...
- How to change default Administrator password
- How to enable NTLMv2 (used for more secure authenication)
- How to enable LDAP (Tufts Directory)
- How to Configure Email SMTP (Scanning to Email)
- How to Enable Scan to SMB (Scaning to Network Shares/Q Drive)
- How to Create a Group Policy Object (GPO) for Mass Dployment of Copiers using a Windows-based Print Server
- Enable Scan to Home Directory (Requires authentication to copier using Active Directory)
- Scan to External Memory (USB)
- Secure Printing on Konica Minolta Copiers
Open Questions
- Can we bypass "Track Account" login to login as admin at the touch panel?
- Does sending e-mail require a scanner e-mail account?
- *Answer:*Currently since the Tufts SMTP server allows sending without authentication you do not need an account to configure the copiers to send email. However a best practice in the future would be to create a scanner service account (either a Trumpeter email account or a Exchange Account (disable interactive login) and enable SSL/TLS to ensure email traffic is encrypted on the Tufts network.
- Are there any documents stored locally during scan to usb, e-mail or network share?
- How to reset the admin password if it's lost, without resetting entire system?
- Answer: According to Konica Security Operations Manual, "If the Administrator Password is forgotten, it must be set again by the Service Engineer."
Untested Solution from Old Konica Minolta Copiers To reset the admin password:
1. Enter Service mode by pressing the Utility key then the Details button followed by pressing stop 0, 0, stop 0, 1.
2. Press stop, 0 then Clear to access the admin security mode. This will allow changing the admin password back to the default setting of
12345678 or it can be changed to a unique password
- Answer: According to Konica Security Operations Manual, "If the Administrator Password is forgotten, it must be set again by the Service Engineer."
- Can we use command-lines to deploy the driver silently?
- How do we program the department code into the printer driver?
- If you are scanning to a shared network drive, a proc account is required. What is the best practice for locking down a proc account?
- Scanners should have their own AD service account so that they
can be audited and the account can be disabled if compromised. - Service account should be denied Interactive Logon. (Can be done through GPO in a separate OU). This prevents service account from being able to log into local computers or through Remote Desktop Connection.
- Account should have least administrative privileges needed perform job. Only change access to folder it needs to scan to or list access to root directory if scanning to specific folder.
- Account should have complex password and set not to expire however password should be changed on all copiers in a cycle.
- Scanners should have their own AD service account so that they
...