Dell C5765dn Operator's manual

Dell™ C5765dn

Smart Card Reader

Installation and Configuration Guide

Regulatory Model: C5765dn

Information in this document is subject to change without notice.

This publication could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein;

these changes will be incorporated in later editions. Improvements or changes in the products or the programs described may be made

at any time.

For Dell technical support and downloads, visit dell.com/support or contact Dell's ProSupport Help Desk for assistance by calling

1-866-516-3115, or by e-mailing imaging_Solutions_Support_CAC@dell.com.

Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden.

Trademarks used in this text: Dell and the DELL logo are trademarks of Dell Inc.; Microsoft, Windows, and Windows Server are either

trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries; RSA and BSAFE are either

registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.

XML Paper Specification (XPS): This product may incorporate intellectual property owned by Microsoft Corporation. The terms and

conditions upon which Microsoft is licensing such intellectual property may be found at http://go.microsoft.com/fwlink/?LinkId=52369.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their

products. Dell Inc. disclaims any proprietary interest in trademarks and trade names other than its own.

The printer software uses some of the codes defined by the Independent JPEG Group.

SD Logo is a trademark of SD-3C, LLC.

As for RSA BSAFE

This printer includes RSA®BSAFE®Cryptographic software from EMC Corporation.

____________________

UNITED STATES GOVERNMENT RESTRICTED RIGHTS

This software and documentation are provided with RESTRICTED RIGHTS. Use, duplication or disclosure by the Government is subject to

restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013

and in applicable FAR provisions: Dell Inc., One Dell Way, Round Rock, Texas, 78682, USA.

April 2014 Rev. A01

Table of Contents

1 Before Using the Smart Card Solution ..................................................................................... 5

Preface..............................................................................................................................................6

Conventions ....................................................................................................................................6

Feature Overview........................................................................................................................... 7

Supported Card Readers..............................................................................................................8

Supported Card Types .................................................................................................................9

Compatibility .................................................................................................................................10

2 Installation.......................................................................................................................................11

Hardware Installation .................................................................................................................. 12

Initial Settings Procedures Using Dell Printer Configuration Web Tool ....................... 13

Preparations for settings on Dell Printer Configuration Web Tool............................ 13

Set SSL/TLS............................................................................................................................... 14

Import root CA and intermediate CA certificates for the Smart Card......................16

View the imported CA certificates ..................................................................................... 17

Set SMTP................................................................................................................................... 17

Set S/MIME ...............................................................................................................................18

Set LDAP Server ...................................................................................................................... 19

Set Kerberos Server............................................................................................................... 20

Set Certificate Revocation Retrieval .................................................................................. 21

Set FIPS140-2...........................................................................................................................22

Set User ID Case Sensitivity..................................................................................................23

Disable Plug-in Settings ........................................................................................................23

Initial Settings Procedures Using Control Panel ..................................................................24

Authentication for entering the System Administration mode...................................24

Check the system clock .......................................................................................................25

Set NTP Time Synchronization...........................................................................................25

Set Authentication................................................................................................................. 26

Set Use of Smart Card.......................................................................................................... 28

Set Access Control................................................................................................................ 29

Set Private Charge Print ........................................................................................................32

Initial Settings Procedures Using Printer Driver of User Client ........................................33

Configure the User Account ...............................................................................................33

3 Usage Examples ...........................................................................................................................35

User Authentication.....................................................................................................................36

Digital Signature for S/MIME .....................................................................................................37

Digital Signature for Scan Files ................................................................................................38

Private Charge Print.....................................................................................................................39

4 Problem Solving ........................................................................................................................... 41

Error Messages .............................................................................................................................42

Technical Support........................................................................................................................45

Service Tag and Express Code............................................................................................45

5 Appendix ........................................................................................................................................ 47

List of Configuring Procedures................................................................................................48

Smart Card Certificate - Object Identifiers............................................................................50

Index ....................................................................................................................................................... 51

1 Before Using the Smart Card

Solution

This chapter describes the Smart Card (CAC/PIV) solution and the items to be

confirmed.

• Preface............................................................................................................................6

• Conventions ..................................................................................................................6

• Feature Overview......................................................................................................... 7

• Supported Card Readers............................................................................................8

• Supported Card Types................................................................................................9

• Compatibility ...............................................................................................................10

1 Before Using the Smart Card Solution

Preface

This guide is intended for use by Dell service providers and network administrators

responsible for the management of security appliances and software in the network

environment of the organization where the machine is installed, and describes the

setup procedures related to the Smart Card solution.

It may not include all options and settings available and configurable on the machine.

Please be aware that due to the differences in networks and needs, there may be

alternative settings required for each installation.

For information on the other features available for the machine, refer to the following

guidance.

• Dell C5765dn Color Laser Multifunction Printer User’s Guide

Conventions

• The screen shots and illustrations used in this guide vary depending on the machine

configuration, optional components installed, and operating system of your

computer. Some of the items in the screen shots may not be displayed or available

depending on the configuration of your machine.

• The procedures in this guide may vary depending on your environment.

• In this guide, "computer" refers to a personal computer or workstation.

• "Note" in this guide provides additional information on operations or features.

• The following symbols are used in this guide:

" " : • A cross-reference included in this guide.

• Names of CD-ROM, features, and touch screen

messages and input text.

[ ] : • Folders, files, applications, button or menu names

displayed on the touch screen.

• Names of menus, commands, windows, or dialog

boxes displayed on the computer screen and their

buttons and menu names.

< > button : Hardware buttons on the control panel.

< > key : Keys on the keyboard of the computer.

Feature Overview

The Dell Smart Card solution brings an advanced level of security to sensitive

information.

This ensures that only authorized users are able to copy, scan, print, e-mail, and fax

information.

Once validated, a user is logged into the machine for all features.

This functionality requires the use of PKI certificates that must be made available to

the machine. Once available, these certificates allow encryption and digital signing of

e-mail messages and digital signing of PDF and XPS (XML Paper Specification) files.

1 Before Using the Smart Card Solution

Supported Card Readers

The following card readers are compatible with the solution:

• SCR331

• SCR3310 v2.0

Note • Other CCID compliant ISO-7816 card reader may function with the solution, but have not

been validated.

•

For Dell technical support and downloads, visit dell.com/support or contact Dell's

ProSupport Help Desk for assistance by calling 1-866-516-3115, or by e-mailing

imaging_Solutions_Su[email protected].

Supported Card Types

The customer is responsible for purchasing and configuring the access cards. The

following card types are recommended:

• Axalto Pegasus 64K / V2

• Axalto Cyberflex 32K / V1

• Axalto Cyberflex 64K / V2

• Gemplus GemXpresso 64K / V2

• Oberthur 72K / V2

• Oberthur Cosmopoll 32K / V1

• Oberthur D172K / V2 (contact-less and PIV)

•Gemalto72KPIVENDPOINT

•Gemalto128KPIVENDPOINT

• Gemalto 144K PIV ENDPOINT

Note • Other card types may function with the solution, but have not been validated.

•

For Dell technical support and downloads, visit dell.com/support or contact Dell's

ProSupport Help Desk for assistance by calling 1-866-516-3115, or by e-mailing

[email protected].

1 Before Using the Smart Card Solution

Compatibility

This solution is compatible with the following product and configurations:

Press the <Machine Status> button on the control panel.

Select [Software Version] on the [Machine Information] screen.

You can identify the software versions of the components of the machine on the

screen.

Configuration Software Level CAC PIV

Dell C5765dn Controller ROM Ver. 2.205.0

and later

Yes Yes

2 Installation

This chapter provides instructions for installing and configuring the Smart Card

solution. There are four main installation procedures to follow in sequence.

• Hardware Installation ................................................................................................ 12

• Initial Settings Procedures Using Dell Printer Configuration Web Tool ...... 13

• Initial Settings Procedures Using Control Panel ................................................24

• Initial Settings Procedures Using Printer Driver of User Client ......................33

2 Installation

Hardware Installation

Connect your card reader to the available USB port.

Initial Settings Procedures Using Dell Printer Configuration Web Tool

This section describes the initial settings related to the Smart Card solution, and how

to set them on Dell Printer Configuration Web Tool.

Preparations for settings on Dell Printer Configuration Web Tool................................... 13

Set SSL/TLS...................................................................................................................................... 14

Import root CA and intermediate CA certificates for the Smart Card ............................. 16

View the imported CA certificates .............................................................................................17

Set SMTP ...........................................................................................................................................17

Set S/MIME ...................................................................................................................................... 18

Set LDAP Server.............................................................................................................................. 19

Set Kerberos Server .......................................................................................................................20

Set Certificate Revocation Retrieval.......................................................................................... 21

Set FIPS140-2 ..................................................................................................................................22

Set User ID Case Sensitivity......................................................................................................... 23

Disable Plug-in Settings................................................................................................................ 23

Preparations for settings on Dell Printer Configuration Web Tool

Prepare a computer supporting the TCP/IP protocol to use Dell Printer Configuration

Web Tool. Dell Printer Configuration Web Tool supports the browsers that satisfy

"SSL/TLS" conditions.

Open your Web browser, enter the TCP/IP address of the machine in the Address or

Location field, and press the <Enter> key.

Note • If a certificate error screen appears, choose to ignore the error and continue.

Enter the System Administrator's ID and the passcode if prompted (default ID:

“admin”, default passcode: “1111”).

Display the [Properties] screen by clicking the [Properties] tab.

2 Installation

Set SSL/TLS

Installation of the card reader requires HTTP - SSL/TLS communication between a

network-connected computer and the machine.

Click [Security] on the [Properties] screen.

Click [Machine Digital Certificate Management].

Click [Create New Certificate].

Note • If [Create New Self Signed Certificate] is displayed, click it and go to step 5.

Select [Self-Signed Certificate] and click [Continue].

On the each menu, make the following settings as necessary:

•PublicKeySize

• Issuer

•DaysofValidity

Click [Apply].

Click [SSL / TLS Settings].

Initial Settings Procedures Using Dell Printer Configuration Web Tool

Check the [Enabled] box for [HTTP - SSL / TLS Communication] and [LDAP- SSL / TLS

Communication].

Note • For the secure operation, you should check the [Enabled] box for [Verify Remote Server

Certificate], and import the CA certificate. If SMTP server has SSL/TLS function and if you

want to use a secure e-mail, configure the [SMTP - SSL / TLS Communication].

Click [Apply].

Click [Reboot Machine] if prompted.

2 Installation

Import root CA and intermediate CA certificates for the Smart Card

Import root CA and intermediate CA certificates for the Smart Card, Kerberos server,

and OCSP responder.

Supported CA certificate formats

The CA certificate formats that can be used are as follows:

• DER encoded binary X.509 (.CER)

• Base 64 encoded X.509 (.CER)

• DER encoded binary PKCS #7 (.P7B)

Note • Base 64 encoded PKCS #7 is not supported.

How to import the certificates

Click [Security] on the [Properties] screen.

Click [Machine Digital Certificate Management].

Click [Upload Signed Certificate].

Enter a file name for the file you want to import, or select the file to be imported by

clicking [Browse].

Note • Leave the password fields blank.

Click [Import].

Repeat steps 2 to 5 for each CA certificate.

Note • Both root CA and intermediate CA certificates need to be imported to the machine to

establish a “Chain of Trust” for the certificates located on the operator's Smart Card.

Initial Settings Procedures Using Dell Printer Configuration Web Tool

View the imported CA certificates

The following steps are optional. You can check the imported CA certificates.

Click [Certificate Management].

Select [Trusted Certificate Authorities] or [Intermediate Certificate Authorities].

Click [Display the list].

Set SMTP

Configure the SMTP settings to use the Scan to E-mail service.

Click [Configuration Overview] on the [Properties] screen.

Click [Settings] for [E-mail].

Click [Configure] for [SMTP Server], and make the following settings:

• IP Address/Hostname

•Portnumber

• Machine's E-mail address

• Login credentials to access SMTP server

Note • If using Active Directory Authentication to the e-mail server, you should use the format

“user@domain” for the Login Name field.

• Login Credentials for e-mail send

Note • Dell Printer Configuration Web Tool requires the “Login Name” field to be filled if SMTP

AUTH is selected. If desired, you may enter an invalid user such as “none” if using the

“Remotely Authenticated User” option.

Click [Apply].

2 Installation

Set S/MIME

Enable the S/MIME communication to use the e-mail encryption and digital signature

features. To use S/MIME on the machine, a certificate issued by another CA is

required.

Creating a Certificate Signing Request (CSR)

Click [Security] on the [Properties] screen.

Click [Machine Digital Certificate Management].

Click [Create New Certificate].

Select [Certificate Signing Request (CSR)] and click [Continue].

Make the following settings and click [Apply].

• 2 Letter Country Code

• Organization Name

• Organization Unit

Note • Confirm that the e-mail address displayed here is the same with the machine’s e-mail

address configured in "Set SMTP" (P.17).

Click [Download] to save the CSR.

Email the file to a trusted certificate authority to be signed.

Uploading a certificate

When a signed certificate is received back from a trusted certificate authority, you can

upload the certificate to the machine.

Note • The signed certificate must match the CSR created by the machine.

•You must import certificates in the DER encoded PKCS #7 format only.

Click [Security] on the [Properties] screen.

Click [Machine Digital Certificate Management].

Click [Upload Signed Certificate].

If the certificate is password protected, type the password and retype to verify.

Click [Browse], navigate to the signed certificate in ".crt" format, and click [Open].

Click [Import].

Specifying a certificate to use

Click [Security] on the [Properties] screen.

Click [Certificate Management].

Select [Local Device] for [Category] and [S/MIME] for [Certificate Purpose].

Note • Set [Certificate Order] as necessary.

Click [Display the list].

Select a certificate from the list and click [Certificate Details].

Click [Use this certificate].

Initial Settings Procedures Using Dell Printer Configuration Web Tool

Note • If [Use this certificate] is not available, then the selected certificate has expired, or is not

valid. All certificates in the certification path (chain of trust) must be installed on the

machine and be valid.

Click [Reboot Machine] if prompted.

Enabling S/MIME communication

Click [Security] on the [Properties] screen.

Click [SSL / TLS Settings].

Check the [Enabled] box for [S/MIME Communication].

Click [Apply].

Click [Reboot Machine] if prompted.

For more information on the S/MIME settings, refer to "15 Tools" > "Connectivity & Network

Setup" > "Security Settings" > "S/MIME Settings" in the User's Guide.

Set LDAP Server

Configure the LDAP server settings to use the Access Control feature.

Click [Connectivity] on the [Properties] screen.

Click [Protocols].

Click [LDAP].

Click [LDAP Server].

On the each menu, make the following settings:

• IP Address/Hostname

•Portnumber

•LDAPServer

• Search Directory Root

Note • Enter the distinguished name of the root node. (Example: CN=users, DC=mydomain,

DC=dell, DC=com)

• Login credentials to Search Entries

2 Installation

Note • Using system credentials to authenticate to an Active Directory LDAP server, you must use

the format “domain\user”.

Click [Apply].

Click [Reboot Machine] if prompted.

Set Kerberos Server

Configure the Kerberos server settings for authentication.

Click [Security] on the [Properties] screen.

Click [Kerberos Server] under [Remote Autentication Servers].

Check the [Enabled] box for [Server Certificate Validation].

On the each menu, make the following settings:

• Primary Server Name/IP Address

• Primary Server Port Number

•DomainName

Click [Apply].

Click [Reboot Machine] if prompted.

Other manuals for C5765DN

Table of contents

Dell C5765DN Operator's manual

Popular Card Reader manuals by other brands