Configure the Embedded Authentication Properties

Configure the card reader settings and login method that will be applied to and displayed on the device.

  1. Click [Configuration] → [Streamline NX Embedded Settings] → [Embedded Authentication].

  2. Click [Add].

  3. Enter the Configuration Name and its description.

  4. Click the [Card Reader] menu and specify whether or not to use a card reader, and the type of card reader to be used.

  5. Click the [Login Screen] menu and select the login screen to be displayed on the device.

  6. Click the [Prioritized Application] menu and select the screen to be displayed after the user logs in.

  7. Configure other items as necessary. For details about the setting items, refer to the table below.

  8. Click [Save] when the settings are complete.

When connecting a card reader to a device with the Smart Operation Panel that operates only in Smart Operation mode, connect it to the USB port on the operation panel. When connecting to a device with the Smart Operation Panel that operates in both Standard and Smart Operation modes, connect it to the USB port on the device.

[Authentication and Accounting] tab

Item

Description

Configuration Name

Enter the name of the setting.

Description

Enter the description of the setting.

Individual- Auth-less Scan Mode

Specify whether to enable Individual-Auth-less Scan Mode. When enabled, user authentication is not necessary for users to use devices.

It is necessary to configure [Guest Login] settings in [Login Method].

[SLNX Scan auto reset timer]: Specify whether to use the scanner auto reset timer. The time-out period can be set between 10 to 999 seconds. The default is 60 seconds.

When Individual-Auth-less Scan Mode is enabled, [Prioritized Application] is set to [SLNX Scan], and the following settings are disabled: [Card Reader], [Auto Logout Timer], [Login Screen], [Prioritized Application], [Default Authentication Profile] and [PIN Login] for [Login Method], [Cost Center Label Level 1], [Cost Center Label Level 2]

Card Reader

Select the type of supported card reader.

  • [No Card Reader]

  • [Keyboard-emulation Reader]

  • [Smartcard reader]: When this option is selected, a checkbox for "Use only Kerberos authentication" becomes available. Check this option to enforce Kerberos authentication at the MFP. The user can swipe their card to login, and the system will defer to Kerberos to authenticate. If there is no Kerberos profile associated with the card, authentication will fail and the user is notified. A Kerberos authentication profile must be configured in Setup Kerberos Authentication Profile.

The default is [No Card Reader].

Refer to Card Reader Settings below for additional information.

Auto Logout Timer

Specify whether or not to enable Auto Logout Time.

If no operations are performed for the specified period of time, the user is automatically logged out, and the device returns to the login screen. Specify the period from the following range: 1–60 second(s)

The default is 30 seconds.

Login Screen

Specify whether to use the default login screen or the custom login screen.

Prioritized Application

Select the screen to be displayed after the login screen.

Login Method

Specify the default authentication profile and the login method.

  • [Default Authentication Profile]: Specify the default authentication profile when a user logs in to the device using manual login.

  • [PIN Login]: Specify whether or not to enable login by entering a user PIN.

  • [Guest Login]: Specify whether or not to enable login by using a guest account.

When [Guest Login] is enabled, configure [Guest User] and [Guest Prioritized Application].

The users associated with OpenID Connect authentication profile cannot be selected in [Guest User] selection window.

Enable Local User Cache

Specify whether or not to enable the Local User Cache function. When this check box is selected, the user information is cached on the hard disk drive of the devices and used if the connection to the authentication server cannot be established.

Configure the expiration time of the user information that is cached on the device.

  • [Expire]: Specify whether or not to set an expiration period.

  • [Expiration Time]: Specify the expiration time between 1 and 999 day(s). The default is 30 days.

Enable Administrator Cache

Specify whether to enable the administrator cache.

When this check box is selected, the information of the users with administrator privileges is cached on the hard disk of the devices and used if the connection to the authentication server cannot be established.

Configure the expiration time of the user information that is cached on the device.

  • [Expire]: Specify whether to set an expiration period.

  • [Expiration Time]: Specify the expiration time between 1 and 999 day(s). The default is 30 days.

Direct Print

Configure the Direct Print function.

  • [Allow device direct print]: Specify whether or not to allow the use of Direct Print.

  • [Accept anonymous user]: Specify whether or not to allow an anonymous user to perform printing.

If the device fails to log in to the Delegation Server using the user name, it tries using the alias name. If you do not want to login using an alias name, do not configure an alias user name.

Laser printers do not support printing using the [Accept anonymous user] option. To accept an anonymous user's print jobs when using a laser printer, configure print job authentication for the laser printer. For details, search about laser printer in Server Limitations.

Cost Center Label Level 1

Specify the label of Cost Center Level 1 to be displayed on the screen of the device.

Cost Center Label Level 2

Specify the label of Cost Center Level 2 to be displayed on the screen of the device.

Default Language

Specify the default language to be displayed on the screen of the device when the user logs in.

This setting is effective for Smart Operation Panel only.

If the selected language is not installed on the device, English is used as the default language.
Print size details in reports for Wide-Format devices If you enable this option, the embedded client collects paper width and height from Wide Format devices and transmits to the server for storage and reporting. This setting has no impact on non-Wide Format devices.

 

Card Reader Settings

When [PCSC Compliant Reader (Standard)] is selected, press the [Card Reader Settings] button and configure the card reader settings.

  • Card Configuration

    Enter the data to be passed to the card manager.

  • Log Level

    Specify the type of log to be reported to the card manager.

  • CRL Check

    Select to use the Certificate Revocation List (CRL) identified by the certificate to verify the validity of the certificate.

    The size of the Certificate Revocation List (CRL) should be 1 MB or smaller.

When [Keyboard-emulation Reader] is selected, the RICOH Streamline NX system checks whether the card reader is connected correctly to the devices and displays a warning message in the task log. The checking process operates when a configuration task is executed on the target device. This function is available when Streamline NX Embedded Applications for devices with the Smart Operation Panel that operates only in Smart Operation mode (Type Smart) are installed.

The card readers other than those listed below must be registered using [Card Reader Settings].

Vendor ID

Product ID

0x0c27

0x3bfa

0x0c27

0x3cfa

0x0c27

0x1000

0x0413

0x2003

0x13ad

0x9caa

0x0ce8

0x003b

0x1130

0x0001

[PCSC Compliant Reader (Standard)] is not available when the CAC-PIV license is activated and available for devices with the Smart Operation Panel. When the device is a laser printer, a model released before 2012*, or a wide-format or long length device, [PCSC Compliant Reader (Standard)] is unavailable.

To check when a device was produced, contact the local Ricoh operating company.