User GuideIM 550/600 series

Administrator Tools (System Settings)

This section describes the settings in the [Administrator Tools] tab under [System Settings].

How to Use the "Settings"

Setting Items

Description

Address Book: Change Order

Change the order of destinations and users registered in the Address Book.

You can rearrange the order of destinations and names on the same title, but they cannot be moved across different titles. For example, you cannot move the user "Planning division" registered on the title "Regular Use" to the title "P".

Print Address Book: Destination List

You can print destination lists registered in the Address Book for each title. You can print the group list.

Address Book: Edit Title

You can edit the title text in the Address Book.

Address Book: Switch Title

Specify the type of the titles displayed in the Address Book You can select [Title 1], [Title 2], or [Title 3].

  • Default: [Title 1]

Backup/Restore: User Custom Settings & Address Book

You can back up the machine's Address Book and also restore those backup data to the machine using an SD card.

To install the SD card, insert it into the slot 2 (lower slot) on the back of this machine.

For details about installing and removing the SD card, see Installing SD Card Options.

Restoring data overwrites Address Book data stored on the machine. It clears the counter of each registered user of the machine.

Data Carry-over Setting for Address Book Auto-program

This is a user tool to register the user, who is logged in to the machine with the Windows Authentication or LDAP Authentication, in the Address Book automatically. You can specify whether to quote the information that is not registered automatically from the users registered in the Address Book. To quote, specify the registration number of the user.

  • Default: [Do not Carry-over]

Managing the User Information Registered Automatically

Auto Delete User in Address Book

This is a user tool to register the user, who is logged in to the machine with the Windows Authentication or LDAP Authentication, in the Address Book automatically. You can specify whether to delete the oldest account and register a new account automatically when the maximum registerable limit in the Address Book has been reached.

  • Default: [Off]

Delete All Data in Address Book

(Permissions: User Administrator)

Delete all data in the Address Book.

Conditions to Search Address Book/LDAP

Specify the default settings for conditions of a search word when you search the name or destination in the Address Book or LDAP Server.

You can select [Beginning Word], [End Word], [Exact Match], [Include one Word], [Exclude Words], or [Fuzzy Search] (LDAP Server only).

  • Default: [Include one Word]

Display / Print Counter

View and print the counter for each function.

Display / Clear / Print Counter per User

View and print the function counter per user. You can clear the counter value.

Confirming the Counter for Each User

Display / Clear Eco-friendly Counter

View and clear Eco-friendly Counter of the machine. When you specify User Code Authentication or do not specify User Authentication on the machine, the Information screen is displayed based on the counter.

Display / Clear Eco-friendly Counter per User

View and clear Eco-friendly Counter of all users.

When you specify Basic Authentication, Windows Authentication, or LDAP Authentication on the machine, the Information screen is displayed based on the counter.

Eco-friendly Counter Period / Administrator Message

Specify the count period of the eco-friendly counter or the displayed contents on the Information screen.

Default setting is not to display the Information screen.

Checking the Resource Saving Status with Eco-friendly Counter

Machine action when limit is reached

Specify whether to continue printing when Print Volume Use reaches the limit.

  • Default: [Allow Continue Use]

Specifying Maximum Print Volume Use of Each User

Print Volume Use Limitation: Unit Count Setting

Specify the function and count to limit the print volume use.

Print Volum. Use Limit.: Default Limit Value

Specify the limit value of the Print Volume Use.

Specifying Maximum Print Volume Use of Each User

Enhanced Print Volume Use Limitation

This is a user tool to limit the maximum print volume use using the SDK application. You can specify the following two items:

  • Whether to notify the tracking information from the machine to the SDK application

  • Whether to stop printing using the SDK application

  • Default: [Off]

Media Slot Use

Specify "Store to Memory Device" to [Prohibit] to prohibit the scanned data from being saved in an external media.

Specify "Print from Memory Storage Device" to [Prohibit] to prohibit documents saved in an external media from being printed.

  • Default

    • Store to Memory Device: [Allow]

    • Print from Memory Storage Device: [Allow]

Preventing Information Leaks from the Media Slot

User Authentication Management

Specify the authentication method to authenticate the user. When you specify the authentication, you can limit the functions to use or the access to the Address Book or stored files.

You can select [User Code Auth.], [Basic Auth.], [Windows Auth.], or [LDAP Auth.].

  • Default: [Off]

Verifying Users to Operate the Machine (User Authentication)

Application Authentication Management

This is a user tool when the authentication is set to On under [User Authentication Management]. Specify the authentication for each application.

  • Default: [On]

Enhanced Authentication Management

Specify whether to authenticate the user using the Ricoh IC card or Felica. You cannot use this for User Code Authentication.

  • Default: [Off]

Administrator Authentication Management

Program / Change Administrator

Specify whether an administrator manages the settings of the machine. Register the user name and password of the administrator to prevent the settings changed by the user other than the administrator.

You can manage four categories: user management, machine management, network management, and file management.

Registering Administrators Before Using the Machine

External Charge Unit Management

Specify whether to limit the user for each function with the key card.

  • Default: [Off]

Enhanced External Charge Unit Management

Specify the external charge unit used with the SDK application.

Extended Security

Specify to encrypt transmitted data of the machine and data in the Address Book.

Specifying the Extended Security Functions

Auto Delete File in Document Server

Specify whether to delete the files stored the Document Server automatically. To delete the stored files automatically, specify a number of days and hours to delete after they are stored.

  • Default: [Specify Days]: [3 day(s)]

Changing the Storage Period of Document Server or Specifying an Indefinite Period

Delete All Files in Document Server

Delete all files stored in the Document Server.

Files stored with passwords are also deleted.

Program / Change / Delete LDAP Server

You can register up to five settings for the LDAP Server.

Programming the LDAP Server

LDAP Search

Specify whether to use the LDAP server for searching destinations or users.

  • Default: [Off]

Main Power On by Remote Operation

Turn the main power of the machine On using the Wake-On-Lan on the computer on a network.

  • Default: [Inactive]

Service Test Call

Make a test call to the RICOH @Remote center server (RICOH Gateway).

This function is available when the RICOH @Remote is used.

Notify Machine Status

Send notification of the machine's status to the RICOH @Remote center server (RICOH Gateway).

This function is available when the RICOH @Remote is used.

Service Mode Lock

Specify whether to lock the machine changing to Service Mode when a customer engineer performs maintenance and repair.

  • Default: [Off]

Restricting Operations of the Customer Engineer without the Supervision of the Machine Administrator

Firmware Version

Display the version of the software installed in the machine.

Network Security Level

Specify the level of the Network Security and adjust the security level. You can select [Level 0], [Level 1], [Level 2], [FIPS140], or [Custom].

Access Control

Auto Erase Memory Setting

Specify whether to erase files printed on the printer driver or image of the scanned original for each job automatically.

  • Default: [Off]

Encrypting Data to Prevent Data Leaks Caused by a Stolen or Disposed Machine

Erase All Memory

Delete all data stored in the machine.

Delete All Logs

Delete all logs stored in the machine.

Transfer Log Setting

This is a user tool to disable the log transfer settings that can be enabled on the Collect Logs server. To disable the log transfer settings, specify [Off].

Collecting Logs

Detect Data Security for Copying

Specify whether to display in gray tone when scanning the original with the data security for copying in the Copy or Scanner function or storing it in the document server.

  • Default: [Off]

Unauthorized Copy Prevention Printing: Copier

Unauthorized Copy Prevention Printing: Document Server

Unauthorized Copy Prevention Printing: Printer

Specify whether to use the Data Security for Copying or Unauthorized Copy Prevention for Pattern for each function when printing on the machine.

[Data Security for Copying] is to cover images in the document with gray overprint when the printed document is scanned or stored in the document server using a Copier or MFP with the optional Data Security for Copying module installed.

[Unauthorized Copy Prevention for Pattern] is to print a text pattern on the background of the document to prevent illegal copying. When you scan or store the printed document, the embedded text and pattern appear on the copied pages for preventing unauthorized copy. You can specify the text, font, size, angle, position, and pattern to embed.

  • Default: [Off]

Fixed USB Port

This is a user tool to specify when you use the same machines as this machine. When you use the machine as a printer using the USB connection, you do not need to re-install the printer driver. To use this function, specify [Level 1].

  • Default: [Off]

Program / Change / Delete Realm

Program the realm to be used for Kerberos authentication. Be sure to specify both the "Realm Name" and "KDC Server Name" when programming a realm.

Programming the Realm

Machine Data Encryption Settings

Specify whether to encrypt the Address Book, Authentication Information, and Store Files stored in the machine.

Encrypting Data to Prevent Data Leaks Caused by a Stolen or Disposed Machine

Program / Change / Delete Remote Machine

You can link this machine with other Fax devices at maximum of six. Specify their IP addresses and host names of the linked devices.

Overview of the Remote Fax Function

Program / Delete Device Certificate

Program or delete a device certificate.

Encrypting Network Communication

Device Setting Information: Import Setting (Server)

Device Setting Information: Run Import (Server)

Device Setting Information: Export (Memry Strge Devc)

Device Setting Information: Import (Memry Strge Devc)

You can export the machine's device information to an external device as a device setting information file, or import the exported device setting information file to the machine to restore the previous settings.

Importing or Exporting the Device Setting Information

PDF File Type: PDF/A Fixed

Specify the PDF file format to PDF/A only that can be stored for a long time.

  • Default: [Off]

Stop Key to Suspend Print Job

Specify the job range to stop when you press [Stop].

  • All Jobs

    When you press [Stop], the dialog is displayed to stop all job.

    While the dialog is displayed, newly received jobs are not yet printed, making it possible to stop printing jobs just after being sent from the computer.

  • All Jobs Being Executed

    Stop all jobs on the machine. Jobs received after pressing [Stop] are not stopped.

  • Only Job Being Operated

    Stop the jobs for the functions displayed on the control panel

  • Default: [All Jobs]

Energy Saver Key to Change Mode

Specify which mode the machine enters when [Energy Save] is pressed.

  • Default: [Sleep Mode]

Compulsory Security Stamp: Copier

Compulsory Security Stamp: Doc. Srvr.

Compulsory Security Stamp: Fax

Compulsory Security Stamp: Printer

Specify whether to print the user and device information for each function when a file is output using the Copier, Document Server, Fax, or Printer function. Available stamps are Date/Time, Printout User Name, Machine ID, and Machine IP Address. You can adjust the stamp position.

  • Default: [Off]

Volume Use Counter: Scheduled/Specified Reset Settings

Specify whether to reset the Volume Use Counter periodically.

  • Default: [Off]

Specifying Maximum Print Volume Use of Each User

Collect Logs

Specify whether to activate the collection of Job Log, Access Log, and Eco-friendly Logs

  • Default: [Inactive]

Collecting Logs

HDD Authentication Code

Enter the Authentication code of the hard disk of the machine within the range of 8 to 32 characters.

Central Management

This is the setting to share the address book information among devices. Devices are specified as a [Management Server] and [Managed Client] and the address book information of the server device is shared with the client devices.

  • Management Server

    To use the machine as a Management Server, specify the password for central management in [Central Management Password]. Use to specify the server on the device that functions as a client.

  • Managed Client

    When you use the machine as a client, enter the IP address of the Management Server, Host Name, and Central Management Password. Also, specify whether to permit the login to the machine when it is not connected to the Management Server.

  • Default: [Do not Manage Centrally]

When you use the machine as a client device, you cannot specify the settings on the Address Book of the machine or register an administrator. Specify them on the Address Book of the server device.

Shift to Main Power Off When Netwrk Discon

RegionA icon (mainly Europe)

Specify whether to switch to Off mode if all Ethernet connections, USB2.0 connections, and fax traffic are disconnected for more than two hours.

  • Default: [On]

Document Server Function

Specify whether to use the Document Server function. When you specify [Off], you cannot store files sent from the printer driver.

  • Default: [On]

Default Privilege for Stored File

Specify the default settings of the access privileges for the files stored in the document server

  • Default: [Read-only]

Specifying Access Privileges for Documents Stored in Document Server

Display IP Address

Specify whether to display the IPv4 Address and Host Name of the machine on the system bar.

  • Default: [Do not Display]

Ready State After Printing

Specify the state to which the machine returns after printing documents during Sleep Mode.

  • Default: [Cntrl Panel Off (EngySavg)]

Energy Saver Mode to Disable Print Server

Specify whether to enable or disable Energy Saver mode when using the USB device server. When the machine is in Energy Saver mode, a print server is not supplied with the power source and you cannot print.

  • Default: [Enable Mode]

Silent Mode

Specify whether to enable Silent mode for the machine.

When this function is enabled, you can minimize operational sounds by reducing the productivity of each function. Enable Silent Mode if you prefer quietness over productivity.

  • Default: [Off]

CCC: Save Standard Values

CCC: Apply Standard Values

Store or reflect the Device Settings (reference value) for the International Evaluation Regulations for Information Security (CC Authentication) in the hard disk of the machine.

When you change the settings for maintenance of the machine, backup and restore the settings before and after maintenance, and the device settings to satisfy the CC Authentication standards can be kept.

Auto Discovery

Specify whether to collect the status information of the device that does not support RICOH @Remote on a network and to send it to the RICOH @Remote server together with the information of the machine. When you specify the transmission active, specify the timing and SNMP Communication Name.

  • Default: [Inactive]

Restrict Functions of Each Application

Specify the restriction of Copy, Document Server, Scanner, and Printer functions. You can restrict the following items:

  • Specifying the scan color to Full Color, Gray Scale, or Black & White

  • Specifying the scan to Limit to Auto Color Selection

  • Specifying the destination of the Scanner function to e-mail or folder

You can specify not to use an application.

Allow Logout during Scanning

Specify whether to permit logout on the control panel during scanning the original in Copy function.

  • Default: [Prohibit]

Switch Screen Type

(This setting item is available on machines with RICOH Always Current Technology v1.1 or later installed.)

Select the screen layout of the Settings screen as [Classic] or [Standard]. The same setting items can be specified on both screen types.

  • Default: [Standard]

Note

  • If [Managed Client] is specified for [Central Management], the following settings are not available:

    • Address Book Management

    • Address Book: Program / Change / Delete Group

    • Address Book: Change Order

    • Address Book: Edit Title

    • Backup/Restore: User Custom Settings & Address Book

    • Delete All Data in Address Book

    • Program / Change Administrator

  • If you forward received fax documents while the Address Book is being updated using Central Address Book Management function, documents may be forwarded to an unintended destination.

  • Transferring Received Fax Documents to Another Fax Destination

Specifying the Extended Security Functions

This section describes the settings displayed in [Administrator Tools] tab [Extended Security]. You can encrypt transmitted data and data in the Address Book. An administrator who can changes the settings depends on the user tool.

Setting Items

Description

Driver Encryption Key

(Permissions: Network Administrator)

Specify a text string to decrypt login passwords or file passwords sent from each driver when user authentication is specified to ON.

Register the encryption key specified using the machine in the driver.

Driver Encryption Key: Encryption Strength

(Permissions: Network Administrator)

Specify encryption strength for sending jobs from the driver to the machine. The machine confirms the encryption strength of the password appended to a job and processes it.

  • All jobs that are verified by [Simple Encryption] or user authentication are accepted.

  • [DES]

    Jobs encrypted with DES or AES are accepted.

  • [AES]

    Jobs encrypted with AES are accepted.

When you select [AES] or [DES], specify the encryption settings using the printer driver. For details about the settings of the printer driver, see the printer driver Help.

  • Default: [Simple Encryption]

Restrict Display of User Information

(Permissions: Machine Administrator)

Specify when user authentication is enabled. Specify whether to display all personal information hidden to confirm the job history using a network connection for which authentication is not provided. For example, the job history of Web Image Monitor is displayed as "********".

  • Default: [Off]

Enhance File Protection

(Permissions: File Administrator)

Specify whether to lock the files to be inaccessible if an invalid password is entered ten times. This can protect files from unauthorized access attempts to release the password using random passwords.

If the Enhance File Protection function is specified, the icon (Operation panel screen illustration) appears at the bottom left of the screen.

When files are locked, it is not possible to select them even if the correct password is entered. Unlocking by the file administrator is required.

  • Default: [Off]

Restrict Use of Destinations (Fax)

Restrict Use of Destinations (Scanner)

(Permissions: User Administrator)

Specify whether to limit the available fax and scanner destinations to the destinations registered in the Address Book and searched with the LDAP Search function.

When you specify the setting to receive e-mails via SMTP using the Fax function, you cannot use this function.

  • Default: [Off]

Restrict Adding of User Destinations (Fax)

Restrict Adding of User Destinations (Scanner)

(Permissions: User Administrator)

These are the settings when you do not use "Restrict Use of Destinations". Specify whether to restrict adding of user destinations entered directly in the Address Book. You can send e-mail to the destination entered directly.

  • Default: [Off]

Transfer to Fax Receiver

(Permissions: Machine Administrator)

Specify whether to prohibit the use of forwarding or transferring function of the Fax function.

  • Default: [Do not Prohibit]

Transferring Received Fax Documents to Another Fax Destination

Authenticate Current Job

(Permissions: Machine Administrator)

This is a user tool when Basic Authentication, Windows Authentication, or LDAP Authentication is used. Specify whether authentication is required for operations such as interrupting jobs under the Copy function or canceling jobs under the Printer function.

When you specify [Login Privilege], authorized users who have the privilege to use the current function can operate the job.

When you specify [Access Privilege], users who execute the job and the machine administrator can operate the job.

  • Default: [Off]

@Remote Service

(Permissions: Machine Administrator)

Specify how to use the @Remote Service.

If it is specified to [Prohibit Some Services], it becomes impossible to change settings via a remote connection from the center, providing optimally secure operation.

  • Default: [Do not Prohibit]

Update Firmware

(Permissions: Machine Administrator)

Specify whether to prohibit firmware updates on the machine by a service representative or via the network.

  • Default: [Do not Prohibit]

Change Firmware Structure

(Permissions: Machine Administrator)

Specify whether to prevent changes in the machine's firmware structure without confirmation by the machine administrator.

When you specify [Prohibit] and the machine detects the structure change, the machine starts after authenticated by the machine administrator. As the new firmware version is displayed on the screen, the administrator can confirm whether the updated structure change is permissible or not.

  • Default: [Do not Prohibit]

Password Policy

(Permissions: User Administrator)

When Basic authentication is used, specify whether to limit the text and the number of characters for users' passwords.

Specify a password using a combination of 2 or more types of characters for [Level 1] and 3 or more types of characters for [Level 2] selected from the types described below.

  • Upper-case letters, lower-case letters, decimal numbers, and symbols such as #

You can specify passwords that meet the conditions specified in complexity and minimum character number.

  • Default: [Off]

Settings by SNMPv1, v2

(Permissions: Network Administrator)

Specify whether to prohibit setting change on the machine by SNMPv1/v2 protocol. You can change the machine configuration without Administrator Privileges because authentication cannot be performed by SNMPv1/v2 protocol, but if you specify [Prohibit], you can prevent the change that is not intended by the administrator.

  • Default: [Do not Prohibit]

Security Setting for Access Violation

(Permissions: Machine Administrator)

Specify whether to prevent the incorrect lockout caused by the network environment.

When you log in to the machine via a network application, a user may be locked out by mistake because the number of authentication attempts by the user does not match the number of the attempts specified on the machine. For example, access may be denied when a print job for multiple sets of pages is sent from an application. In this case, specify the setting to On, and control the lockout by period but not by counts.

When you specify [On], you can specify the period to deny the continuous accesses by a user (0 to 60 minutes). You can also specify how many user accounts or passwords can be managed (50 to 200) and the monitoring interval (1 to 10 seconds).

  • Default: [Off]

Password Entry Violation

(Permissions: Machine Administrator)

Specify the standards that the system recognizes the access as a password attack. If the number of authentication requests exceeds the number specified by the setting, the access is recorded in the Access Log and the log data is sent to the machine administrator by e-mail.

You can specify Maximum Allowed Number of Access up to 100 and Measurement Time up to 10 seconds. If the Maximum Allowed Number of Access is set to "0", password attacks are not detected.

  • Default

    • Maximum Allowed Number of Access: [30 time(s)]

    • Measurement Time: [5 second(s)]

If you receive violation detection e-mails frequently, check the content and review the setting values.

Device Access Violation

(Permissions: Machine Administrator)

Specify the standards that the system recognizes the access as an access violation. If the number of login requests exceeds the number specified by the setting, the access is recorded in the Access Log and the log data is sent to the machine administrator by e-mail. Also, a message is displayed on the control panel and on Web Image Monitor.

You can specify Maximum Allowed Number of Access up to 500 and Measurement Time up to 10 to 30 seconds. If the Maximum Allowed Number of Access is set to "0", access violations are not detected.

Also, you can specify response delay time for login requests when an access violation is detected (Authentication Delay Time) or the number of acceptable authentication attempts (Simultaneous Access Host Limit).

  • Default

    • Maximum Allowed Number of Access: [100 time(s)]

    • Measurement Time: [10 second(s)]

    • Authentication Delay Time: [3 second(s)]

    • Simultaneous Access Host Limit: [200]

If you receive violation detection e-mails frequently, check the content and review the setting values.