Configuring the Common Access Card authentication solution

Ricoh PCC supports Ricoh Common Access Card (CAC) v4 that has authentication capabilities and prevents unauthorized access to MFPs with AutoStore and Equitrac installed.

A US Department of Defense (DOD) CAC authentication solution provides US federal government customers with the ability to use their existing ID cards with the solution, increasing user satisfaction, security, and productivity.

The CAC authentication solution provides the following benefits:

  • Easy to use turn-key solution

  • Holders of a valid CAC can perform copy, scan, fax, and/or document server functions
  • Card is inserted into CAC reader connected to MFP and PIN is entered
  • Upon successful authentication the multifunction device is unlocked for use

  • Scanning is restricted only to address book users and embedded destinations to prevent anonymous scan-to functions
  • After authentication user is automatically registered in MFP's address book.

For US Government accounts, the embedded client can use CAC cards for user authentication when configured with Equitrac. In this instance, Equitrac will operate when Authentication is set to False in the DRS application profile.

The Authentication setting is only visible if Equitrac is selected.

To use CAC authentication when Equitrac 5.6 or later is configured as the authentication provider:

  1. Install CAC.
  2. Register and configure Ricoh MFP devices using CAC authentication.
  3. Swipe your card and enter your CAC PIN code to log in.

  • The following Equitrac features are not supported with CAC login: Function Access Control (monochrome and color copy, scan and fax permissions and copy stop enforcement), Release All at login, Release First at login, Billing Codes at login, and Copy Rules (limit access).
  • CAC does not support Equitrac multi-DCE environment.

Setting the alternate primary PIN as UPN

Equitrac offers an optional alternate primary PIN that the user can enter instead of the primary PIN. Alternate primary PIN can be used for an additional level of security as it serves as another primary PIN for the user.

Open Equitrac System Manager and go to Configuration > Users and click on a user. In the Properties of… dialog box, set the Alternate primary PIN as UPN from the CAC server.

Configuring and using DRS for a CAC Device

  1. Open DRS. In a Web browser, enter http://<DRSServerIP>:9000/device, where DRSServerIP is the IP address of the server where you installed DRS.
  2. Select an application where Authentication is set to False. A Baseline Installation option appears when adding the Ricoh device.
  3. Set Baseline Installation as False, to avoid changing any CAC settings when the Ricoh PCC client is installed.
  4. When the application and device profiles are complete, select the device with CAC and run the Full Install action.
You must set the Home key to System Home and not Kofax Embedded for Ricoh SOP in the CAC environment.