User access control, User access control" on – Samsung CLX-9250ND-XAA User Manual
Page 90
SyncThru™ Web Service_ 90
802.1x Security
•
802.1x Security: Check to enable this feature.
•
Authentication Algorithm: Select the authentication algorithm to
use.
-
EAP-MD5: Offers minimal security. The MD5 hash function is
vulnerable to dictionary attacks, and does not support key
generation.
-
PEAPv0/EAP-MS-CHAPv2: Recommended for users who only
intend to use Microsoft desktop clients and servers. For other
users, it is not recommended.
-
EAP-MS-CHAPv2: MS-CHAPv2 provides two-way
authentication between peers by combining a peer Challenge
message with the Response packet and an authenticator
Response message on the Success packet.
-
TLS: This is used to provide secure communication over the
Internet between a client and server.
•
Credentials: Enter the User Name, Password, and Confrim
Password to use for the authentication.
•
Server Validation: select/unselect the certificate to use for
validation. This option appears when you select
PEAPv0/EAP-MS-CHAPv2 or TLS.
User Access Control
You can restrict users from accessing the machine or application. You can
also give specific permission for user to only use certain feature of the
machine. For example, you can allow user A to only use print feature. In this
case, user A will not be able to scan, copy or fax with the machine. Set the
values and click the Apply button on the upper right corner of the page.
From the SyncThru™ Web Service, select the Security tab > User Access
Control.
The Undo button clears all the values set so far.
Authentication (Activating access control)
From the SyncThru™ Web Service, select the Security tab > User
Access Control > Authentication.
You can choose the authentication method for user authentication.
Select a mode and click on the Options button. This feature is also
available from the machine (see "Authentication" on page 40).
•
Mode
-
Basic Authentication: Activate basic authentication. Users are
asked to login when they select options that are only available to
administrators. Those options are marked with “a” or
“(administrator only)” in this guide.
-
Device Authentication: Activate device authentication. Device
authentication requests user to login before using the device.
Users cannot use any application without login. Press the Edit
Application button and select the feature to enable/disable
authentication.
-
Application Authentication: Activate application
authentication. An administrator can choose the application(s) to
require user to login to use. Users cannot use the selected
application(s) without logging-in. Press the Edit Application
button and select the application(s) to enable/disable
authentication.
•
Application State
-
Edit Application: Select the feature/application you want to
enable/disable authentication. This option is available only for
Device Authentication and Application Authentication.
•
AA Method: Select the authentication method from the list.
•
Options button
-
Log in Identification: Select the options for logging in.
-
Login Identification: Select the login identification between
Local Authentication and Remote Authentication.
If you select Local Authentication,
-
Options: Select what to require for the user to login.
-
Password Expiration Period: Select whether to set an
expiration period for the password.
-
Password Policy: Select the password policy. If you enable
the Apply strong password, the password should be at
least 8 characters long and it should be a combination of
letters, numbers, and special characters (except for <,>,”,\).
If you select Remote Authentication,
-
Options: Select the server to use for authentication.
-
Log in Restriction: Select what to do when users keep fail to
log-in. Select Enable to enable this feature and set the
sub-options. For example, if you set Minutes to 3, No.of attempt
to 3, and Lock period to 5, users can try to log-in 3 times in 3
minutes and if they fail, they cannot try to log-in for 5 minutes.
-
Minutes [1~59]: Select the length of time the for which a
user can try to log-in
-
No. of attempt [1~99]: Select the number of attempts the
user can try to log-in.
-
Lock period [1~59]: Select the length of time to restrict
users from attempting to log-in.
-
Log out Policy: Select when to log users out.
-
Force to log out: Select to automatically log users out when
a job is completed.
-
No log out: Select to allow users to log-out manually.
-
Log out reminder: Select to show users a log-out request
message when a job is completed.
-
Log out Time : Select the time for automatic log-out. When
there are no jobs in process or no input for the selected time,
the system logs out automatically logs out.
•
LoginPage button: Press LoginPage. Select the login page to use
for the LCD screen (LUI Login Page) on the machine and
SyncThru™Web Service (SWS Login Page).
Authorization (Giving rights)
You can give permissions to a user to only use certain features of the
machine.
The Undo button clears all the values set so far.
Role Management
You can give different rights to different users. For example, you can
allow user A to use all the machine’s functions while giving user B only
the right to print.
The pre-defined roles: ADMIN, GENERAL_USER, GUEST,
LIMITED_RESOURCE_USER, RESTRICTED_INFO_USER cannot be
deleted or edited.
•
ADMIN: has a Read & Write rights for all the features.
•
GENERAL_USER
-
Available features: Color Print/Copy (CLX-9252 9352 Series
only), Mono Print/Copy (SCX-8230 8240 Series only),
Simplex/Duplex Print/Copy, Copy, Fax, Print, Mobile Storage
Read Access, Mobile Storage Write Access, Scan, Send
Destination, and Convert to match authorization.
-
Read-only: Admin Setting, Manage AddressBook, and
Manage Document Box.