[. . . ] Changes, technical inaccuracies, and typographic errors will be corrected in subsequent editions. Document version 1. 0: December 2012 Table of Contents 1 Introduction Smart Card Feature Overview . 12 12 18 18 20 20 21 22 22 24 25 26 26 32 32 33 34 35 36 4 Troubleshooting Fault Clearance . 38 38 39 39 Xerox® Smart Card Installation and Configuration Guide 3 4 Xerox® Smart Card Installation and Configuration Guide Introduction 1 The Xerox Smart Card solution brings an advanced level of security to sensitive information. [. . . ] Enter the IP address or Host Name of the Primary and Alternate Time Server. Select Close. Xerox® Smart Card Installation and Configuration Guide 21 Installation Configure Alternate Authentication If Alternate Authentication is not required, go to Configure a Security Certificate on page 22. If Alternate Authentication is enabled, select the Authentication Servers / Touch UI (Alternate) - Edit link in the Configuration Settings list to configure the server. a. For most installations the Alternate Authentication server will be the same as the Smart Card Domain Controller. Select Close. Configure a Security Certificate If you require the MFD to be configured for certificate validation, complete this section. The following instructions are included: • Create a Device Certificate on page 23 • Import a Certificate Authority Certificate on page 23 • Install a Domain Controller Certificate on page 24 If certificate validation is not required, go to section Configure Smart Card Inactivity Timer on page 26. 22 Xerox® Smart Card Installation and Configuration Guide Installation Create a Device Certificate The device automatically creates a self-signed certificate. Proceed to Configure SSL on page 24. Import a Certificate Authority Certificate 6. Complete these steps if you want to import a certificate from a Certificate Authority: a. Click the Browse button and navigate to the location of your Certificate Authority certificates. If the certificate is encrypted, enter the password at the Password Required screen. Note: Both RootCA and Intermediate CA certificates need to be imported to the MFD to establish a ‘Chain of Trust’ for the certificates located on the operator’s smart card. Select Acquiring Logged In User’s Address - Edit. d. e. f. Select the required option for Acquire logged in user’s e-mail address. If you select Auto or Only Network Address Book (LDAP), click Network Address Book (LDAP) - Edit to configure LDAP server settings. Click Add New. 26 Xerox® Smart Card Installation and Configuration Guide Installation At the LDAP Server screen, enter a Friendly Name. Enter the IP address or Host Name of the Primary and Alternate LDAP server. For example, if the server’s Fully Qualified Domain Name is ‘Hostname. Example. Search. Root’, the search directory root is “dc=Example, dc=Search, dc=Root”. Click Close. g. n. Select LDAP Policies. o. Select Enable SASL Binds to LDAP. Note: Smart cards use a ticket based authentication to LDAP and require SASL for authentication. In the E-mail Setup screen, select the Required Settings tab. a. Select SMTP - Edit. Xerox® Smart Card Installation and Configuration Guide 27 Installation b. Select Use DNS (to identify SMTP Server) to configure the server address using DNS, or select IP Address or Host Name and enter the SMTP server address. c. For the required method of authentication for SMTP Login credentials applied to e-mail jobs sent from the machine’s touch interface select Logged-in User. Note: The Logged-in user’s credentials are typically used to provide authentication for the SMTP server when Smart Card authentication is enabled. Select Save 28 Xerox® Smart Card Installation and Configuration Guide Installation Test Configuration 16. Note: This screen allows you to send a test e-mail to confirm that all e-mail settings are correct. [. . . ] The current session is terminated and the Authentication Required window is displayed. 36 Xerox® Smart Card Installation and Configuration Guide Troubleshooting 4 For optimal performance from your card reader, ensure the following guidelines are followed: • The Card Reader is only compatible with network connected products. Refer to Connect the card reader to the Xerox device on page 17 for instructions. • Do not position the Card Reader in direct sunlight or near a heat source such as a radiator. • Ensure the Card Reader does not get contaminated with dust and debris. Xerox® Smart Card Installation and Configuration Guide 37 Troubleshooting Fault Clearance When a fault occurs, a message displays on the User Interface which provides information relating to the fault. [. . . ]