ATM_ID: B5DEE68A-A6AB-11EC-96C2-7D98BEA7DE52

MFF:

PLANNEDTIMESTAFF:

ID: Not_to_use_for_any_Dashboard/Deprecated/FS_22.205_FIPS/14681

TESTCASE_HEADLINE: To validate the MFD's functionality when Kerberos is set to operate as a FIPS+CC non compliant protocol in FIPS+CC mode for Network Authentication.

GROUP:

FEATURE:

SUB_FEATURE:

INPUT: <p>MFD should have latest firmware.<br />
WebUI must be accessible.<br />
User should Logged in as SA.</p>

PROCEDURE: <p>1.From EWS navigate through Properties -- Security -- Encryption -- FIPS 140-3 page.<br />
2.Enable FIPS+CC and run FIPS+CC configuration check.<br />
3.Acknowledge all exceptions and reboot the MFD.<br />
4.Once the MFD came to ready state navigate to Properties --<br />
Login/ Permissions/ Accounting -- Login Methods -- Control Panel Website Login Methods page.<br />
5.Configure "Validate on Network" for Control Panel Login.<br />
6.Come back to Login Methods page and configure the Authentication servers.<br />
7.Choose Kerberos for Authentication Type and save the changes.<br />
8.Check whether the MFD is raising an exception and requesting the user to "Enable Kerberos exception".<br />
9.Select "Enable Kerberos exception".<br />
10.Navigate back to FIPS 140-3 page and check whether there is a Kerberos exception showing under the summary of exceptions.</p>

OUTPUT: <p>9.Enabling the exception (below) will allow this device to communicate with non-FIPS+CC compliant Kerberos servers.<br />
10.Summary of FIPS+CC Exceptions should have Kerberos exception since user acknowledged Kerberos exception by selecting "Enable Kerberos exception".</p>

PROCESS:

PRIORITY:

TEST_TYPE: manual

LOE:

RESOURCE_HW:

RESOURCE_CONSUMEABLES:

RESOURCE_MEDIA:

SKILL_SET:

TEST_CASE_TYPE: testcases

TESTCASE_SOURCE:

SPEC: FS 22.205 FIPS 140-3 Certification

SPEC_VERSION: 1.0001

SPEC_TAG: [22.205.009] (FT-27164, FT-29598, FT-28756) {D7.6, D7.8} On a FIPS with CC mode enabled MFP, when Kerberos is configured via CWIS for either Network Authentication (for at least one Authentication Server) or Smart Cards (for at least one Domain Controller), the SA shall be given the option to utilize the Kerberos protocol by acknowledging a FIPS + CC mode Kerberos (Network and Smart Card Authentication) exception. 
[22.205.010] (FT-27164, FT-29598, FT-28756) {D7.6, D7.8} If a Kerberos (Network and Smart Card Authentication) FIPS with CC mode exception has been acknowledged by an SAKO, then once FIPS with CC mode is enabled, the MFP shall display a Kerberos (Network and Smart Card Authentication) FIPS exception in the FIPS summary of exceptions table on CWIS.

ATM_OWNER:

APPROVE_QE:

APPROVED_QE:

APPROVE_SE:

APPROVED_SE:

APPROVE_SPAR:

APPROVED_SPAR:

ASSOCIATED_TESTCASES:

TRAINING:

TESTCASE_VERSION:

TESTCASE_STATE:

TESTCASE_PLATFORM:

TESTCASE_PRODUCT: canyon, carroll, corvo, kiska, mystic, melody

TESTCASE_FAMILY:

TESTCASE_APPROVALS:

CDATE: 1647601696

MDATE: 1647601696, 1651240585, 1742818694

MUSER: USWU60000, USWU60000, w3K3WRKH

AUTHOR: USWU60000

ATM_MCOMMENTS: Imported from spreadsheet, Renamed from "DPQA_NewFeature/D7.6/FT-27164_Mocana_TrustCore_2020_FIPS_140-3_modules_for_Alexandra/161917"., Renamed from "WFAST_Connectivity/Testcases/FS_22.205_FIPS_140-3_Certification/14681".

HISTORY:

ATM_LOCKED:

ATM_REQLINK: 3C21E974-1CF3-11EC-B707-61040BE4A572, 3C24AC40-1CF3-11EC-B707-61040BE4A572

ATM_REQCOUNT: 2

QA_TEAM:

TC_WEIGHTAGE:

FILENAME:

FILEDESC:

FILES:

RELEASE:

AUTOMATION_GROUP:

TESTCASE_STEPS_ARE_RELATED_TO:

REASON_FOR_AUTOMATABLE:

PRECONDITION_TO_BE_DONE:

ACTION_TO_BE_DONE:

COMMON_FUNCTIONALITY:

COMMONALITY_DETAILS:

CONSTRAINTS_DAR: IMP-98 by Karthika dated on 09-01-2023

DEVELOPMENT_COMPLETE_TIME:

PO_SIGNOFF_DATE:

COMPLEXITY_PRECONDITIONS:

COMPLEXITY_OUTPUT_VALIDATION: non_outliers

AUTOMATABLE: yes

TESTCASE_MODIFICATION_REQUIRED:

APTEST_UPDATE_STATUS:

DEVICE_CATEGORY: common

TC_WORK_LOCATION_CAT: work_from_home_with_office_support_tc

AUTOMATION_TC_VALIDATION:

COMPETENCY: wfast_connectivity

APTEST_TRACKING: yes

AUTOMATION_CANDIDATE: no