: ...4 Preventing Leakage of Information from Machines 70...

Page 73: ...itor You cannot limit accesses from telnet or Device Manager NX when using SNMPv1 for monitoring 1 Log in as the network administrator from Web Image Monitor 2 Point to Device Management and then clic...

Page 74: ...itor telnet All applications that operate over IPv6 cannot be used IPsec Control panel Web Image Monitor telnet Encrypted transmission using IPsec is disabled FTP TCP 21 Web Image Monitor telnet Devic...

Page 75: ...re SSL transmission using the control panel or Web Image Monitor SMB TCP 139 Control panel Web Image Monitor telnet Device Manager NX Remote Communication Gate S SMB printing functions cannot be used...

Page 76: ...ing settings on the control panel using Restrict Display of User Information SSDP UDP 1900 Web Image Monitor telnet Device discovery using UPnP from Windows cannot be used Bonjour UDP 5353 Web Image M...

Page 77: ...col you want to enable or disable 6 Press OK 7 Log out Enabling and Disabling Protocols Using Web Image Monitor 1 Log in as the network administrator from Web Image Monitor 2 Point to Device Managemen...

Page 78: ...ait for about one or two minutes and then click OK If the previous screen does not appear again after you click OK wait for a while and then click the web browser s refresh button 7 Log out 5 Enhanced...

Page 79: ...rtant information Use this setting if the machine is connected to a local area network LAN FIPS140 Provides a security strength intermediate between Level 1 and Level 2 You can only use codes recommen...

Page 80: ...urity under Security 4 Select the network security level in Security Level 5 Click OK 6 Updating appears Wait for about one or two minutes and then click OK If the previous screen does not appear agai...

Page 81: ...ncryption Strength Setting RC4 FTP Active Active Active Active sftp Active Active Active Active ssh Active Active Active Active RSH RCP Active Active Inactive Inactive TELNET Active Inactive Inactive...

Page 82: ...2 AES 256 Blowfish Arcfour 3DES AES 128 AES 192 AES 256 Arcfour 3DES AES 128 AES 192 AES 256 3DES AES 128 AES 192 AES 256 SNMPv3 Authentication Algorithm MD5 SHA1 SHA1 SHA1 SNMPv3 Encryption Algorithm...

Page 83: ...nage the expiration of certificates and renew the certificates before they expire The administrator is required to check that the issuer of the certificate is valid Creating and Installing a Device Ce...

Page 84: ...d certificate as the device certificate 1 Log in as the network administrator from Web Image Monitor 2 Point to Device Management and then click Configuration 3 Click Device Certificate under Security...

Page 85: ...te authority for the device certificate The application procedure depends on the certificate authority For details contact the certificate authority For the application click Web Image Monitor Details...

Page 86: ...that a device certificate for the machine has been installed 9 Log out Installing an Intermediate Certificate Issued by a Certificate Authority This section explains how to use Web Image Monitor to i...

Page 87: ...ill be installed on the device The Certificate Details screen will indicate whether or not the intermediate certificate has been installed For details about the Certificate Details screen see Web Imag...

Page 88: ...ate and public key CZB002 2 The device certificate and public key are sent from the machine to the user s computer CZB003 3 The shared key created with the computer is encrypted using the public key s...

Page 89: ...displayed message appears check the configuration because the current SSL TLS configuration is invalid Enabling SSL TLS After installing the device certificate in the machine enable the SSL TLS setti...

Page 90: ...ernal LDAP server The following types of communication and data are always encrypted by SSL3 0 communication via Remote and logs transferred to Remote Communication Gate S User Setting for SSL TLS We...

Page 91: ...rtificate specify SSL TLS encrypted communication mode By configuring this setting you can change the security level 1 Log in as the network administrator from the control panel 2 Press System Setting...

Page 92: ...rk administrator from the control panel 2 Press System Settings 3 Press File Transfer 4 Press SMTP Server 5 In Use Secure Connection SSL press On If you are not using SSL for SMTP connections press Of...

Page 93: ...by IPsec Web Image Monitor might become unusable when TCP is targeted by IPsec from the computer side If you cannot access Web Image Monitor due to IPsec configuration problems disable IPsec in Syste...

Page 94: ...ion key are specified automatically AH protocol ESP protocol When combined the ESP and AH protocols provide secure transmission through both encryption and authentication These protocols provide heade...

Page 95: ...more securely For example set the broadest IP range at the lowest priority 4 and then set specific IP addresses at a higher priority level 3 and higher This way when IPsec transmission is enabled for...

Page 96: ...vel Encryption Authentication and High Level Encryption Select this level if you want to encrypt the data packets as well as authenticate the transmission partner and prevent unauthorized packet tampe...

Page 97: ...28 AES 192 AES 256 Phase 2 PFS Inactive Inactive 2 Encryption key auto exchange settings items When you specify a security level the corresponding security settings are automatically configured but ot...

Page 98: ...ress If you are not setting an address range enter 32 after an IPv4 address or enter 128 after an IPv6 address Security Policy Specify how IPsec is handled Apply Bypass Discard Encapsulation Mode Spec...

Page 99: ...PSK authentication Enter the pre shared key required for PSK authentication Phase 1 Hash Algorithm Specify the Hash algorithm to be used in phase 1 auto setting MD5 SHA1 SHA256 SHA384 SHA512 Phase 1...

Page 100: ...tting HMAC MD5 96 HMAC SHA1 96 HMAC SHA256 128 HMAC SHA384 192 HMAC SHA512 256 Phase 2 Encryption Algorithm Permissions Specify the encryption algorithm to be used in phase 2 auto setting Cleartext NU...

Page 101: ...ec transmission on the computer side Also because the response is slow during initial key exchange it may take some time to confirm that transmission has been established Specifying Encryption Key Aut...

Page 102: ...cting Communication Paths via a Device Certificate 1 Log in as the network administrator from Web Image Monitor 2 Point to Device Management and then click Configuration 3 Click Device Certificate und...

Page 103: ...in minutes that is specified on the machine in Encryption Key Auto Exchange Settings Phase 1 and then click Methods 11 Check that the hash algorithm Integrity encryption algorithm Encryption and Diffi...

Page 104: ...ified on the machine in Encryption Key Auto Exchange Settings Phase 2 36 Click OK 37 Click Next 38 Click Finish 39 Select the filter action that was just created and then click Next If you set Encrypt...

Page 105: ...ations see Remote Maintenance Using telnet Connecting the Machine System Settings If you are using a certificate as the authentication method in encryption key auto exchange settings IKE install the c...

Page 106: ...2 3 4 default disable To disable the settings 1 4 specify the number 1 4 To disable the default settings specify default Specify the user specific local address remote address msh ipsec ike 1 2 3 4 i...

Page 107: ...ed When IPsec can be used IPsec transmission is performed Not specifying a requirement level displays the current setting Encapsulation mode setting msh ipsec ike 1 2 3 4 default mode transport tunnel...

Page 108: ...s 3des aes128 aes192 aes256 Enter the separate setting number 1 4 or default and specify the ISAKMP SA phase 1 encryption algorithm Not specifying an encryption algorithm displays the current setting...

Page 109: ...ec SA phase 2 PFS setting msh ipsec ike 1 2 3 4 default ph2 pfs none 1 2 14 Enter the separate setting number 1 4 or default and specify the IPsec SA phase 2 Diffie Hellman group number Specify the gr...

Page 110: ...Install a site certificate root CA certificate for verifying the reliability of the authentication server You need to have at least a certificate issued by the certificate authority who signed the se...

Page 111: ...while and then click the web browser s refresh button 7 Log out Setting Items of IEEE 802 1X for Ethernet 1 Log in as the network administrator from Web Image Monitor 2 Point to Device Management and...

Page 112: ...he RADIUS server Select MSCHAPv2 or TLS in Phase 2 Method When you select TLS you must install IEEE 802 1X Client Certificate Make the following settings according to the operating system you are usin...

Page 113: ...List in Interface Settings on the control panel and then print the network summary to check the status If you cannot identify the problem execute Restore IEEE 802 1X Authentication to Defaults in Netw...

Page 114: ...ypting the data for specifying settings you need to specify the network administrator s Encryption Password setting and Encrypted Password in SNMP Account Setting in Device Manager NX in addition to s...

Page 115: ...2008 AES256 CTS HMAC SHA1 96 AES128 CTS HMAC SHA1 96 RC4 HMAC ARCFOUR HMAC MD5 DES CBC MD5 Windows Server 2008 R2 2012 2012 R2 AES256 CTS HMAC SHA1 96 AES128 CTS HMAC SHA1 96 RC4 HMAC ARCFOUR HMAC MD5...

Page 116: ...5 Enhanced Network Security 114...

Page 117: ...is machine job log access log and eco friendly log Job Log Stores details of control panel operations such as printing reports the configuration list for example Access Log Stores details of login and...

Page 118: ...ntrol panel Access log information items Access Log Item Log Type Attribute Content Login Login Times of login and identity of logged in users Logout Logout Times of logout and identity of logged out...

Page 119: ...g Firmware Invalid Firmware Invalid Details of checks for firmware validity made at times such as when the machine was switched on Date Time Change Date Time Change Details of changes made to date and...

Page 120: ...ough user authentication The first log created after the power is turned on is the Firmware Structure log Eco friendly log information items Eco friendly Log Item Log Type Attribute Content Main Power...

Page 121: ...e same log ID is assigned to all lines corresponding to a single job log entry CJD022 1 2 3 1 Common items Each item in the common items is displayed on a separate line 2 Source Result and Status in t...

Page 122: ...y Failed The operation or event was unsuccessful Blank The operation or event is still in progress Operation Method Indicates the operation procedure Value Content Control Panel Control panel Driver D...

Page 123: ...porting is executing by another user Connection Failed with Remote Machine A connection to an output destination failed Write Error to Remote Machine An error occurred in writing to an output destinat...

Page 124: ...registered Invalid Password The entered password is not valid Processing The job is being processed Error An error has occurred Suspended The job has been suspended Cancelled Details Indicates the st...

Page 125: ...was not entered Invalid Device Certificate Cases to be recorded are as follows The device certificate is missing The valid period has expired If the e mail address of the administrator and that of th...

Page 126: ...operation If an administrator performed the operation his or her ID contains the login user name of the administrator Log ID Identifies the ID that is assigned to the log This is a hexadecimal ID tha...

Page 127: ...es the authentication server is available Logout Mode Mode of logout Value Content by User s Operation Manual logout by the user by Auto Logout Timer Automatic logout following a timeout Login Method...

Page 128: ...r name of the user whose data was accessed If the administrator s data was accessed the administrator s user name is logged Address Book Registration No Indicates the registration number of the user p...

Page 129: ...be exported Value Content System Settings System Settings Web Image Monitor Setting Web Image Monitor Setting Web Service Settings Web Service Settings System Copier SP System SP Target File Name Ind...

Page 130: ...s disabled Not Changed No changes have been made to the eco friendly log collection setting Transfer Logs Indicates the status of the log transfer setting Value Content Active Log transfer setting is...

Page 131: ...dicates the protocol of the destination is not identified IP Address Destination IP address Port No Destination port number Port numbers are indicated in decimal numbers MAC Address Destination MAC ph...

Page 132: ...n network attacks occur Value Content Violation Detected An attack on the network was detected Recovered from Violation The network recovered from an attack Max Host Capacity Reached The machine becam...

Page 133: ...y Add Update Delete Firmware Indicates the method used to add update or delete the machine s firmware Value Content Updated with SD Card An SD card was used to perform the firmware update Added with S...

Page 134: ...y An encryption key update was finished Machine Data Encryption Key Type Identifies the type of the encryption key Value Content Encryption Key for Hard Disk Encryption key for hard disk Encryption Ke...

Page 135: ...e time until lockout release is recorded Auto Logout Timer Whether Auto Logout Timer is set to On or Off is recorded Auto Logout Timer seconds The time until the auto logout operates is recorded Opera...

Page 136: ...s auto logout timer log is recorded in increments of one minute Update Firmware A log entry reporting changes to the Update Firmware setting is recorded Prohibit or Do not Prohibit is recorded Change...

Page 137: ...ully Job log source Source Indicates the source of the job file Value Content Report The job file was a printed report Job log target Target Type of the job target Value Content Print Print Start Date...

Page 138: ...information Paper Usage Paper usage Power Consumption Power consumption Log Result Whether the event has ended or not is displayed Value Content Completed Completed Failed Failed Result The result of...

Page 139: ...nds Indicates the time that has elapsed from the start of a job to the end of it Paper Usage Large Size Indicates the number of one sided prints per hour on large paper Large size means A3 11 17 inche...

Page 140: ...er Consumption Wh Indicates the power consumption in each power state Specifying Log Collect Settings Enable the collection settings for each kind of log and configure the collection level Job Log Col...

Page 141: ...for about 1 or 2 minutes and then click OK If the previous screen does not appear again after you click OK wait for a while and then click the web browser s refresh button 8 Log out The greater Access...

Page 142: ...on that supports UTF 8 For details about the items contained in the logs see page 118 Attributes of Logs You Can Download Number of Logs That Can Be Kept on the Machine When the limit of job log acces...

Page 143: ...l panel or through Web Image Monitor Notes on Operation When the Number of Log Entries Reaches the Maximum If the number of logs that can be stored on the machine exceeds the specified limit old logs...

Page 144: ...If logs are downloaded without overwriting CJD006 1 2 4 3 1 Access log 2 Job log 3 Download 4 Downloaded logs If logs are downloaded during overwriting CJD007 1 4 3 2 5 6 6 6 Managing the Machine 142...

Page 145: ...ll Logs Use the following procedure to delete all logs stored on the machine Delete All Logs appears if one of the job log access log or eco friendly log is set to Active 1 Log in as the machine admin...

Page 146: ...4 Select Inactive in the Transfer Logs area under Common Settings for All Logs 5 Click OK 6 Log out 6 Managing the Machine 144...

Page 147: ...Log out 9 Turn off the main power switch and then turn on the main power switch again Disabling Log Transfer to the Log Collection Server Use the following procedure to disable log transfer from the m...

Page 148: ...specified to collect job log access log or eco friendly log 1 Log in as the machine administrator from the control panel 2 Press System Settings 3 Press Administrator Tools 4 Press Next twice 5 Press...

Page 149: ...e information for each user is maintained even when User s Own Customization is set to Prohibit When the setting is changed back to Allow the information can be used again Warnings About Using a User...

Page 150: ...Because each user can customize his or her home screen the administrator cannot check the home information of each user 6 Managing the Machine 148...

Page 151: ...icate Check settings can be specified only via Web Image Monitor See the related articles in the Web Image Monitor Help If Site Certificate Check is disabled and the user accesses an untrusted Web sit...

Page 152: ...oot certificate for verification does not exist This site has a security problem Verification of the server to connect to cannot be performed This site has a security problem The http subcontents are...

Page 153: ...age Monitor Setting Web Service Settings System Settings Browser Features Data that cannot be imported or exported Some System Settings 1 2 1 The setting for the date settings that require device cert...

Page 154: ...d until the user completes the operation During export and import the machine cannot be otherwise operated For details about SD card handling see Inserting Removing a Memory Storage Device Getting Sta...

Page 155: ...Press OK 10 Press Exit 11 Log out If import or export fails you can check the log for the error The log is stored in the same location as the exported device setting information file Importing Device...

Page 156: ...Exclude the Device Unique Information Device Unique Information includes the IP address host name etc Enter the encryption key that was specified when the file was exported 8 Press Run Import 9 Press...

Page 157: ...s encrypted configure an encryption key Select whether or not to send e mail notification to the machine administrator when importing fails 7 Press OK 8 Log out This can also be configured from Web Im...

Page 158: ...tting Information Run Import Server 6 Press OK 7 Press Exit The machine restarts If import or export fails you can check the log for the error The log is stored in the same location as the exported de...

Page 159: ...en different models or machines with different device configurations Import files exported from the same model with the same device configurations 4 INVALID OUTPUT DIR Failed to write the device infor...

Page 160: ...on to edit the setting is unavailable 4 NOT EXIST The setting does not exist in the system 5 INTERLOCK ERROR The setting cannot be changed because of the system status or interlocking with other speci...

Page 161: ...all eco friendly counter Configuring Eco friendly Counters Set up the period for collecting data for the eco friendly counter and an administrator s message 1 Log in as the machine administrator from...

Page 162: ...Press System Settings 3 Press Administrator Tools 4 Press Display Clear Eco friendly Counter 5 Press Clear Current Value or Clear Crnt Prev Val 6 Press OK 7 Log out Resetting Users Eco friendly Counte...

Page 163: ...ministrator from the control panel 2 Press System Settings 3 Press Administrator Tools 4 Press Auto Delete User in Address Book 5 Select On and then press OK 6 Log out The data is automatically delete...

Page 164: ...ting Restrict Display of User Information The machine administrator can specify this if user authentication is specified When the job history is checked using a network connection for which authentica...

Page 165: ...pecified with SNMPv1 v2 Default Do not Prohibit Authenticate Current Job This function is not available on this model Password Policy The user administrator can specify this This setting allows you to...

Page 166: ...achine finishes startup with the updated firmware The administrator can check if the updated structure change is permissible or not by checking the firmware version displayed on the control panel scre...

Page 167: ...e the number of authentication attempts by the user does not match the number of the attempts specified on the machine For example access may be denied when a print job for multiple sets of pages is s...

Page 168: ...stem from becoming unresponsive when an access violation is detected In Simultns Access Host Limit you can specify the maximum number of hosts that access the machine at one time If the number of simu...

Page 169: ...lue between 50 and 200 and then press Default 200 Depending on the values specified for the settings for Max Allowed No of Access and Measurement Time you may receive violation detection e mails frequ...

Page 170: ...ly if you have logged in to the machine as an administrator Checking Firmware Validity When the machine starts up this function is used to check that the firmware is valid If an error occurs while a v...

Page 171: ...machine and cancels the service mode lock to allow a customer engineer to operate the machine for inspection and repair This ensures that inspection and repair can be performed under the supervision...

Page 172: ...ation Administrator Tools Administrator Authentication Management Machine Management Select On and then select each of Available Settings See page 11 Configuring Administrator Authentication Administr...

Page 173: ...r Tools Machine Data Encryption Settings Select Encrypt and then select All Data for Carry over all data or file system data only without formatting or format all data If Encrypt has already been sele...

Page 174: ...ut Function Network SNMPv3 SNMPv3 Function Inactive To use SNMPv3 functions set SNMPv3 Function to Active and set Permit SNMPv3 Communication to Encryption Only Because SNMPv3 enforces authentication...

Page 175: ...hentication and High Level Encryption Settings you can configure when IPsec is unavailable If IPsec is not available configure the settings shown in the following table to enhance the security of the...

Page 176: ...6 Managing the Machine 174...

Page 177: ...pending on the machine settings users want to specify Using the list of settings the administrator who is responsible for the machine settings users want to specify must decide whether to additionally...

Page 178: ...rd A password error occurred Make sure the password is entered correctly B0206 002 Case 1 A login user name or password error occurred Make sure the login user name and password are entered correctly...

Page 179: ...from an application on the System Settings screen while only the administrator has authentication privileges Only the administrator has login privileges on this screen Log in as a general user from t...

Page 180: ...in if the account name contains any of these prohibited characters If the account name was entered wrongly enter it correctly and log on again W0406 101 Authentication cannot be completed because of s...

Page 181: ...rror occurred Make sure that the user is registered on the server Use a registered login user name and password W0406 107 Case 6 A domain name error occurred Make sure that the Windows authentication...

Page 182: ...uthentication will fail if automatic retrieval for KDC fails Ask your service representative to make sure the KDC retrieval settings are set to automatic retrieval If automatic retrieval is not functi...

Page 183: ...ing edited LDAP Authentication L0104 000 Failed to encrypt a password A password error occurred Make sure the password is entered correctly L0206 002 A user attempted authentication from an applicatio...

Page 184: ...ed because of significant numbers of authentication attempts Wait a few minutes and then try again If the situation does not improve make sure that an authentication attack is not occurring Notify the...

Page 185: ...he search filter L0406 204 Kerberos authentication failed Kerberos authentication settings are not correctly configured Make sure the realm name KDC Key Distribution Center name and supporting domain...

Page 186: ...re users can be registered The number of users registered in the Address Book has reached its maximum Ask the user administrator to delete unused user accounts in the Address Book L0707 001 An authent...

Page 187: ...Cannot print when user authentication has been enabled User code authentication may not be specified in the printer driver Specify user code authentication in the printer driver For details see the p...

Page 188: ...7 Troubleshooting 186...

Page 189: ...he network administrator has privileges for this operation File The file administrator has privileges for this operation Unset The logged in user has privileges for this operation In cases where no se...

Page 190: ...W R Output Printer R R W R R R W R Output Tray Setting R R W R R R W R Paper Tray Priority Printer R R W R R R W R Key Repeat R R W R R R W R System Status Display Time R R W R R R W R Status Indicat...

Page 191: ...R Binding Glue Heater Auto Off Timer R R W R R R W R Interface Settings Network Settings User Mach N W File Unset Set Machine IPv4 Address 1 R R R W R R W R IPv4 Gateway Address R R R W R R W R Machi...

Page 192: ...Ethernet R R R W R R W R Restore IEEE 802 1X Authentication to Defaults R W R W 1 When auto obtain is set the data is read only 2 All administrators and users can run connection tests Print List Setti...

Page 193: ...R W 4 R W 4 R W 5 R 5 Address Book Change Order R W R W Address Book Edit Title R W R W Address Book Switch Title R W R W R Backup Restore User Custom Settings Address Book R W R W Auto Delete User i...

Page 194: ...of User Information R R W R R R W R Encrypt User Custom Settings Address Book R W R R R R R Enhance File Protection R R R R W R R Settings by SNMPv1 v2 R R R W R R W R Authenticate Current Job R R W...

Page 195: ...Settings R W Program Delete Device Certificate R W Device Setting Information Import Setting Server 12 Device Setting Information Run Import Server 12 Device Setting Information Export Memry Strge De...

Page 196: ...n the individual authentication function is used 9 Only the administrator privilege settings can be changed 10 Administrators can only change their own accounts 11 Can only be changed to Off 12 R W ca...

Page 197: ...on the control panel When administrator authentication is set the restrictions to user operations differ depending on the configurations in Available Settings Tray Paper Settings Settings User Mach N...

Page 198: ...depending on the configurations in Available Settings Edit Home Settings User Mach N W File Unset Set Move Icon R R W R R R W R Delete Icon R R W R R R W R Add Icon R W R W Restore Default Icon Displa...

Page 199: ...Adjustment Settings for Operators Settings User Mach N W File Unset Set Adjustment Settings for Operators R W R W R W R W R W R W Adjustment Settings for Operators 197...

Page 200: ...Adjustment Settings for Skilled Operators Settings User Mach N W File Unset Set Adjustment Settings for Skilled Operators R W 8 List of Operation Privileges for Settings 198...

Page 201: ...et the restrictions to user operations differ depending on the configuration in Available Settings Settings User Mach N W File Unset Set Browser Default Settings R R W R R R W R Settings per Users R R...

Page 202: ...R W R R R R Install R R W R R R R Uninstall R R W R R R R Extended Feature Info R R W R R R R Administrator Tools R W Add Program Startup Setting R R W R R R R Install Add Program R R W R R R R Uninst...

Page 203: ...nistrator authentication is set the restrictions to user operations differ depending on the configuration in Available Settings Maintenance Settings User Mach N W File Unset Set Color Registration R W...

Page 204: ...ly Counter These settings are in Status Information A user can only view their own counter Settings User Mach N W File Unset Set Download R W Device Total Counter R Counter per User R R R 8 List of Op...

Page 205: ...Web Image Monitor Job These settings are in Status Information Job List Settings User Mach N W File Unset Set Current Waiting Jobs R R 1 1 A user can only view their own job Web Image Monitor Job 203...

Page 206: ...Energy Saver Key to Change Mode R R W R R R W R Display IP Address on Device Display Panel R R W R R Output Tray R R W R R R W R Paper Tray Priority R R W R R R W R Function Key Allocation Function P...

Page 207: ...ach N W File Unset Set Set Date R R W R R R W R Set Time R R W R R R W R SNTP Server Name R R W R R R W R SNTP Polling Interval R R W R R R W R Time Zone R R W R R R W R Timer Settings User Mach N W F...

Page 208: ...ings User Mach N W File Unset Set Logs to Download R W Download R W Email Settings User Mach N W File Unset Set Administrator Email Address R W R W R Reception Protocol R W R W R Email Reception Inter...

Page 209: ...Reception Port No R W R W R IMAP4 Reception Port No R W R W R Email Notification E mail Address R W R W R Receive Email Notification R W R W Email Notification User Name R W R W Email Notification Pa...

Page 210: ...cation Settings R R W R R R W R Windows Authentication Settings R R W R R R W R Group Settings for Windows Authentication R R W R R R W R LDAP Authentication Settings R R W R R R W R Administrator Aut...

Page 211: ...tings User Mach N W File Unset Set Change R W R W Delete R W R W Firmware Update Settings User Mach N W File Unset Set Update R W Firmware Version R Kerberos Authentication Settings User Mach N W File...

Page 212: ...istrator privileges Import Export Device Setting Information Settings User Mach N W File Unset Set Export Device Setting Information 5 Import Device Setting Information 5 Export Image File for Home Sc...

Page 213: ...Program Change USB Device List Settings User Mach N W File Unset Set Device 1 R R W R R R W R Device 2 R R W R R R W R Web Image Monitor Device Settings 211...

Page 214: ...restrictions to user operations differ depending on the configuration in Available Settings Interface Settings Settings User Mach N W File Unset Set Network R R R R R R MAC Address R R R R R R Etherne...

Page 215: ...R R W R DHCP R R R W R R W R Domain Name R R R W R R W R IPv4 Address R R R W R R W R Subnet Mask R R R W R R W R DDNS R R R W R R W R WINS R R R W R R W R Primary WINS Server R R R W R R W R Secondar...

Page 216: ...etails R R R W R R W R 2 You cannot disable IPv6 when using Web Image Monitor through an IPv6 connection SMB Settings User Mach N W File Unset Set SMB R R R W R R W R Protocol R R R R R R Workgroup Na...

Page 217: ...Communication Setting R W Account User R W Account Network Administrator R W Account Machine Administrator R W SSDP Settings User Mach N W File Unset Set SSDP R W UUID R Profile Expires R W TTL R W B...

Page 218: ...System Log Settings User Mach N W File Unset Set System Log R R R R R 8 List of Operation Privileges for Settings 216...

Page 219: ...802 1X R W Extended Security Restrict Display of User Information R R W R R R W R Encrypt User Custom Settings Address Book R W R R R R R Enhance File Protection R R R R W R R Authenticate Current Job...

Page 220: ...Settings User Mach N W File Unset Set Device Access Violation R W 8 List of Operation Privileges for Settings 218...

Page 221: ...settings are in Configuration in Device Management Settings User Mach N W File Unset Set Setup RC Gate R W Update RC Gate Firmware R W RC Gate Proxy Server R W Notify Functional Problems of Device R...

Page 222: ...ding on the configuration in Available Settings Webpage Settings User Mach N W File Unset Set Webpage Language R R R W R R W R Web Image Monitor Auto Logout R R R W R R W R Set URL Target of Link Page...

Page 223: ...W File Unset Set Startup Setting R W Extended Feature Info R R R R R R Install R W Uninstall R W Administrator Tools R W Additional Program Startup Setting R W Install Additional Program R W Uninstall...

Page 224: ...are in Device Management Settings User Mach N W File Unset Set Add User R W R W R W Change R W R W R W Delete R W R W R W Add Group R W R W R W Maintenance R W Central Address Book Management R W 8 L...

Page 225: ...vice Management This does not appear if you have user administrator privilege In this case specify it by accessing Device Management Address Book Settings User Mach N W File Unset Set Central Address...

Page 226: ...Web Image Monitor Main Power Off These settings are in Device Management Settings User Mach N W File Unset Set Main Power Off Mode R W OK R W 8 List of Operation Privileges for Settings 224...

Page 227: ...Device Management When administrator authentication is set the restrictions to user operations differ depending on the configuration in Available Settings Settings User Mach N W File Unset Set Reset t...

Page 228: ...thentication is set the restrictions to user operations differ depending on the configuration in Available Settings Settings User Mach N W File Unset Set Edit Icons R R W R R R W R Restore Default Ico...

Page 229: ...Web Image Monitor Screen Monitoring These settings are in Device Management Settings User Mach N W File Unset Set Display Device s Screen R W Web Image Monitor Screen Monitoring 227...

Page 230: ...ars if User s Own Customization is set to Allow Users can only change their own settings Settings User Mach N W File Unset Set Edit Icons R W Restore Default Icon Display R W Function Priority per Use...

Page 231: ...ho knows his or her user login name and password User Indicates the user administrator Understanding the symbols R W Executing changing and reading are possible R Reading is possible Executing changin...

Page 232: ...ot be read Protection Settings Read Edit E D Full Entry User Protect Destination Permissions for Users Groups R W R W R W Add to Group Settings Read Edit E D Full Entry User Registration No R R W R W...

Page 233: ...ction 163 Erase All Memory 66 Error code 176 Error message 175 ESP Protocol 91 92 Extended security functions 162 F Firmware validity 168 I IEEE 802 1X 108 device certificate 109 Ethernet 109 site cer...

Page 234: ...LS encryption mode 88 Supervisor 20 System status check 168 U Update Firmware 164 User authentication 24 25 User Code authentication 27 Users 23 W Windows authentication 32 232 EN GB EN US EN AU M238...

Page 235: ......

Page 236: ...EN GB EN US EN AU M238 1022 2014...