Device Profiles

Overview

With Device Profiles, Secure Print settings can be customized for each printer, allowing for tailored configurations rather than applying the same settings across all printers. For instance, administrators can now set different default paper sizes for scanning, such as Letter for devices in the US and A4 for devices in Europe.

Device Profiles Actions

The Device Profiles tab includes the following action buttons:

Add - Create a new profile.
Duplicate - Copy an existing profile to create a duplicate.
Delete - Remove an existing profile.

Default Profile

By default, a single Default Profile is created, which includes default Secure Print and Secure Scan options. Administrators cannot rename or delete this system-generated profile but can modify its settings.

All printers listed in the Secure Printers tab are assigned the Default Profile by default. Administrators can reassign printers to different profiles through the Secure Printers tab if specific configurations are needed. Any new devices that get added will get the Default Profile assigned to them automatically. Administrators can also edit the Default Profile.

Profile Properties

General

Setting	Description
Name	Name uniquely identifies a device profile within the system.
Description	Description provides additional context about the device profile.

User Experience

Setting	Description
Device Logon Experience	The device logon experience setting specifies how users interact with the device during the logon process. The options are: Secure Print - This is the default setting. When selected, the user will see the Secure Print screen on authentication. The display may vary depending on the authentication provider configured. Review Documents - When enabled, users will be directed to the Review Documents(showing the list of documents submitted) screen immediately after logging in. Touchless Printing - With Touchless Printing enabled, employees simply tap their proximity card at a preferred printer. All documents in their personal queue will begin printing after 5 seconds. An employee can cancel printing before the 5-second timer elapses by simply pressing Cancel. Note: The system supports touchless printing with proximity cards no matter which authentication method or provider the customer is configured for: email authentication, Active Directory, and OpenID. Device Home - If enabled, when a user logs onto a secure printer, the device shows its Home Screen instead of the Secure Print screen. From the Home Screen, the user has access to such functions as copy/scan.
Print Options	Displays the Print Options button, enabling users to modify document settings at the secure printer before printing.For example, if a user submitted a color job, they have the option to change it to mono (black & white) from the printer's user interface. The default value is Shown and this value cannot be modified.
Print And Retain	Displays the Print And Retain button, allowing users to reprint their documents. Reprinting a document may be necessary if you need to be able to print a job once and release it multiple times so that you can proof the content once before creating multiple copies. For example, you can proof one copy in mono and duplex and then print 100 copies single-sided in color. The default value is Shown and this value cannot be modified.
Proximity Card Registration	When this setting is turned on, users can register their proximity cards at the secure printers using their email and PIN (for email-based auth), network ID (for Active Directory auth), or passcode (for OpenID auth) . Once a proximity card is registered, users can release documents to any secure printer in the organization. The proximity card registration setting is turned on by default. If you prefer importing users’ cards into the system, you may want to disable card registration. If card registration is disabled, users with unregistered cards will see a friendly message informing them of the appropriate action to take. Note: If you have an OpenID implementation, card registration is supported only on printers that support passcode authentication
Network Timeout (Seconds)	The Network Timeout setting controls the time before requests to the Site Service from the secure printers time out. The default is 10 seconds. If a request takes more than 10 seconds to complete, the secure printer shows an error message “Error Releasing Print Jobs. Unable to complete the request due to network issues. Please try again later”. You can change the default in situations where network connectivity is slower than normal, for example.
Number of Documents displayed on device	The Number of documents displayed on device controls the number of documents displayed on a secure printer. The default value is 50 documents and the maximum value is 150 documents.

Scan

Starting with HP Insights 4.0, administrators can configure the default scan options according to their preferences. By default, all printers are assigned to the Default Profile, and the scan options set within it will be applied universally to all the printers. To use different scan options for specific printers, administrators will need to create and apply a separate Device Profile for those printers.

Toggle the switch next to the Scan option to reveal all settings related to Secure Scan and choose the scan options you wish to set as defaults.

Setting	Description
Color Mode	Specify whether the scan job is in Color (default), Grayscale, or Mono
Paper	Specify the paper size for the scan job. The options are: A4 (default EU), Letter (default US) , A3, Ledger, Legal
Quality	Specify the resolution and clarity of the scan job. Options for quality are High, Medium (default), and Low.
Orientation	Specify whether the scan job is Portrait (default) or Landscape.
Two-Sided	Specify whether the scan job is One-sided (default) or Two-sided.
File Type	Specify the file format for the scan job. The options are PDF (default),JPEG, TIFF, PDF/A

Permission Required on Azure to Access Office 365

Office 365 features such as the Scan to OneDrive, Scan to SharePoint, and Scan to Email features use the Microsoft Graph API to upload documents directly to Office 365 and to send email. This allows users to scan documents directly to their personal OneDrive or SharePoint folders. It uses delegated permissions, meaning it relies on the user's own permissions. With delegated permissions, individual users grant the Secure Scan app access to their respective Office 365 folders.

When users in the organization attempt to access SharePoint or OneDrive, a consent request will be sent to the Azure administrator. This process ensures proper authorization through user-based authentication.

Consent Process

When a user first tries to access the Scan to OneDrive/SharePoint feature from the printer, an authorization link is sent to their email. This initiates a one-time consent request for the Azure administrator, who must review and approve access for the following application:

Application ID: afe97133-a356-42df-b5b3-b87eb06b09b2 (Client ID)
Application Name: Pharos Cloud

Required API Permissions

openid
email
profile
offline_access
Sites.ReadWrite.All
Files.ReadWrite
User.Read
Mail.Send
Mail.ReadWrite

Steps to Follow

Navigate to the Azure portal and locate the application using the Client ID: afe97133-a356-42df-b5b3-b87eb06b09b2 (Pharos Cloud).
Verify that the necessary API permissions listed above are present.
Check the expiration status of admin consent for these permissions. Expired consent will prevent access to Sites/Folders and must be renewed

Ensuring the correct configuration of these permissions and obtaining admin consent is essential for seamless access to SharePoint and OneDrive resources.

Scan To Email

To send scanned documents to email the logged-in user’s email address, you will need to configure the HP Insights to communicate with your organization’s SMTP email server or Office 365.

Microsoft 365 - This option integrates with Microsoft's cloud-based email service, allowing users to use their existing Microsoft 365 account to send scanned documents. It’s a convenient choice for organizations using Microsoft 365, as it leverages the same email infrastructure.
SMTP (Simple Mail Transfer Protocol) - This is a standard method for sending emails and can be used with any email provider. Administrators can configure the SMTP settings with details like the server address, port, and authentication information. SMTP is a flexible option that works with a wide range of email services.

Microsoft 365

When the Microsoft 365 option is selected, all Email SMTP settings are hidden, leaving only the Enable Editable To and Max file size settings visible.

Setting	Description
Enable editable "To" field	When enabled, users can: Scan documents and send them directly to a fax machine destination. Send scanned documents to another user’s email address. Previously, the To field was not editable and limited to sending scanned documents to the user's own email address.
Max file size	This enables IT administrators to define the maximum file size for scan to email. The default value is 5MB, while the maximum allowed file size is 2047 MB.

Setting

Description

Enable editable "To" field

When enabled, users can:

Scan documents and send them directly to a fax machine destination.
Send scanned documents to another user’s email address. Previously, the To field was not editable and limited to sending scanned documents to the user's own email address.

Max file size

This enables IT administrators to define the maximum file size for scan to email. The default value is 5MB, while the maximum allowed file size is 2047 MB.

SMTP

Setting	Description
SMTP Server Name	Enter the name of your organization's SMTP server. This may be in the form smtp.company.com.
SMTP Server Port	Enter the SMTP port number provided by your administrator. The default SMTP port value is 25.
SMTP Username	The user name used to authenticate with the SMTP account.
SMTP Password	The password associated with the SMTP Username used to authenticate to the SMTP server.
SMTP SSL/TLS Protocol	Select this option if your SMTP Server uses SSL/TLS protocol.
Enable editable "To" field	When enabled, users can: Scan documents and send them directly to a fax machine destination. Send scanned documents to another user’s email address. Previously, the To field was not editable and limited to sending scanned documents to the user's own email address.
Max file size	This enables IT administrators to define the maximum file size for scan to email. The default value is 5MB, while the maximum allowed file size is 80 MB.

Scan to OneDrive

When enabled, Scan to One Drive uploads scanned documents directly to the user’s personal OneDrive folder.

Scan to SharePoint

When enabled, Scan to SharePoint uploads scanned documents to a designated location within SharePoint.

Scan to Network

Scan to Network Folder enables users to save scanned documents to a shared folder within the internal network.

In the Network Folder Path, enter the network path where you intend to store the scanned document. For the Username and Password fields, provide the necessary credentials to authenticate access to the specified network folder path.

Add a Profile

Navigate to the Secure > Device Profiles .
Click on the Add button.
In the Profile Properties section, enter a name to identify the profile.
Configure the profile settings based on your requirements, using the Profile Properties section above as a reference for each setting.
Click the Apply button to add the profile.

Duplicate a Profile

Navigate to the Secure > Device Profiles .
Select a profile to duplicate.
Select the Duplicate button to create a copy of the selected profile.
A confirmation message appears, asking if you want to duplicate the selected profile.
The duplicated profile will appear with a default name, such as "[Original Profile Name] (Copy xxxxx).
Rename the duplicated profile to something unique and descriptive of the profile.
Edit profile settings as per your organization's requirements.
Save the new profile by clicking the Apply button.

Delete a Profile

Navigate to the Secure > Device Profiles tab of the web console.
Select a profile you want to delete.
Select the Delete button to delete the selected profile.
A confirmation message will appear, asking you to confirm if you want to delete the selected profile. Click Delete to proceed.

Assign Device Profiles to Printers

Navigate to the Secure > Secure Printers tab.
Select the printers you want to assign a specific device profile to from the list.
Click the Assign Device Profile button and then select the profile you want to assign to the printer.

Note: By default, all printers are assigned the Default Profile.