Contents

Xerox AltaLink Series Smart Card Configuration Guide PDF

Pages 70
Year 2020
Language(s)
English en
1 of 70
1 of 70

Summary of Content for Xerox AltaLink Series Smart Card Configuration Guide PDF

Page 3

Configuring the Smart Card ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 23 Configure Smart Card Authentication ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 23 Enable NTP Service ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 25 Configure Alternate Authentication ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 26 Certificate Validation ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 28 Configure Transport Layer Security (TLS)... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 32 Configure Certificate Validation ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 33 Configure Smart Card Inactivity Timer ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 35 Configure Acquiring Logged-In Email Addresses for Users ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 36

Page 4

Troubleshooting... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 64 Fault Clearance ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 65 Locating the Serial Number... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 65

Page 5

Introduction ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 6

Page 6

Introduction The Smart Card solution brings an advanced level of security to sensitive information... Organizations can restrict access to the walk-up features of a Xerox multifunction printer... This practice ensures that only authorized users are able to print, copy, scan, email, and fax information...

Page 7

Smart Card Feature Overview AAuutthheennttiiccaattiioonn Xerox offers the Smart Card authentication feature... This authentication enables users who possess smart cards to use the card for network authentication at the multifunction printer... Smart cards contain user identity certificates and public and private keys... This certificate enables the multifunction printer to perform a Kerberos authentication to the Windows active domain controller that issued the identity certificate...

Page 8

SSuuppppoorrtteedd CCaarrdd RReeaaddeerrss The customer is responsible for providing a card reader for each Xerox multifunction printer... Most Chip Card Interface Device (CCID)-compliant card readers can be used, but not all card readers are validated... It is recommended that you use the Indentive SCR3310 v2... 0 smart card reader...

Page 9

A System Administrator Guide provides detailed instructions and information about connecting your printer to the network and installing optional features... This guide is intended for system administrators...

Page 10

10 Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 11

Preparation Overview ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 12

Page 12

Preparation Overview This section explains the preparation and resources required to install the Smart Card feature...

Page 13

2... If domain controller certificate validation is required, obtain the certificate for each applicable domain controller, including all intermediate certificates up to the root certificate...

Page 14

14 Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 15

Printing Features ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 54

Page 16

4... Using the Smart Card: For instructions on how to use the card reader to access the printer functions, refer to Using the Smart Card...

Page 17

1... Unpack the Xerox Smart Card Enablement Kit (CAC/PIV)... The kit contains the following items: Xerox Smart Card Enablement Guide (CAC/PIV) Card Reader SCR3310v2 Four Velcro dual-lock fastener pads Two cable ties One ferrite bead Five cable clamps Before you install the hardware, ensure that you have read the license agreement and agree to the terms and conditions...

Page 18

4... Attach the dual-lock fastener pads to the card reader device... Fasteners are provided to secure the card reader to the multifunction printer... Peel back the fastener pad backing strip, then position the fastener pad on the under-side of the card reader, as shown...

Page 19

6... Place the card reader on the multifunction printer... Gently place the card reader on the printer... Do not fix the card reader in place at this time... Position the card reader in a suitable location... Ensure that the card reader does not obstruct any access points or the opening of doors or covers...

Page 20

The administrator password is required to access locked settings in the Embedded Web Server or at the control panel... Most printer models have a default configuration that restricts access to some settings... In the Embedded Web Server, you can restrict access for settings on the Properties tab... At the device touch screen, you can restrict settings in the Tools menu...

Page 21

b... If users need an alternate method of authentication, from the Alternate Control Panel Login menu, select User Name/Password Validate on the Network...

Page 22

5... In the Smart Card Enablement area, enter the unique Feature Enablement Key provided on the inside cover of the Xerox Smart Card Enablement (CAC/PIV) Guide...

Page 23

Configuring the Smart Card After the Smart Card feature is enabled on the multifunction printer, you can use the Embedded Web Server to configure the smart card...

Page 24

e... Unless your Kerberos Port is different, ensure that Port 88 is selected...

Page 25

b... Enter the IP address or host name for the primary and alternate time server... Often this address is the same address as the domain controller...

Page 26

CCoonnffiigguurree AAlltteerrnnaattee AAuutthheennttiiccaattiioonn If Alternate Authentication is not required, refer to Configure a Security Certificate...

Page 27

d... Select the IP Address or the host name, then enter the server details... For most installations, the Alternate Authentication server is the same as the Smart Card domain controller...

Page 28

IImmppoorrtt aa CCeerrttiiffiiccaattee AAuutthhoorriittyy CCeerrttiiffiiccaattee To import a certificate from the Certificate Authority, perform the following steps:

Page 29

e... If the certificate is encrypted, on the Password Required screen, enter the password...

Page 30

4... When you configure security certificates on the printer, SSL provides a secure connection between your computer and the multifunction printer... To configure SSL, refer to Configure SSL...

Page 31

Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 32

CCoonnffiigguurree TTrraannssppoorrtt LLaayyeerr SSeeccuurriittyy ((TTLLSS)) When you configure security certificates on the printer, Transport Layer Security (TLS) provides a secure connection between your computer and the multifunction printer... TLS is enabled on the printer automatically... If you do not want to configure TLS, proceed to Configure Certificate Validation...

Page 33

CCoonnffiigguurree CCeerrttiiffiiccaattee VVaalliiddaattiioonn To configure certificate validation information, perform the following steps... If you do not require certificate validation, proceed to Configure Smart Card Inactivity Timer...

Page 34

5... If prompted, to enter the proxy server information, for Proxy Server, click Configure... If the OCSP server is outside the firewall, a proxy server can be required to access the server...

Page 35

CCoonnffiigguurree SSmmaarrtt CCaarrdd IInnaaccttiivviittyy TTiimmeerr To configure the smart card inactivity timer, perform the following steps... If you do not require inactivity settings for smart card authentication, proceed to Configure Acquiring Logged-In User Email Address...

Page 36

CCoonnffiigguurree AAccqquuiirriinngg LLooggggeedd--IInn EEmmaaiill AAddddrreesssseess ffoorr UUsseerrss To configure LDAP and SMTP server information, perform the following steps...

Page 37

c... If you select Auto or Only Network Address Book (LDAP), configure LDAP server settings... For Network Address Book (LDAP), click Edit...

Page 38

h... Enter the LDAP search directory root... Typically, this directory root is related to the domain name for the server... For example, if the fully qualified domain name for the server is Hostname... Example... Search... Root the search directory root is dc=Example,dc= Search,dc=Root...

Page 39

CCoonnffiigguurree SSMMTTPP EEmmaaiill SSeettttiinnggss To configure SMTP email settings, perform the following steps:

Page 40

b... To configure the server address, click Use DNS (to identify SMTP Server)... Or, click IP Address or Host Name, then enter the SMTP server address...

Page 41

Configure SMTPAuthentication To configure SMTP authentication, perform the following steps...

Page 42

b... For the required method of authentication, select for SMTP... For Login credentials used for user initiated email jobs, select Logged-in User...

Page 43

Configure File Size Management To configure file size management settings, perform the following steps:

Page 44

Note: This screen allows you to send a test email to confirm that all email settings are correct...

Page 45

CCoonnffiigguurree GGeenneerraall EEmmaaiill SSeettttiinnggss To configure general email settings, perform the following steps:

Page 46

a... Enter the required information to appear in the Subject line of an email that is sent from the multifunction printer...

Page 47

c... For the Signature field, enter the information that you want to include in an email signature... d... To print a confirmation sheet, from the menu, select the required option...

Page 48

4... For default email settings, click Edit, then select the required options... To save selections, click Save...

Page 49

Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 50

c... If you selected Editable by User, and if the ability to sign is required by default, for the Email App Encryption Default setting, click On...

Page 51

4... If you want to configure email domain restrictions, in the Network Policies area, click Edit...

Page 52

Email Filtering: This option allows you to send internal email without a corporate name... This option requires configuration of your email server...

Page 53

Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 54

CCoonnffiigguurree HHoolldd AAllll JJoobbss The Hold All Jobs feature allows you to configure the multifunction printer to require users to release print jobs manually at the control panel... If you want to configure Hold All Jobs, perform the following steps:

Page 55

CCoonnffiigguurree SSeeccuurree PPrriinntt DDrriivveerr DDeeffaauullttss The Secure Print feature allows you to send a job to the multifunction printer with a unique passcode... Jobs are stored at the printer until you enter the same passcode to release the jobs... For more information about how to use Secure Print, refer to the User Guide for your Xerox multifunction printer... You can configure the settings to require a User ID instead of a passcode to release jobs at the control panel...

Page 56

Passcode: This option requires that you type a passcode to release your Secure Print jobs at the control panel... If required, enter a number from 410 to specify the length of the Secure Print passcode...

Page 57

CCoonnffiigguurree tthhee PPrriinntt DDrriivveerr You can configure your print driver to pull the user name alias from the smart card certificate, or from the Windows operating system... To configure the print driver to pull the user name from the smart card certificate, install the Xerox print driver for your Xerox printer... For more information, refer to the System Administrator Guide for your Xerox multifunction printer...

Page 58

58 Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 59

Note: If you configure Hold All Jobs or Secure Print Driver defaults at the multifunction printer, the settings can override the settings in your print driver... For more information, refer to Configure Hold All Jobs and Configure Secure Print Driver Defaults...

Page 60

Confirm the Installation When you install and configure the card reader and the software, the Card Reader Detected screen appears on the Xerox multifunction printer control panel touch screen...

Page 61

Using the Smart Card When the Smart Card solution is installed and enabled, insert a valid card, then enter your Personal Identification Number (PIN) on the touch screen... When you finish, to end the session, remove your card from the card reader... If you forget to remove your card, the printer ends the session automatically after a specified period of inactivity...

Page 62

62 Xerox AltaLink Series Smart Card Installation and Configuration Guide

Page 63

Fault Clearance ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 65

Page 64

To clean the outer surfaces of the card reader, use a lint-free cloth moistened with water and a mild detergent... Wipe the outer surfaces of the card reader with the lint-free cloth...

Page 65

Fault Clearance When a fault occurs, a message appears on the printer control panel touch screen... The message provides information to clear the fault... If you cannot resolve the fault using the onscreen instructions, refer to Troubleshooting Tips...

Page 66

If you installed the Smart Card solution successfully, but you now experience problems, refer to the After Installation problem-solving table...

Page 67

Server Certificate Failed... Authentication failed because the remote server or domain controller certificate were not found, are invalid, are expired, or access was revoked...

Page 68

GMToffset is not set correctly... If you are not using DHCP, verify that the date, time, GMT offset, and time zone are correct... For more information, refer to the System Administrator Guide for your Xerox printer...

Manualsnet FAQs

If you want to find out how the AltaLink Series Xerox works, you can view and download the Xerox AltaLink Series Smart Card Configuration Guide on the Manualsnet website.

Yes, we have the Configuration Guide for Xerox AltaLink Series as well as other Xerox manuals. All you need to do is to use our search bar and find the user manual that you are looking for.

The Configuration Guide should include all the details that are needed to use a Xerox AltaLink Series. Full manuals and user guide PDFs can be downloaded from Manualsnet.com.

The best way to navigate the Xerox AltaLink Series Smart Card Configuration Guide is by checking the Table of Contents at the top of the page where available. This allows you to navigate a manual by jumping to the section you are looking for.

This Xerox AltaLink Series Smart Card Configuration Guide consists of sections like Table of Contents, to name a few. For easier navigation, use the Table of Contents in the upper left corner.

You can download Xerox AltaLink Series Smart Card Configuration Guide free of charge simply by clicking the “download” button in the upper right corner of any manuals page. This feature allows you to download any manual in a couple of seconds and is generally in PDF format. You can also save a manual for later by adding it to your saved documents in the user profile.

To be able to print Xerox AltaLink Series Smart Card Configuration Guide, simply download the document to your computer. Once downloaded, open the PDF file and print the Xerox AltaLink Series Smart Card Configuration Guide as you would any other document. This can usually be achieved by clicking on “File” and then “Print” from the menu bar.