There are many ways to set up an organization. The setup depends on how your company operates and in the case of channel partners, how their customers operate their business.
Consider these factors when managing an organization:
What printer models will be used?
Are they all Lexmark models?
Will third-party printers be used?
Will a firewall or proxy server be used?
What enrollment agents do you plan to use?
What functions will each user perform as an administrator and as a user?
Will identity federation be used?
What embedded applications will be used on the printers?
Will users need to authenticate at the printer? If yes, how do they plan to authenticate?
Will Cloud Print Management be used?
What print management policies will need to be configured?
How will the user submit print jobs?
What submission clients will be used?
For channel partners, there are more factors to consider. If you plan to use child organizations, then the answer to each of these questions will help determine the user accounts required in the child organization, if any.
Will users in the channel partner organization need access to child organizations?
Who will perform the ongoing management of users in the child organization?
Will Cloud Print Management be used in the child organization?
Will the channel partner or someone from the end customer manage Cloud Print Management for the child organization?
The Account Management dashboard is the landing page of the Account Management portal. The Account Management portal lets you manage organizational settings, create and manage users, assign user roles, and create child organizations under channel partner organizations. What can be seen depends upon the roles of the user.
The following is a sample Account Management dashboard for a user with the Organization Administrator or User Administrator role.
Organization
Users
Groups
Applications
The following is a sample Account Management dashboard for a user with the Organization Administrator or User Administrator role, and the Partner Administrator role.
Organization
Users
Groups
Applications
Child Organizations
The Account Management dashboard provides access to the following:
The Organization menu, which provides links to the following:
The Account Management dashboard
The Organization Roles page—Lets you select a set of roles that are automatically assigned to all users in the organization
The Authentication Provider page—The setup for federated identity management
Child organizations—Lets you view child organizations defined under the partner organization.
Printer Login Configuration
The Users card and menu:
Shows the list of user accounts in the organization
Lets you create new user roles and modify existing ones
The Groups card and tab:
Shows the list of user groups in the organization
The Applications tab:
Shows the list of installed applications that provide authentication credentials for devices without user credentials, such as Fleet Management Printer Agent and Cloud Print Management
The Child organizations card:
Shows the list of child organizations under an organization.
The Organization menu provides quick access to various organizational settings and information.
The Organization menu contains the following:
Organization Information—A link to the Account Management dashboard, which provides links to the user and group management pages
Organization Roles—Lets you select a set of roles that are automatically assigned to all users in the organization
Authentication Provider—The setup for federated identity management
Child Organizations—Lets you view child organizations defined under the partner organization
Printer Login Configuration—Defines the user authentication modes allowed at printers
For more information, see Managing printer logins.
You must configure the authentication process for users who log in at the printer. If the user is accessing Lexmark’s cloud-based functionality, such as Cloud Fleet Management or Cloud Print Management, then logging in to the printer is required.
From the Account Management web portal, click Organization > Printer Login Configuration.
The Organization Printer Login Configuration page allows you to select Single (Standard) and two-factor (Badge + PIN) authentication methods for user authentication.
You can either use Single (Standard) or two-factor (Badge + PIN) authentication methods for user authentication. Do either of the following:
One or more of the standard authentication methods can be enabled at the same time.
Badge—Uses contactless card reader and user ID badges. Badges must be registered before they can be used. For more information, see Managing badges.
PIN—Uses a 4-digit to 12-digit PIN. PINs can be set by the user, the administrator, or Lexmark Cloud Services. PINs can be set to never expire or to expire after 1 hour up to 180 days. For more information, see Managing PINs.
Secure login—Users must obtain a one-time PIN each time they authenticate at the printer. For more information, see Obtaining secure login code.
The one-time PIN can be obtained from either of the following:
The My Account page, in the Printer Login section
The Lexmark Print application, by clicking the cloud icon.
In this method users must use their badge and enter their PIN to authenticate. The badge and PIN stipulations as stated in the Standard Authentication section also apply.
The Cloud Authentication eSF application polls the cloud for changes to the Printer Login Configuration settings every 15 minutes.
The settings on the Printer Login Configuration page overwrite settings that are configured with the Cloud Authentication application installed in the printer.
These settings are applied to all printers in the organization.
Federation is the process of creating a trust relationship between a customer’s identity provider (IDP) and an external service, such as Lexmark Cloud Services. The identity provider can be Microsoft Azure Active Directory (Azure AD), Google Identity, or any other Security Assertion Markup Language (SAML) 2.0-compliant identity management system.
After this trust relationship is built, users can access Lexmark Cloud Services using the same credentials that they use for their other internal sites and services. The customer’s identity provider manages all aspects of credential management, including password validation, complexity of requirements, expiration, and potential use of multifactor authentication. Additionally, the identity provider can support Single Sign-On (SSO), which reduces the number of times users are required to authenticate as they switch between services.
Notes:
To enable federation or to change the current federation configuration, do the following:
From the Account Management web portal, click Organization > Authentication Provider.
If federation is not enabled, then click Configure an Authentication Provider.
Enter the details in the Authentication Provider form.
For more information on completing the form, see the following:
Child organizations provide a means of grouping printers based on business needs. This grouping could be for customers of a channel partner or business units of an enterprise.
There are two ways of organizing your customers’ printers: a hierarchical structure or a flat structure. The structure you choose determines whether child organizations are needed.
Hierarchical structure—Uses a child organization for each of your customers. The printers of each customer are grouped in that customer’s organization, separating printer information between customers. Also, a hierarchical structure lets you grant access to future Lexmark Cloud Services capabilities on a customer-by-customer basis.
Flat structure—A flat structure places all printers from all customers in a single structure. Any future Lexmark Cloud Services capabilities added to one customer are available to all.
In the Account Management web portal, click Organization > Child Organizations.
Click Create.
In the Organization name field, type a unique name and then click Create Child Organization.