The iPrint Appliance Configuration page displays the following options:
On the Mobile configuration page, you can configure email printing and default options for printers.
iPrint Appliance can be configured to accept print jobs through email messages and attachments. When configured for email printing, iPrint Appliance becomes a client to an email server. Email account inbox(es) are polled for incoming print jobs, which are routed to the intended printer. Email accounts must be created and functional prior to their association with Novell iPrint Appliance.
Enable email-based printing: Select this option to enable email printing. A global email address can be assigned for all printers. The global email address feature requires access to an email account such as GroupWise, Exchange, Lotus Notes, or Gmail.
The following fields are used by iPrint Appliance to describe and access the global email account:
Email address: Specify the full email address for global print jobs. iPrint Appliance polls the inbox of this email address looking for print jobs. When an email-based job arrives, the subject line is parsed to determine the printer to which the job is sent. For example, print@example.com.
Account Username: Specify the user name for iPrint Appliance to log in to the email server to access the global email account. For example, iprint.
Account Password: Specify the password for iPrint Appliance to log in to the email server to access the global email account.
Re-type Password: Confirm the account password.
Incoming Mail Server: Specify the address of the incoming mail server for the email account. For example, imap.example.com.
Incoming Server Type: iPrint Appliance supports POP and IMAP protocols to poll for incoming print jobs. Select POP or IMAP depending on the protocol that your email server supports.
Outgoing (SMTP) Mail Server: Specify the address of the outgoing mail server for the email account. For example, smtp.example.com. iPrint Appliance uses the SMTP protocol to send email back to users who submit email-based print jobs to report their job status. In order to support iPrint Appliance, the email server you select must support the SMTP protocol.
Enable Mail-body Printing: With email-based printing, attachments are always printed. This option allows the email message body to also be printed. It is enabled by default.
Polling Interval: Configures the interval (in seconds) at which emails are fetched from mail servers.
NOTE:Each instance of iPrint Mobile service must be configured with a unique email address, which cannot be shared with other instances of mobile service. Similarly, an email address used for a particular printer (per printer email configuration) cannot be shared for any other printer or mobile service.
Printer features managed by iPrint Appliance can be enabled and disabled. The fields in this section are the default values for newly added printers. As each printer is added, these values can be modified.
Paper Size: Select Letter or A4.
Orientation: Select between Landscape or Portrait printing orientation.
Enable Duplex Printing: Duplex printing allows automatic printing of a sheet of paper on both sides. Print devices without this capability can only print on a single side of paper (simplex printing).
Enable Color Printing: Color (or Colour) printing prints the documents in color, as opposed to monochrome (black and white) printing.
You can change the Drive Store post the initial configuration. The Driver Store Configuration page contains the following options:
Enable local driver store: Select this option to use the Driver Store located on the local machine
Enable remote driver store: Select this option to change the location of the Remote Driver Store. Specify the DNS Name/Address, Username (FDN format - for example, cn=admin,o=companyname), and the Password of the new Remote Driver Store, then click Save.
Changing from local to remote driver store or vice versa: After initial configuration, if you change the local driver store to remote driver or vice versa, you must again set the default driver for the local renderer.
The Printers page lists all printers currently managed by iPrint Appliance. You can enable a printer for AirPrint, Email printing, and IPP printing. Select a printer, click the AirPrint or Mobile drop-down menu, then click Enable. On enabling the printer for AirPrint, the printer is advertized as an AirPrint-enabled printer and also gets enabled for Mobile and Email Printing. On enabling the printer for mobile, you can print to that printer from your mobile devices or by using the email printing feature. The platform-specific associated drivers are also installed on enabling the printer for mobile.
You can also assign a specific email address to each printer by clicking the Configure drop-down menu, then clicking Private Email Settings. When configured for private email printing, iPrint Appliance becomes a client to an email server. You must provide the following information to enable a private email address for the printer:
|
Account |
|
|
Server |
|
NOTE:An email address used for a particular printer (per-printer email configuration) cannot be shared for any other printer or mobile service.
IMPORTANT:If you configure a printer for private email printing and then disable the printer for Mobile printing, the private email configuration settings are deleted. If you want to enable private email printing in future, you must specify the information manually.
You can rename a printer from the Printers page. Select a printer you want to rename, click the Configure menu, then click Rename Printer.
To refresh the printers list, click the Reload button in the upper right of the Available Printers window.
You can import printers into iPrint Appliance through a csv file. You must create a csv file, then upload the csv file into iPrint Appliance by clicking the Bulk Printer Upload button in the upper-right corner of the Available Printers window.
The csv file must contain the following fields:
PrinterName,PrinterIP,Location,Description,Win95_98_Driver,Winnt_Driver,Win2k_Driver,Winxp_Driver,Linux_Driver,Mac_Driver,Vista32_Driver,Vista64_Driver,Win732_Driver,Win764_Driver,Win832_Driver,Win864_Driver,Enable DirectPrinting,Secure Printing,Enable Auditing,LPR/RAW,Raw Port
In the secure printing, auditing, and direct printing fields, populate with the options Yes or No.
For more information on importing printers into iPrint Appliance through a csv file, see Section 5.4.3, Bulk Printer Import Using a CSV File.
The Renderers page allows you to download the remote renderer. The page also displays all renderers registered with iPrint Appliance, and allows you to add, delete, and activate/deactivate a renderer. For more information about installing and configuring a remote renderer, see Section 6.3, Installing and Configuring a Remote Renderer.
The Services page displays the system services that are required for iPrint Appliance.
To enable or disable a service, select a service on the page, click the Action drop-down menu, then click Start, Stop, or Restart.
To set the Startup Type of the services to Automatic or Manual, select a service on the page, click the Options drop-down menu, then click Set as Automatic or Set as Manual.
To refresh the information on the page, click Refresh List.
The Export Configuration page allows you to create a backup of the iPrint Appliance configuration. You can back up the configuration file of iPrint Appliance to protect against system or hard drive crashes. You can also use the backup to transfer the configuration to another iPrint Appliance, or to quickly restore iPrint Appliance.
On a Web browser, use either the DNS name or the IP Address to access the Management Console. For example, https://10.0.0.1:9443 or https://iprint.example.com:9443.
Ignore the security certificate warning, and continue to the iPrint Appliance Management Console.
Specify vaadmin or root as the user name.
Specify the password.
The Management Console page is displayed.
Click iPrint Appliance Configuration.
Under Administration, click Export Configuration.
Specify the eDirectory administrator Password, then click Export.
The iprintconfig.zip file is created. This is the backup file. The backup file contains the configuration information.
Any configuration change in iPrint Appliance takes at least 20 minutes to get updated to the configuration file. If you export the iPrint Appliance configuration file within 20 minutes of modifying the configuration settings, and then import the configuration file into another copy of iPrint Appliance, the changes are not captured. In this case, you might not be able to view the updated information in the iPrint Appliance. We recommend that you wait at least 20 minutes after the last configuration change before you export the configuration file.
To create an iPrint Appliance user account, you can synchronize initial user information from your network directory service (NetIQ eDirectory or Microsoft Active Directory service) after you have installed the iPrint Appliance software. Over time, you can continue to synchronize user information from the LDAP directory to your iPrint Appliance.
When you synchronize user information into iPrint Appliance from a source LDAP directory service, the entire Base DN on the source is imported into iPrint Appliance. For example, if you sync the context o=users from an LDAP source, the same o=users context is created in iPrint Appliance.
IMPORTANT:
iPrint Appliance performs one-way synchronization from the LDAP directory. If you change user information in iPrint Appliance, the changes are not synchronized back to your LDAP directory. It is recommended that you do not change synced LDAP user information on iPrint Appliance.
iPrint Appliance does not support multi-value attributes. If your LDAP directory contains multi-value attributes, iPrint Appliance recognizes only the first attribute. For example, if your LDAP directory contains multiple email addresses for a given user, only the first email address is synchronized to iPrint Appliance.
LDAP import does not sync user passwords to iPrint Appliance. Authentication requests from the mobile app are redirected to the defined LDAP source. If a user password is changed on the LDAP source, you do not need to update the same password on iPrint Appliance.
The LDAP source IP or DNS name must be always active for iPrint Appliance to authenticate users.
You can configure multiple LDAP connections. To create a new LDAP connection, click Add a New LDAP Source on the LDAP Import page.
For information on importing certificates into iPrint Appliance when using LDAP, see the knowledge base article: How to enable SSL to Teaming LDAP Synchronization and Authentication.
Each connection requires the following configuration information:
In order to synchronize initial user information, iPrint Appliance must access an LDAP server where your directory service is running. You must provide the hostname of the server, using a URL with the following format:
ldap://hostname
If the LDAP server requires a secure SSL connection, use the following format:
ldaps://hostname
If the LDAP server is configured with a default port number (389 for non-secure connections or 636 for secure SSL connections), the port number is not required in the URL. If the LDAP server uses a different port number, use the following format for the LDAP URL:
ldap://hostname:port_number ldaps://hostname:port_number
If the LDAP server requires a secure SSL connection, additional setup is required. You must import the root certificate for your LDAP directory into the Java KeyStore (JVM Certificates) from Management Tools > Appliance System Configuration > Digital Certificates on the iPrint server, before you configure iPrint Appliance for LDAP synchronization.
To sync users into iPrint Appliance, you must provide the user name and password of a user who has sufficient rights to access the user information on the LDAP server.
In your LDAP directory tree, you must provide the fully qualified, comma-delimited user name, along with its context, in the format expected by your directory service.
|
Directory Service |
Format for the User Name |
|---|---|
|
eDirectory |
cn=username,ou=organizational_unit,o=organization |
|
Active Directory |
cn=username,cn=organizational_unit,dc=domain_component |
The LDAP attribute that uniquely identifies a user or group helps facilitate renaming and moving iPrint users and groups in the LDAP directory. If this attribute is not set and you rename or move a user in the LDAP source directory, iPrint Appliance assumes that the new name (or the new location of the same name) represents a new user rather than a modified user, and creates a new iPrint Appliance user.
For example, you have an iPrint user with a given name of William Jones. If William changes his name to Bill and you make that change in the LDAP directory, iPrint Appliance creates a new user named Bill Jones.
To ensure that iPrint Appliance modifies the existing user instead of creating a new user when the user is renamed or moved in the LDAP directory, you must specify the name of the LDAP attribute that uniquely identifies the user. For eDirectory, this value is GUID. For Active Directory, this value is objectGUID. This attribute always has a unique value that does not change when you rename or move a user in the LDAP directory. If you want to map users to a different attribute, you must ensure that the attribute that you use is a binary attribute. For example, the cn attribute cannot be used because it is not a binary attribute.
The setting LDAP Attribute Used for iPrint Appliance User Name is used for two purposes:
The value is used as the iPrint Appliance user name when the user is first provisioned from LDAP. The value of this attribute must be unique.
During iPrint Appliance login, iPrint Appliance uses this attribute to locate the user in the LDAP directory, and then tries to authenticate as that user.
LDAP directories differ in the LDAP attribute used to identify a User object. Both eDirectory and Active Directory might use the cn (common name) attribute. A more sure alternative for Active Directory is to use the sAMAccountName attribute. Other LDAP directories might use the uid (unique ID) attribute, depending on the structure and configuration of the directory tree.
Consult with your directory administrator in order to determine the best attribute to use. In some cases where not all users are being imported successfully, you must set up two LDAP sources pointing to the same LDAP server and have each source use a different value for the LDAP Attribute Used for iPrint Name. For example, set up one LDAP source and use cn as the LDAP Attribute Used for iPrint Name, and then set up a separate source to the same LDAP server and use sAMAccountName as the LDAP Attribute Used for iPrint Name.
In addition to the attributes already mentioned in this section, other LDAP attributes can be used for the LDAP Attribute Used for iPrint Name, as long as the attribute is unique for each User object. For example, the mail LDAP attribute on User objects can be used to enable iPrint Appliance users to log in by using their email addresses.
iPrint Appliance can find and synchronize initial user information from User objects located in one or more containers in the LDAP directory tree. A container under which User objects are located is called a base DN (distinguished name). The format you use to specify a base DN depends on your directory service.
|
Directory Service |
Format for the User Container |
|---|---|
|
eDirectory |
ou=organizational_unit,o=organization |
|
Active Directory |
cn=organizational_unit,dc=domain_component |
To identify potential iPrint users, iPrint Appliance by default filters on the following LDAP directory object attributes:
Person
orgPerson
inetOrgPerson
If you want to create iPrint groups based on information in your LDAP directory, iPrint Appliance filters on the following LDAP directory object attributes:
group
groupOfNames
groupOfUniqueNames
You can add attributes to the user or group filter list if necessary. You can use the following operators in the filter:
| OR (the default)
& AND
! NOT
You can choose whether you want iPrint Appliance to search for users (and optionally, groups) in containers below the base DN (that is, in subtrees).
You can create a group that consists of all the users that you want to set up in iPrint Appliance, regardless of where they are located in your LDAP directory. After you create the group, you can use the following filter to search for User objects that have the specified group membership attribute:
(groupMembership=cn=group_name,ou=organizational_unit,o=organization)
IMPORTANT:Ensure that you include parentheses in your filter.
Synchronization options apply to all LDAP configurations.
Select Enable schedule, then set the schedule to synchronize users and groups. You can perform LDAP synchronization every day, or on specific days of the week. You can also perform a sync once a day at a specified time, or multiple times each day. The smallest time interval you can set is .25 hours (every 15 minutes).
To synchronize users and groups immediately, select Run Immediately.
NOTE:If you want to delete users that are synced from a particular LDAP source, you must delete the LDAP source connection then run an LDAP sync. When you delete an LDAP source, the users and groups from that context are deleted while the context itself is retained.
The License page displays information about your current iPrint license, including the date it was issued and the number of days from the issue date that the license is valid.
iPrint ships with a 60-day evaluation license. You must update this license to a full product license.
You can obtain a new valid license key from the Novell Customer Center (NCC).
You can access the License page of iPrint Appliance by using the Management Console.
On a Web browser, specify either the DNS name or the IP address of iPrint Appliance. For example, https://10.0.0.1:9443 or https://iprint.example.com:9443.
Log in using vaadmin or root credentials.
Click the iPrint Appliance Configuration icon.
Under Administration, click License.
The License page displays the license details of the iPrint Appliance.
To update your iPrint Appliance license:
On the License page, browse and select a valid license (.xml) file to upload.
Click Upload.
IMPORTANT:If you are running multiple copies of iPrint Appliance, you must update the license for each copy of iPrint Appliance individually.
After copying the license file, iPrint Appliance is updated. Restarting the services is not required.