SNMPv3

Go to Properties → Connectivity → Setup then edit SNMP from list of protocols.

Enable SNMP v3 Protocol and allow SNMP v3 Set. Edit SNMP v3 Properties.

Choose Authentication/Encryption algorithm, enable Administrator Account and fill Authentication Password and Encryption password used in your organization.

The same SNMP3 settings have to be used in device configuration in SafeQ.

 Proceed with the MFD installation in SafeQ to complete the installation of YSoft SafeQ Embedded Terminal. Check the installation status and installation steps.

 If there are some warnings present during the installation, you will need to do some further settings based on the messages.

How to enable Job Management API on the MFD

The option is available in the MFD Properties menu > Apps > Printing > Printing Web Services > Web Services:

 You need to enable both Job Management Extension and Allow Open Access to Job Information in order to make it work in Altalink without credentials. It will allow access to any request to JobManagement API called from localhost and it's totally independent from the Jobs app in the MFD.

 The setting available under Login/Permissions/Accounting > User Permissions > Non-logged-in User > Apps & Tools is actually just for the Jobs app which is in the device screen and it seems that actually enables somehow JobManagement API (probably because of depencencies).

Login without card

Change Prevent use of device when USB card reader is disconnect to No.

Creating color copy rule

 Color copy restriction rules documented below are used only when property XeroxAccessDefinitionMethod is set to LDAP and property enableXeroxAccessDefinition is set to Enabled. Rules for application restriction are created during SafeQ installation.

1) Restrict color copy for user with copy rights:Go to Properties > Login/Permissions/Accounting > User Permissions and then edit User Permission Roles. Then change tab to Logged-In Users.

a) Press Edit user mapping for  __EIP__Copy  and  __EIP__ID Card  Copy (application names are generated by MFD)

b) In tab choose Apps & tools and change Color copy to Not allowed

c) Press Apply and then Close

2) Create new rule for user with allowed color copy:

a) Press Add new Role. Fill role name (e.g. copycolor) and press Create.

b) In tab Assign Groups to Role into Find / Add Groups input copycolor and press Add. In list of Assigned Groups should be visible item copycolor.

 Inserted group name in this step has to be set to copycolor.

c)  In tab choose  Apps & tools  and then set all applications except Copy and ID Card Copy to Not Allowed. Copy and ID Card Copy should be set to Allowed if not.

d) Press Apply and then Close

Install Certificate Authority certificate

Go to Properties > Security > Certificates > Security Certificates.

Select tab Root/Intermediate Trusted Certificate(s).

Press Install Certificate.

Choose a certificate file path. Enter decryption password. Press Next and follow instructions to complete installation process.

Secured LDAP

 By default secured LDAP (without server certificate validation) is configured during installation of the device. You can disable it by enabling property internalLdapAllowNonsecureProtocol and manually disable secured LDAP on device. But you can allow an attacker to bypass access restrictions for operations on Xerox devices.