1. Introduction

1.1   Intended Audience

This guide is intended for a technical audience with access to the Everyone Print Partner Portal, and the required Hybrid Cloud Print Portal.

1.2   Pre-Requisites

• Firewall is configured with all required ports for the chosen configuration.
• If gateways are in use, DNS to be set for the gateway and domain.
• Print Devices which are to have embedded software installed, are reset to factory settings, and are connected to the network with a static IP.
• Access to the Hybrid Cloud Platform installation & configuration guide which can be access via the Partner Zone.

1.2.1  Assumptions

This document assumes that you are hosting using the Everyone Print Cloud Service, and have a compatible printer for push and embedded pull printing.

Any card readers used are fully compatible with the solution.

PC Client to be installed on Windows.

1.3   Purpose of Document

This quick start guide will take you through the steps required to set up and configure Hybrid Cloud Print, configure a printer for push print, and guide you to the resources for embedded installation.

 

An overview of a standard installation is as follows:

2. Technical Requirements

2.1   Ports

Ensure required ports are opened as detailed in section 3.4 of the Hybrid Cloud Platform installation & configuration guide.

2.2   Card Readers

Supported Card Readers can be found in section 9.17 of the Hybrid Cloud Platform installation & configuration guide.

3. Create Tenancy

3.1   Tenant

If required, create the new tenancy for where your customer will reside.
If not required, skip to section 3.2.

Log into the vendor portal and click create vendor.

The following fields need to be completed:

• Vendor Name
• Domain – this is the HCP domain that be used for the vendor eg: vendor.eu.eophcp.com
  • vendor is the vendor name
  • eu is the data centre that the vendor resides in.
    • eu = European
    • ap = Asia Pacific
    • us = Americas
  • Application Name
  • Default Language
  • Default Paper Size

Click
Set Admin Password on Vendor

3.2   Customer

3.2.1  Create Customer

To create a Customer account, following these steps.

Log in as Vendor with the required rights to create new customers.

Click on the top menu.

You are required to fill in the following information.

• Name = Customer Name
• Domain – this is in the format of customer.eu.eophcp.com
  • Customer – to be replaced with subdomain of the customer account in the EoP Cloud.
  • eu – matching where the vendor was created.
• Application Name – At this stage, re-enter the client name.
• Set Default Language and Paper Size.
• OEM Logo – This is the logo of the client.

At this stage, for a standard account click .

Further information regarding advanced options can be found in the main administration guide.

 

3.2.2  Set Admin & User Password

Before the customer can log in you need to set an passwords for the admin and user.

While still logged in as Vendor Admin, click Users in the side menu.

 

Click on the Edit icon to edit the default “admin” account and click   to be able to set a secure password.

 

Type the password twice in the following fields:

Then click

Repeat for the default “user” account.

 

3.2.3  Login as Customer

Login as admin user to the customer account.

Browse to the following address:

• https://customer.eu.eophcp.com:8443

where customer is the domain account that you created earlier in this step, and eu is the domain server.

• Username is admin
• Password was set in 3.2.2

 

 

 

3.2.4  Create Printer

You are now ready to create your first printer using a push queue.

The Printers list shows basic information for the Printers configured for this Account.

Click on  button to add a new Printer, and the new printer entry is displayed:

Fill in the following details:

• Name
  • The friendly name of the printer within the Account.
• Address
  • Enter the IP address or host name of the MFP device on the local network.
• Description
  • If required, an additional description of the printer or location could be added.
• Protocol
  • In this instance, leave at default of TCP. This delivers print via port 9100.
• Vendor
  • Choose the vendor of the printer.
• Create matching Printer Port
  • This check box should be checked to simplify set up process.
• Service
  • Click the drop down and select hcp documentoutput service
• Click

 

4. PC Client

Once a printer has been created, we can move on sending test prints to our new device.

The easiest way is to install the PC Client, configuring the solution to the cloud, and to a local user.

 

You can download the latest version of the PC Client from the Partner Zone.     

4.1   Install Client

Run the installer, click next and agree to the license.

Complete the gateway parameters screen as detailed below:

• HCP Gateway Address and Account Domain name should match to the customer account created in 3.2.1.
• Enable local storage and direct print job delivery should be checked.
• Ensure you set User authentication to Custom Log In.

Click Next, and the client will verify connectivity to the address given above and show advanced options.

Leave advanced options at default and click Next, the click Install, then when finished, click complete.

 

 

4.2   Configure Client

The client is now installed, and in your system tray. In a standard installation you need to authorize clients on a endpoint by endpoint basis. To do this simply log into the HCP Admin Portal, click Endpoints and select the PC Client in the list, and click Authorize. 

If you are in the process of deploying a large number of clients, you can amend the customer tenancy to Automatically trust new clients/servers. Simply go into settings, click PKI & Encryption, tick the check box and save. Any new PC Client / Gateway connecting to the customer tenancy at this stage would be automatically authorised. 

4.2.1  Log In

At this stage we are going to test with the admin user that was created in 3.2.2

 

Right Click and choose Login…

Enter Credentials utilizing the admin account that was previously created, then click OK.

A notification will show a successful login.

4.3   Print Test Document

Printers should be automatically synchronized, and you should be able to see your printer in Windows Settings.

 

Print a document to this device and ensures this is printed to the device configured.

4.3.1  Synchronize

If the printer has not synchronized, then right click the utility in the system tray and click “Sychronize printers now”. You can force this sync if you have added printers, and the client hasn’t automatically refreshed (default 60 minutes refresh).

 

5. Reports

You can see the device has printed via reporting.

Click Reports in the side menu

Choose any of the following reports for confirmation of completed configuration

 

 

6. Authentication

There are numerous options of authentication of users. Currently local authentication is in use.

6.1   Azure AD

HCP Azure AD authentication does not support multi-factor authentication “MFA”.

If MFA is used, HCP can access Azure AD by disabling MFA on one user for set up in Authentication and any policies that would block the log in of the service account in Azure.

Further information can be provided on 2FA configuration utilizing a One Use Passcode for users.

6.1.1  Create App Registration

• In Azure AD, log in as administrator and click
• Then click +New Registration
• Enter a friendly Name such as “Everyone Print HCP”
• For standard accounts simply leave the default option selected.
• Fill in “Redirect URI” field to read https://www.everyoneprint.com
• Click on “Register” button
• Then, click
• Delete the existing permission by clicking the … and selecting Remove Permission.
• Click on “Update permissions” button (no permission should be displayed)
• Click on “Add a permission” button
• Select “Azure Active Directory” Graph from Supported legacy APIs

• Click on “Delegated permissions”.
• Choose the following permissions then click Add Permissions

 

• You need to confirm the access permissions. Click , then Yes in the popup box.
• Click on the side menu and scroll down to Advanced Settings
• Select Yes, on Allow public client flows.

• Scroll back to the top and click Save

 

 

6.1.2  Initial Configuration

• Ensure you have your user / service account details to hand.
• Log into the customer account as an administrator.
• Click Authentication from the left menu, then click Add at the top right.
• Fill in the following
  • Name – Friendly name.
  • Domain Name = domain name of Azure AD
  • Type = Azure
  • Active = Checked
  • Azure Domain = domain name of Azure AD
  • Application ID = API String created in 6.1.1
  • Username / Password = Service Account in Azure AD.
  • Service = HCP Authentication Service
• Click Test, and OK should be shown.

Users should now be able to log into the solution using Azure AD.

For other authentication methods, see the section 5.7 in the Hybrid Cloud Platform installation & configuration guide, which can be access via the Partner Zone.

7. Gateway Information

Certain configurations of HCP may require a Security Gateway which allows access to the private local network, for example for authentication or embedded application on an MFD.

Because the cloud server cannot access to the customer’s internal networks this security is required which connects the local network and authentication services such as legacy Active Directory or to printers on the local network.

There are a few options to consider for the Security Gateway, such as running a standalone appliance locally, which is comparable to an internet router, or if connected directly to a cloud provider such as Azure or AWS, this can be run as a virtualized appliance, and a pre-configured image, ready to run on a hypervisor can be supplied.

 

In preparation of the installation, the following pre-requisites must be verified:

- No Firewall is blocking outbound communication on defined TCP ports to the Primary server in the Cloud. This is detailed in the Ports and Protocols section > 1. Server to Server section in the Hybrid Cloud Platform installation & configuration guide which can be access via the Partner Zone.

- No Proxy server filtering outbound communication to the Primary server in the Cloud. The gateway needs a direct connection to the Primary server as it creates a secure channel (TLS 1.2) that a proxy cannot handle.

 

Installation and configuration information for the gateway can be found in the Hybrid Cloud Platform installation & configuration guide.

 

 

8. Embedded Options

Certain devices can have embedded software installed, allowing for an interactive experience utilizing the print devices touch screen.

To do so, an embedded configuration needs to be created, and then the embedded software can be installed on the output device.

• Navigate to Embedded to create the configuration.
• Ensure card reader information (if applicable) is set correctly (see Hybrid Cloud Platform installation & configuration guide which can be access via the Partner Zone for further information), and that features on the device, that will be locked, are selected. These features will become unlocked upon a successful authentication.

Once the configuration is created, again, navigate to the Embedded menu, and now click the upload  icon.

 

From here, you can select your MFD or all MFDs, and click install and configure.

 

 

9. Further Configuration Options

This quick start guide has gone through the simple set up process printing via the Everyone Print Cloud Service.
Further configuration options, and more detailed set up guides of security gateways, embedded applications, and authentication options can be completed by following the Hybrid Cloud Platform installation & configuration guide which can be access via the Partner Zone.

 

 

Contact us:

Having questions, sales or technical matter, difficulties, contact our Customer Support Center or simply drop and email with your question to: support@everyoneprint.com