Learn how to configure Access Control settings for walk-up printing features using the Embedded Web Server (EWS).
Use the Access Control page to manage the device features users can access:
Enable and Configure Sign-In Methods – set up how users log in at the printer control panel or from the computer to access device features
Sign-In and Permission Policies – set up access restrictions for user types, access types, and sign-in methods
Device User Accounts – create, edit, import, export, and delete user and group accounts for accessing printer features
The following steps explain how to use the Access Control feature.
The Access Control sign-in methods can be enabled for the printer, but only one can be the default sign-in method. If more than one method is enabled, access the non-default method from the printer control panel by touching Sign In, and then touch Advanced.
Sign-in methods
Windows
LDAP
Installed third-party sign-in solutions – See the documentation that came with the third-party solution for information about setting up that sign-in method.
Use the following steps to set up Windows sign-in.
To remove a domain, select the domain, and then click Remove.
Use the following steps to set up LDAP sign-in.
The following instructions provide information on how to configure access restrictions for user types, access types, and sign-in methods.
By default, all device features for Device Guest are set to Access Granted and Device User are set to Full Access, which do not require a sign-in method. Sign-in is not required unless the sign-in method is changed in the Sign In Method column from Use Default to one of the three sign-in methods (Local Device, LDAP, or Windows).
Use the following steps to configure an automatic sign out from the printer.
Click the Automatically sign out check box, and click the radio button for either Sign out immediately when job starts or Sign out after 10 seconds with option to stay signed in.
Under Default Retain Settings Behavior, select the job types to retain settings by clicking the following check boxes:
Copy
Digital Send
Fax
Use the following steps to configure the default permission set type for Windows or LDAP sign-in methods.
Set the default permissions for all users and groups by clicking the drop-down lists for LDAP and Windows, and select the appropriate option.
If specific users or groups need different permissions from the default permissions, click New.... The New User or Group to Permission Set Relationship page opens.
From the User or Group drop-down list, select either User or Group.
Using the Permission Set drop-down list, select either Device Administrator or Device User.
From the Sign In Method drop-down list, either LDAP or Windows.
In the Network User or Group Name field, enter a user or group name.
Click OK.
Use the following steps to set up individual Device User Accounts that use an access code for the Local Device sign-in method.
From the Default Permission Set for new accounts drop-down list, select either Device Administrator or Device User.
Click New... to create a new Device User Account, and enter the following information:
Display Name: Enter a Device User Account name
E-mail Address: Enter the user e-mail address
Network Name: Enter the network name
Access Code: Use this generated Access Code or assign a new code
Permission Set: From the drop-down list, select either Device Administrator or Device User
Click OK.
On the Access Control page, review the selected settings, and then click Apply to complete the setup.