Xerox Document Centre 545DC HCF User Manual

							Connectivity & Network Setup
159
Tools
5
Outgoing/Incoming E-mail Settings
Set e-mail transmission and reception settings.
POP3 Server Settings
Set the POP3 server. In [POP3 Server Settings], you can set the following items:
Note • For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 
from 0 to 255.
• For IPv6, enter the address in the format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where 
xxxx is a hexadecimal value.
• When you make an entry mistake, press the  (Clear) button and enter again.
„Server Name/IP Address
Enter a server name or IP address with up to 128 characters, and then select [Save].
„Port Number Enter a port number from 1 to 65535.
The default value is 110.
Important • Do not use the numbers assigned to the other ports.
„Polling Interval
Set the interval for checking the e-mail on the POP3 server from 1 to 120 minutes in 1 minute 
increments.
„Login Name Enter the name to login to the POP3 server with up to 64 characters.
„Password Enter a password for the POP3 server with up to 64 characters.
Enter the same password in [New Password] and [Retype Password] using the numeric 
keypad displayed by selecting [Keyboard]. If you do not set the password, leave the text 
boxes blank and select [Save].
„POP Password Encryption Select [On (APOP)] to encrypt the password.
SMTP Server Settings
Set the SMTP server. In [SMTP Server Settings], you can set the following items:
Note • For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 
from 0 to 255.
• For IPv6, enter the address in the format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where 
xxxx is a hexadecimal value.
• When you make an entry mistake, press the  (Clear) button and enter again.
„SMTP Server Name/IP Address
Enter a server name or IP address, and then select [Save]. Up to 128 characters are allowed.
„SMTP Server Port Number Enter a port number in the range from 1 to 65535.
The default value is 25.
Important • Do not use the numbers assigned to the other ports.
„E-mail Send Authentication
Select one from [Off], [POP before SMTP], or [SMTP AUTH].
Note • If [POP before SMTP] is selected, the POP3 settings must be set.
• AUTH PLAIN, AUTH-LOGIN, or AUTH CRAM-MD5 can be used as an authentication 
method.
„Login Credentials for Sending E-mails
Select the login user name when sending e-ma ils from [Remotely Authenticated User] or 
[System]. When [Remotely Authenticated User] is selected and if the machine tries 
Downloaded From ManualsPrinter.com Manuals 
						

							5 Tools
160
Tools
5
authenticating the remote server before a job startup, the machine performs verification at the 
time of transmission with the remotely authenticated user name and password. You can also 
select the post-failure behavior of the machine  from [Cancel E-mail Send] and [Relogin using 
System Data]. If you do not set remote authentication, the machine uses the user ID and 
passcode of the machine for authentication.
„SMTP AUTH Login Name Enter the user name for verification purposes at the SMTP server with up to 64 characters.
„SMTP AUTH Password Enter the password for verification purposes at the SMTP server. Up to 64 single-byte 
characters are allowed. 
Note • If you do not set the password, leave the text boxes blank and select [Save].
Remote Authentication/Directory Service
You can make the settings for the remote authentication server and directory service.
Authentication System Setup
„Authentication System Allows you to select the authentication sys tem from [Kerberos (Windows 2000)], [Kerberos 
(Solaris)], [LDAP], and [SMB], and [Authentication Agent].
After you change the authentication system, personal folders and personal sheets used with 
the previous authentication system are not deleted  automatically. If these folders or job flow 
sheets are no longer needed, delete them from the machine. If the same user IDs are also 
used on the new authentication system, personal folders and personal job flow sheets can be 
used by the same users.
„Server Response Time-Out Set the server time-out response between 1 and 75 seconds in 1 second increments.
„Search Time-Out Set the user information search time-out between 1 and 120 seconds in 1 second increments. 
Kerberos Server Settings
Configure the Kerberos Servers 1 to 5.
The settings in [Kerberos Server 1 (Default)] will be the default settings for authentication. 
„Primary Server Name/Address Enter the primary server name or IP address.
Note • For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 
from 0 to 255.
• For IPv6, enter the address in the format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where 
xxxx is a hexadecimal value.
„Primary Server Port Number
Set the primary server  port number from 1 to 65535.
The default value is 88.
Important • Do not use the numbers assigned to the other ports.
„Secondary Server Name/Address
Enter the secondary server name or IP address.
Note • For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 
from 0 to 255.
• For IPv6, enter the address in the format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where 
xxxx is a hexadecimal value.
„Secondary Server Port Number
Set the secondary server port number in the range from 1 to 65535.
Downloaded From ManualsPrinter.com Manuals 
						

							Connectivity & Network Setup
161
Tools
5
The default value is 88.
Important •Do not use the numbers assigned to the other ports.
„Domain Name
When you use Active Directory of Windows  2000 Server, Windows Server 2003, or Windows 
Server 2008 as server, specify the domain name of Active Directory in [Domain Name]. Up to 
64 characters are allowed.
Important • Enter a realm name in uppercase characters. Otherwise, an authentication error occurs.
LDAP Server/Directory Service Settings
Configure the directory server, authentication method, and search attributes and ranges for 
LDAP authentication and the Address Book search by LDAP.
„Primary Server Name/Address Enter the primary server name or IP address.
Note • For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 
from 0 to 255.
• For IPv6, enter the address in the format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where 
xxxx is a hexadecimal value.
„Primary Server Port Number
Set the Primary server port number from 1 to 65535.
The default value is 389.
Important • Do not use the numbers assigned to the other ports.
„Secondary Server Name/Address
Enter the secondary server name or IP address.
Note • For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 0 
to 255.
• For IPv6, enter the address in the format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where 
xxxx is a hexadecimal value.
„Secondary Server Port Number
Set the secondary server port number from 1 to 65535.
The default value is 389.
Important • Do not use the numbers assigned to the other ports.
„Authentication Method
Select a method to perform LDAP authentication from [Direct Authentication] and 
[Authentication of User Attributes]. 
zDirect Authentication
User ID and password entered by a user are used for LDAP authentication.
zAuthentication of User Attributes
The user ID entered is used as an attribute specified in [Attribute of Typed User Name] to 
perform a search on the LDAP server. [Attribute of Login User Name] of a user found through 
the search is used as the user ID or a job  and the owner of a job flow sheet and a folder.
„Attribute of Typed User Name When [Authentication of User Attributes] is used for LDAP authentication, set the attribute of 
the user ID entered. Up to 32 characters are allowed.
Set the attribute of the User Attribute information registered on the LDAP server that 
corresponds to the value to be entered as the user name from the control panel. For example, 
when you want a user to enter the mail address, set mail. 
„Attribute of Login User Name Enter an attribute to be used for LDAP authent ication using User Attribute information 
registered on the LDAP server. Up to 32 characters are allowed.
„Use Added Text String Select whether or not to automatically add text strings in [Text String Added to User Name] 
when you enter the authentication information from the control panel.
Downloaded From ManualsPrinter.com Manuals 
						

							5 Tools
162
Tools
5
„Text String Added to User NameEnter text strings for [Text String Added to User Name] when you use additional text strings. 
Up to 64 characters are allowed.
When [Use Added Text String] is set to [Enabl ed], enter the corresponding fixed text string. 
For Example: 
When mail is set for [Attribute of Typed User  Name] and the information registered for the 
target user is [email protected], you will need to enter 
[email protected].
However, if [Use Added Text String] is set to [Enabled] and @myhost.example.com is 
specified for [Text String Added to User Name],  you will only need to enter mail from the 
control panel because the machine adds @myhost.example.com to the end of the string.
„Attribute of Smart Card When a smart card is used for LDAP authentication, set the attribute of the card ID to perform 
a search on the LDAP server to authenticate the user who has the card. Up to 32 characters 
are allowed.
Note • This item is displayed when [Smart Card Link Mode] under [Tools] > [Authentication/Security 
Settings] > [Authentication] > [User Details Setup] is set to [No Passcode Required].
„Network User ID Attribute
When a smart card is used for LDAP authentication, set the attribute of the user name to be 
used for a smart card ID search. The user name is given to the remote service as the 
authentication information. Up to 32 characters are allowed.
Note • This item is displayed when [Smart Card Link Mode] under [Tools] > [Authentication/Security 
Settings] > [Authentication] > [User Details Setup] is set to [No Passcode Required].
„Login Credentials to Search Entries
Select which users are allowed to search the Address Book.
You can select from [Remotely Authenticated User] and [System].
„Login Name Set a user name for the Address Book search and access the directory server using 
[Authentication of User Attributes] method for LDAP authentication. Set this item only when 
authentication is required for the search for the  directory service. Up to 255 characters are 
allowed.
„Password Set a login password for the user specified in [Login Name]. Up to 32 characters are allowed.
„Search Directory Root Enter a search root character string with up to 255 characters.
„Scope of Search from Root Entry Select the search range from the root entry.
zRoot entry only- Searches the root level only.
zOne level below root entry only- Searches from the root level to one level below the root level.
zAll levels below root entry- Searches from the root level to all lower levels below the root level.
„Object Class of Search Target Enter the object class to search with up to 32 characters.
„LDAP Referrals Specify whether or not to re-establish connection to another LDAP server if a currently 
connected LDAP server requests to do so.
„LDAP Referral Hop Limit When using the Referral feature, specify how many times that a user is allowed to hop 
servers within 1 to 5 times.
Downloaded From ManualsPrinter.com Manuals 
						

							Connectivity & Network Setup
163
Tools
5
„LDAP ServerSelect the software used by the directory server from [Microsoft Active Directory], [Microsoft 
Exchange], [Novell NetWare], [IBM Lotus Domino 6.*], and [Other Applications].
„Search Entries by Common Name Set whether or not to use [Attribute Type of Name] as a search entry when a name is used as 
a search key.
„Search Entries by Surname Set whether or not to use [Attribute Type of Surname] when a name is used as a search key.
„Search Entries by Given Name Set whether or not to use [Attribute Type of Given Name] when a name is used as a search 
key.
„Attribute Type of Name Set the recipient name attribute type. Enter a field attribute name to be used as a recipient 
name from user information registered on the LDAP  server. Up to 32 characters are allowed. 
For Windows, enter cn for an attribute name used as a recipient name.
„Attribute Type of Surname Set the senders family name attribute type. Up to 32 characters are allowed.
„Attribute Type of Given Name Set the senders first name attribute type. Up to 32 characters are allowed.
„Attribute Type of E-mail Address Set the e-mail address attribute type. Enter a field attribute name to be used as e-mail 
information from the user information registered on the LDAP server. Up to 32 characters are 
allowed. For Windows, enter mail for an attribute name used as e-mail information.
„Attribute Type of Fax Number Set the fax number attribute type. Up to 32 characters are allowed.
„Attribute Type of IP Fax (SIP) Set a field attribute name that is used as IP  fax (SIP) number information from the user 
information registered on the LDAP server y ou use. Up to 32 characters are allowed.
„Attribute Type of E-mail (Internet Fax) Set the Internet fax address attribute type. Up to 32 characters are allowed.
„Attribute Type of Custom Items 1, 2, and 3 Set the LDAP attribute type of custom items 1 to 3. In addition to [Attribute Type of Name] and 
[Attribute Type of E-mail Address], you can assign user attributes registered on the LDAP 
server for a search. Up to 32 characters are allowed.
„Attribute Name of Custom Items 1, 2, and 3 Set the attribute names assigned to custom items 1 to 3. Up to 16 characters are allowed.
Note • To encrypt communications using this feature, a trusted root certificate authority and all 
intermediate certificate authorities that are registered in the path of a certificate to use must 
be registered.
„Attribute Type of Certificate
Set the certificate attribute type. Select and enter the field name to use as a certificate from 
among the user information registered on the LDAP  server. Up to 32 single-byte characters 
are allowed.
For Windows, enter userCertificate;binary for an attribute name used as certificate 
information. The information is used as an S/MIME certificate when you specify an address 
using the directory service to encrypt e-mail transmission by S/MIME.
Note • To encrypt communications using this feature, a trusted root certificate authority and all 
intermediate certificate authorities that are registered in the path of a certificate to use must 
be registered.
Downloaded From ManualsPrinter.com Manuals 
						

							5 Tools
164
Tools
5
„Maximum Number of Search ResultsSet a maximum number of address to display from search results from 5 to 100. If the search 
results exceed the maximum, the search stops at the maximum number set. The default 
value is 50.
„Search Time-Out Select whether or not to set a search time-out. Set the value from 5 to 120 seconds in 1 
second increments.
„Directory Service for Address Book Select whether or not to use an address book stored on the directory server.
Even when [Enabled] is selected, the address book of the directory server will not be started 
unless the following conditions are satisfied.
zThe IP address of the directory server  (primary) of the machine must be set.
zThe IP address or Internet address of the  directory server (primary) must be set.
zThe port numbers used for LDAP communication must be set on the directory server and the
machine.
SMB Server Settings
„SMB Server Setup
Select the server specification method from [By Domain Name] and [By Domain & Server 
Names/IP Address].
According to the option you selected here, set [Domain Name] and [Server Name/IP Address] 
for SMB servers 1 to 5 respectively. The setting for SMB server 1 is used as the default 
setting for authentication.
„Domain Name Enter the domain name of the server. Up to 64 characters are allowed.
This setting is mandatory regardless of the SMB server specification method selected for 
[SMB Server Setup].
Important • Use the NetBIOS or Active Directory domain name for the domain name.
„Server Name/IP Address
Enter the server name or IP address.
This setting is valid when [SMB Server Setup] is set to [By Domain & Server Names/IP 
Address].
Important • Use the NetBIOS computer name or full computer name with DNS suffix for the server 
name.
• For IPv4, enter the address in the format xxx.xxx.xxx.xxx, where xxx is a numeric value 
from 0 to 255.
Security Settings
Set the security settings.
SSL/TLS Settings
Configure the SSL/TLS settings.
„Device Certificate - Server Select a certificate for HTTP SSL/TLS communications.
„HTTP - SSL/TLS Communication Select whether or not to enable HTTP SSL/TLS communications.
„HTTP - SSL/TLS Port Number Set the port number used for HTTP SSL/TLS communication from 1 to 65535.
The default value is 443.
Important • Do not use the numbers assigned to the other ports.
Downloaded From ManualsPrinter.com Manuals 
						

							Connectivity & Network Setup
165
Tools
5
„LDAP - SSL/TLS CommunicationSet whether or not to enable the SSL/TLS communications for authentication and searches.
If you enable the LDAP SSL/TLS communications , you must set [Primary Server Port 
Number] and [Secondary Server Port Number] under [LDAP Server/Directory Service 
Settings].
The port number for SSL/TLS communications of t he LDAP directory server is normally set to 
636.
„SMTP-SSL/TLS Communication Configure the SSL/TLS communications.
zDisabled
The machine does not communicate in SSL/TLS.
zSTARTTLS (If Available)
The machine verifies the certificate and communica tes in SSL/TLS. If the verification fails, the
machine does not communicate in SSL/TLS.
zSTARTTLS
The machine verifies the certificate and communica tes in SSL/TLS. If the verification fails, the
machine cannot perform communication.
zSSL/TLS
The machine communicates in SSL/TLS.
Note • The Internet Fax Direct (P2P) feature does not support SMTP-SSL/TLS communication.
„Device Certificate - Client
Select a certificate for HTTP SSL/TLS communications.
„Verify Remote Server Certificate When the machine is operated as an SSL client, select whether or not to verify the certificate 
of the remote server.
S/MIME Settings 
Configure S/MIME settings.
„Device Certificate - S/MIME Select a certificate for S/MIME communications.
For more information on the certificate, refer to Encryption and Digital Signature Settings (P.313).
„S/MIME Communication Select whether or not to enable S/MIME communications.
„Receive Untrusted E-mail If you select [No], the machine cannot receive the following e-mail:
zE-mails other than e-mail sent by S/MIME when [S/MIME Communication] is enabled.
zE-mails that fail to attach a signature or verification.
zE-mails that are attached with an expired certificate.
„Receive Untrusted Internet Fax If you select [No], the machine cannot receive the following Internet fax:
zInternet faxes other than the Internet fax sent by S/MIME when [S/MIME Communication] is
activated.
zInternet faxes that fail to attach a signature or verification.
zInternet faxes that are attached with an expired certificate.
„Message Digest Algorithm Select a message digest algorithm. Select from [SHA1] and [MD5].
„Message Encryption Method Set the encryption method for mail contents. Select from [3DES], [RC2-40], [RC2-64], and 
[RC2-128].
Downloaded From ManualsPrinter.com Manuals 
						

							5 Tools
166
Tools
5
„Split Encrypted E-mailSelect whether or not to split an outgoing encrypted e-mail for each recipient.
„Split Encrypted Internet Fax Select whether or not to split an outgoing encrypted Internet fax for each recipient.
„Digital Signature - Outgoing E-mail Select whether or not to always add a digital signature to outgoing e-mails. You can also 
select the setting in which the machine asks to add a digital signature to the e-mail whenever 
you send.
„Signing Certificate for E-mail Attachment Select the certificate to use for attaching a signature to e-mails.
„Digital Signature - Outgoing Internet Fax Select whether or not to always add a digital signature to outgoing Internet faxes. You can 
also select the setting in which the machine asks to add a digital signature to the Internet fax 
whenever you send.
„Certificate Auto Store Select whether or not to automatically store a S/MIME certificate attached with the e-mail 
when receiving e-mail from an address registered on the Address Book.
PDF/DocuWorks/XPS Signature Settings
Configure signature settings of PDF/DocuWorks/XPS documents.
„Device Certificate Select a certificate to use for the signature.
For more information on the certificate, refer to E ncryption and Digital Signature Settings (P.313).
„PDF Signature Select the setting for PDF Signature from [Do not add signature], [Always add visible 
signature], [Always add invisible signature], or [Select during send].
„DocuWorks Signature Select the setting for DocuWorks Signature from [Do not add signature], [Always add 
signature], or [Select during send].
„XPS Signature Select the setting for XPS Signature from [Do not add signature], [Always add invisible 
signature], or [Select during send].
IPSec Settings
Configure the IPSec settings.
Note • For [IKE Authentication Method], [Preshared Key], [DH Group], and [PFS Settings], consult 
your network administrator.
„IKE Authentication Method
Set the IKE authentication method. Select from [Authenticate by Preshared Key] and 
[Authenticate by Digital Signature].
„Preshared Key Enter a preshared key. 
This setting is valid when [IKE Authentication Method] is set to [Authenticate by Preshared 
Key].
„Device Certificate Select a certificate for IPSec communications.
Set a certificate when [IKE Authentication Method] is set to [Authenticate by Digital 
Signature]. A self-signed certificate created by CentreWare Internet Services cannot be used.
For more information on a certificate, refer to Types of Certificate (P.314).
Downloaded From ManualsPrinter.com Manuals 
						

							Connectivity & Network Setup
167
Tools
5
„IPSec CommunicationSelect whether or not to enable IPSec communications.
„IKE SA Life Time Specify IKE SA lifetime from 5 to 28800 minutes in 1 minute increments. 
Note • The value must be greater than the value set in [IPSec SA Life Time].
„IPSec SA Life Time
Specify IPSec SA lifetime from 300 to 172800 seconds in 1 second increments. 
Note • The value must be smaller than the value set in [IKE SA Life Time].
„DH Group
Set DH group. Select from [G1] and [G2].
„PFS Settings Select whether or not to enable PFS.
„Destination IPv4 Address Set the IPv4 address of the destination.
When entering an IP address, enter the address in the format xxx.xxx.xxx.xxx, where xxx 
is a numeric value from 0 to 255.
„Destination IPv6 Address Set the IPv6 address of the destination.
When entering an IP address, enter the address in the format 
xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, where xxxx is a hexadecimal value.
„Communicate with Non-IPSec Devices Select whether or not to communicate with non-IPSec devices.
IEEE 802.1x Settings
Configure the IEEE 802.1x settings.
„IEEE 802.1x Set whether or not to use IEEE 802.1x authentication.
„Authentication Method Select from [EAP-MD5], [EAP-MS-CHAPv2], [PEAP/MS-CHAPv2], and [EAP-TLS].
„Login User Name Enter the login user name with up to 128 characters.
„Login Password Enter the login password with up to 128 characters.
„Server Certificate Verification Select whether or not to verify a server ce rtificate when [PEAP/MS-CHAPv2] is selected in 
[Authentication Method].
Certificate Revocation Retrieval Settings
Configure the settings for certificate revocation retrieval.
„Level of Certificate Verification Select a level of certificate verifica tion from [Low], [Medium], or [High].
Selecting [Low] does not verify the validity of certificates. 
Selecting [Medium] verifies the validity of certificates. If a certificate cannot be verified 
because of a network error or any other problems, the certificate is determined as valid.
Selecting [High] verifies the validity of certificates, and determines only certificates that have 
not been revoked as valid. 
„Retrieval of Certificate Status Select the method to verify the validity of certificates. Select [By Retrieving CRL] if the 
machine retrieves a CRL (Certificate Revocation  List) from the validation authority to verify 
Downloaded From ManualsPrinter.com Manuals 
						

							5 Tools
168
Tools
5
the revocation status of the certificate. If the machine uses OCSP (Online Certificate Status 
Protocol), which can verify the validity revocation status of the certificate, to have the 
certificate authority or validation authority check the revocation status.
„Auto Retrieval of CRL Select whether or not to automatically retrieve a CRL.
„CRL Retrieval Time-Out Specify a time-out value to retrieve a CRL from 5 to 60 seconds in 1 second increments.
„Send Query to OCSP Responder With Select how to access an OCSP responder from [URL as Specified in Certificate] or [URL as 
Specified by Administrator].
„URL of OCSP Responder Enter the URL of an OCSP responder when [URL as Specified by Administrator] has been 
selected for [Send Query to OCSR Responder With]. Up to 255 characters are allowed.
„OCSP Communication Time-Out Specify a time-out value for communicati on between the OCSP responder and the machine 
from 5 to 60 seconds in 1 second increments.
Other Settings
You can set the following network related items.
Protocol to Receive E-mail
Select from [SMTP] and [POP3] depending on your environment.
Add Domain Name to User Name
Select whether or not to add domain names to user names.
Output Destination for E-mail
Specify an output destination for e-mail print. Selecting [Auto] enables the machine to select 
the output destination, which is set as the default output destination.
Domain Filtering
Set the domain filtering settings for the E-mail, Internet Fax, and IP Fax (SIP) features.
„Domain Filtering When [Allow Domains] is selected, you can specify domains to permit transmissions. When 
[Block Domains] is selected, you can specify domains to prohibit transmissions.
„Domains 1 to 50 When [Domain Filtering] is set to [Allow Domains] or [Block Domains], you can specify up to 
50 domains to allow or block transmissions.
Selecting [Change Settings] allows you to enter the domain name using a keyboard displayed 
with up to 64 characters.
Downloaded From ManualsPrinter.com Manuals