Understanding Web Services Scanners
Applies To: Windows Server 2008 R2
Scanners are used to create images of documents. A scanner can be a network-connected stand-alone device, or a scanner function in a network-connected copier or multifunction printer. For Scan Management, scanners at a minimum must support Web Services on Devices (WSD), including Devices Profile for Web Services (DPWS). TCP/IP-based network scanners are not supported.
When users take their documents to a scanner, they first authenticate themselves to the scanner by logging on using a card reader or keypad interface. Scan processes that have been previously created for the users by an administrator are retrieved from Active Directory Domain Services (AD DS) and displayed on the scanner front panel. The users then select the desired scan process, and press the Scan button.
Scanned document images are then sent to a scan server for processing, network storage, or e-mail delivery. The scanner sends scan process information and device status information to the scan server as well. The users get feedback on the scanner front panel as to whether the scan server received the scanned document and ran the scan process. An example of a scan process would be: scan at 300 dpi resolution, post the documents to the department Web site, and send the documents to selected e-mail recipients.
Enterprise scanner requirements
Scan Management is capable of monitoring and displaying settings and properties for WSD–enabled scanners (the Epson Artisan 800 model is an example). In order to make use of scan processes and get the most benefit from Scan Management, WSD–enabled scanners must also support the following additional “enterprise-level” functionality.
Web Services protocol support
In addition to supporting WSD, including DPWS, scanners must support the following Web Service protocols:
The host side of the WSD Enterprise Scan Web Service (EWS) protocol.
The client side of the WSD Repository Processing Web Service (RPWS) protocol.
Active Directory communications
Scanners must support the following communications with AD DS:
Querying for and retrieving a user object from AD DS.
Retrieving user credentials (for example, from a card reader attached to the scanner) and sending them to AD DS.
Scanners must provide the following security features:
Ability to manage and validate user and scan server certificates.
Ability to create an HTTPS connection to a scan server.
Scanners must support and be configured for Internet Protocol security (IPsec) in order for Web Services events to be logged. IPSec does not allow non-IPsec–compliant scanners to send data to a scan server that is in a domain with IPsec enabled.
The scanner must provide an interface to enable the following actions by the user:
Select from a list of scan processes retrieved from AD DS that the user is authorized to use.
Provide a list of e-mail addresses if a scan process includes e-mail support.