Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4046
  • Last Modified:

LDAP Address query on Canon ScanFront 220 Web

Everyone,

Does anyone know how to set this LDAP pull on a Canon ScanFront 220?  It is a web interface and you enter in your address book server.  I have tried everything and it won't connect.

Here is what it asks for
Search Base
Host Name
Port 389
Username
Pass

Search base I think is right, the host name I am using the DC machine name, but still it won't connect.  Any ideas or someone that has got this to work?
0
HDSportster08
Asked:
HDSportster08
  • 12
  • 11
1 Solution
 
esmith69Commented:
I have had issues getting LDAP to work on Canon network copiers in the past.  For me, the key was the formatting of the "username" field.  I believe I had to specify the username in the format username@netbiosdomainname.

So for example, if the username you're using is "administrator", your NETBIOS domain name is CONTOSO, and your FQDN is contoso.local, in the "username" field you'd put:  administrator@contoso.

I'd experiment with different combinations of the formatting of the username field.  Sometimes it'd be contoso\administrator, administrator@contoso.local.  Occasionally it might need to be the email address of the user.
0
 
HDSportster08Author Commented:
esmith, would love to get this to work, tried all those usernames and nada.  Did you use the ip or the actual machine name for your Host Name?

Any other ideas would be GREATLY appreciated.
0
 
esmith69Commented:
pretty sure I put in the IP address of the domain controller.

Is there a "domain" field on the screen with the username/password stuff?  Or is there just a field for the username?
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
HDSportster08Author Commented:
There is

LDAP address book :  Another Server from Authentication server - chose this because our exchange is different

Search Base:  dc=somewhere,dc=com

Host Name(address): I have the dc ip in here

Port Number 389

User name


That is all that is listed, I know the mail part works as I have sent one using a manually keyed email off the scanner
0
 
esmith69Commented:
You could try installing an LDAP utility just as JXplorer (http://www.jxplorer.org/) on a PC other than the Domain Controller.  Then try connecting to the DC using the same settings you're using on the copier.

A question about the first line you mentioned above ("LDAP address book").  I would guess that this should actually be the SAME as the authentication server.  When you're doing the LDAP lookup, it usually is pulling the info from the DC, not from Exchange.  It might be that the DC is pulling the info in turn from the Exchange server, but most likely it's just pulling the info from Active Directory.
0
 
HDSportster08Author Commented:
I will try that utility, the reason I am using that setting is because they just want to display the list of email addresses.  If you use the authentication server, it makes you login everytime you want to do something, unless I am wrong on that?

Going to download that utility, thanks
0
 
HDSportster08Author Commented:
anyone else fooled with these things?
0
 
esmith69Commented:
I am assuming you were able to connect using the same authentication settings with that utility?
0
 
HDSportster08Author Commented:
Yes, I was, meant to update.  Ok, I checked the domain controller logs this morning and was getting an error that the com could not be queried outside of the dc.  So I went into dcomcnf, did a regedit and found the id of the error it was giving me.  I found the dcom and set the permissions to allow the account I am using to query and update I believe were the two.  

I am not in infrastructure, as funny as that seems, so I need them to restart IIS, I could have but didn't want the hassle from them if I did.  

So I think this whole ldap issue is on the server side and not the settings in the canon.  Any thoughts esmith?
0
 
esmith69Commented:
Why are you thinking you need to restart IIS?
0
 
HDSportster08Author Commented:
Ah, my fault, I was thinking sharepoint moss server.  Nevermind.  

Well at any rate, the server is throwing off an ldap in the error log saying it cannot be queried from outside sources.  Have you seen that before?
0
 
esmith69Commented:
What's the exact error message?
0
 
HDSportster08Author Commented:
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{D99E6E73-FC88-11D0-B498-00A0C90312F3}
 to the user domain\loginname SID (S-1-5-21-2796758022-4218448519-2534690014-21107).  This security permission can be modified using the Component Services administrative tool.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
esmith69Commented:
So this error you're seeing is popping up every time you try to connect using LDAP?

I looked up that CLSID and I believe that's for the Certification Authority.  Have you already gone into dcomcnfg and enabled the local launch permissions for that SID?

I doubt that is the cause of your problems, but it it pops up only when you try to connect with LDAP then obviously it is related somehow.
0
 
HDSportster08Author Commented:
It does not popup on me because I am using the web interface of the canon scanner to configure the settings.  The error on the cannon scanner is

There is an error in the settings for the LDAP Address Book. Please check the settings.
80FE0031

I get that no matter what I do, even tried the authentication server method as well.
0
 
esmith69Commented:
Sorry, when I referred to "this error" in my last comment, I was talking about the Com server thing, not the error on the canon scanner.  What I meant was:  does this DCOM error show up in the server's event log every time you get the error on the canon (i.e. every time it tries to query LDAP)?  Or was that DCOM error just something you happened to see in the server's event log?
0
 
HDSportster08Author Commented:
Oh ok, yea I think it is showing up everytime I get the error on the canon web screen.
0
 
esmith69Commented:
Was there any setting on the Canon related to using SSL for the LDAP connection?  Or maybe somewhere in its general network settings?
0
 
HDSportster08Author Commented:
yes in the network settings
0
 
esmith69Commented:
I would try turning that off and then attempting to do the LDAP again.
0
 
HDSportster08Author Commented:
Yea, only problem is that it has never been on, lol.
0
 
esmith69Commented:
Yea that is indeed a problem.

Take a look at this post and the followups to it:  http://www.eggheadcafe.com/conversation.aspx?messageid=29991109&threadid=29991109

It's not directly related to your issue and is pretty technical, but they talk a bit about how SSL works with LDAP.  I still think something funky is going on with that, I don't see why else that DCOM error would pop up every time you attempt to use the canon to do an LDAP (the DCOM that specifies the CLSID that is supposedly the certification authority).

Do you have Certification Services installed on the DC?
0
 
HDSportster08Author Commented:
esmith, I am going to accept this as an answer, I did some research on our server and it does not have certificate services installed, so I would say that is their main problem.  I have handed it off to that department to let them fool with it.  Thanks again for keeping up with this and all your help.
0
 
zefonCommented:
Did you ever get this working?
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

  • 12
  • 11
Tackle projects and never again get stuck behind a technical roadblock.
Join Now