Your print system is designed to take full advantage of eDirectoryTM. You receive all the benefits of eDirectory security and ease of management provided by the industry's most advanced and robust directory service. The Access Control feature lets you specify the access that each User, Group, or Container object will have to your printing resources.
Access control roles are mutually exclusive, even though the same individual might need to perform tasks reserved for different roles. For example, only printer managers can add or delete printer operators or printer Users. In a similar way, managers and operators must also be designated as users for a printer before they can submit print jobs to it.
In actual implementation, the defaults prevent most problems that might occur from these distinctions. For example, a manager is automatically designated an operator and user as well, while an operator of a printer is automatically designated a user of that printer also. You cannot remove the user role from an operator, and you cannot remove the operator and user roles from a manager.
The creator of an object is automatically granted privileges for all available roles for the type of object being created.
The following sections illustrate some of the security issues and features you might find useful as you plan your print system setup:
Printer security is ensured through the assignment of the manager, operator, and user access control roles and by the strategic placement of your printers and printer configurations.
You can assign multiple Printer objects to represent a single Printer Agent. You can then make different access control assignments to each Printer object. This can be an especially useful option if you want to allow users in different containers to use the same printer, because each group of users can be given different rights to the printer.
The following sections discuss security options for printers in more detail:
Different User, Group, or container objects can have different access rights to the same printer. For example, if you want only certain users to be able to send jobs to a particular printer, you can specify which users should have access and what access roles each will have.
The following table describes the rights and privileges associated with each of the printer access control roles.
Different User, Group, or Container objects can have different access rights to the same printer. For example, if you want only certain users to be able to send jobs to a particular printer, you can specify which users should have access and what access roles each will be given.
In Novell iManager, click iPrint > Manage Printer.
Browse to and select the printer you want to enable Access Control for.
Click the Access Control tab.
Add or delete Users, Groups, or Container objects to the different access control roles.
Click OK.
Depending on your organization's needs, the network administrator can attach printers directly to NetWare® servers or to the network. Both types of setup can provide security and administrative advantages. The ideal combination for each installation is different and will change as needs change. Be sure to consider the advantages of each approach when you set up your network.
Connecting the printer to the server places the two resources in close proximity to each other. If the server is in a secure location, this means that the printer is locked up with the server. This might be an advantage. For example, your company might use that printer to print confidential documents. Having the printer in a secure location protects these documents.
Because most printers are already networkenabled, the most common type of network setup includes printers attached directly to the network. This allows the printer to be placed in a convenient location for all users and places it away from the server for security reasons; users who use the printer normally will not have access to the server console. Security is still maintained by requiring users to use a password to log in to the network before they can use the printer.
iPrint Manager security is ensured through the assignment of the manager access control role.
The only access control role available for the iPrint Manager is that of manager. The following table explains the tasks performed by the manager role.
In Novell iManager, click iPrint > Manage Print Manager.
Browse to and select the iPrint Manager you want to enable access control for.
Click the Access Control tab.
Add or delete Users, Groups, or containers to the manager role.
Click OK.
The iPrint Driver Store security is ensured through the assignment of the manager access control role.
The access control roles available to the iPrint Driver Store are manager and public access user. The following table explains these roles.
In Novell iManager, click iPrint > Manage Driver Store.
Browse to and select the Driver Store you want to enable access control for.
Click the Access Control tab.
Add or delete Users, Groups, or Containers to the manager role.
Click OK.