User access control, User access control" on – Samsung CLX-9250ND-XAA User Manual

SyncThru™ Web Service_ 90

802.1x Security

•

802.1x Security: Check to enable this feature.

•

Authentication Algorithm: Select the authentication algorithm to

use.

-

EAP-MD5: Offers minimal security. The MD5 hash function is

vulnerable to dictionary attacks, and does not support key

generation.

-

PEAPv0/EAP-MS-CHAPv2: Recommended for users who only

intend to use Microsoft desktop clients and servers. For other

users, it is not recommended.

-

EAP-MS-CHAPv2: MS-CHAPv2 provides two-way

authentication between peers by combining a peer Challenge

message with the Response packet and an authenticator

Response message on the Success packet.

-

TLS: This is used to provide secure communication over the

Internet between a client and server.

•

Credentials: Enter the User Name, Password, and Confrim

Password to use for the authentication.

•

Server Validation: select/unselect the certificate to use for

validation. This option appears when you select

PEAPv0/EAP-MS-CHAPv2 or TLS.

User Access Control

You can restrict users from accessing the machine or application. You can

also give specific permission for user to only use certain feature of the

machine. For example, you can allow user A to only use print feature. In this

case, user A will not be able to scan, copy or fax with the machine. Set the

values and click the Apply button on the upper right corner of the page.
From the SyncThru™ Web Service, select the Security tab > User Access

Control.

The Undo button clears all the values set so far.

Authentication (Activating access control)

From the SyncThru™ Web Service, select the Security tab > User

Access Control > Authentication.
You can choose the authentication method for user authentication.

Select a mode and click on the Options button. This feature is also

available from the machine (see "Authentication" on page 40).

•

Mode

-

Basic Authentication: Activate basic authentication. Users are

asked to login when they select options that are only available to

administrators. Those options are marked with “a” or

“(administrator only)” in this guide.

-

Device Authentication: Activate device authentication. Device

authentication requests user to login before using the device.

Users cannot use any application without login. Press the Edit

Application button and select the feature to enable/disable

authentication.

-

Application Authentication: Activate application

authentication. An administrator can choose the application(s) to

require user to login to use. Users cannot use the selected

application(s) without logging-in. Press the Edit Application

button and select the application(s) to enable/disable

authentication.

•

Application State

-

Edit Application: Select the feature/application you want to
enable/disable authentication. This option is available only for
Device Authentication and Application Authentication.

•

AA Method: Select the authentication method from the list.

•

Options button

-

Log in Identification: Select the options for logging in.

-

Login Identification: Select the login identification between

Local Authentication and Remote Authentication.
If you select Local Authentication,

-

Options: Select what to require for the user to login.

-

Password Expiration Period: Select whether to set an

expiration period for the password.

-

Password Policy: Select the password policy. If you enable

the Apply strong password, the password should be at

least 8 characters long and it should be a combination of

letters, numbers, and special characters (except for <,>,”,\).
If you select Remote Authentication,

-

Options: Select the server to use for authentication.

-

Log in Restriction: Select what to do when users keep fail to

log-in. Select Enable to enable this feature and set the

sub-options. For example, if you set Minutes to 3, No.of attempt

to 3, and Lock period to 5, users can try to log-in 3 times in 3

minutes and if they fail, they cannot try to log-in for 5 minutes.

-

Minutes [1~59]: Select the length of time the for which a

user can try to log-in

-

No. of attempt [1~99]: Select the number of attempts the

user can try to log-in.

-

Lock period [1~59]: Select the length of time to restrict

users from attempting to log-in.

-

Log out Policy: Select when to log users out.

-

Force to log out: Select to automatically log users out when

a job is completed.

-

No log out: Select to allow users to log-out manually.

-

Log out reminder: Select to show users a log-out request

message when a job is completed.

-

Log out Time : Select the time for automatic log-out. When

there are no jobs in process or no input for the selected time,

the system logs out automatically logs out.

•

LoginPage button: Press LoginPage. Select the login page to use

for the LCD screen (LUI Login Page) on the machine and

SyncThru™Web Service (SWS Login Page).

Authorization (Giving rights)

You can give permissions to a user to only use certain features of the

machine.

The Undo button clears all the values set so far.

Role Management

You can give different rights to different users. For example, you can

allow user A to use all the machine’s functions while giving user B only

the right to print.
The pre-defined roles: ADMIN, GENERAL_USER, GUEST,

LIMITED_RESOURCE_USER, RESTRICTED_INFO_USER cannot be

deleted or edited.

•

ADMIN: has a Read & Write rights for all the features.

•

GENERAL_USER

-

Available features: Color Print/Copy (CLX-9252 9352 Series

only), Mono Print/Copy (SCX-8230 8240 Series only),

Simplex/Duplex Print/Copy, Copy, Fax, Print, Mobile Storage

Read Access, Mobile Storage Write Access, Scan, Send

Destination, and Convert to match authorization.

-

Read-only: Admin Setting, Manage AddressBook, and

Manage Document Box.