Scanner unexpectedly stopped connecting to server share

Posted on 2014-01-07
Medium Priority
Last Modified: 2014-02-04
Hello friends,

Over the weekend, a canon imagerunner 2530 stopped it's ability to place scanned items into a network share on the server.

two canon reps have been to the office and claim they have successfully scanned a document to their laptop, and so therefore blame the server.

The server is SBS 2011 standard, and the \SCANNED folder which is shared on the domain, also is the landing point for the FTP server which another scanner in the office dumps it's scanned documents to via FTP.  Bot have been working fine for 2 months since server installation.

The Imagerunner used standard SMB network protocol when originally set up, and has worked for 2 months without fail recently.

I have tried everything I know to try:
I created a new share and verified a user permissions to that new share
I have tried changing user credentials on the scanner to someone of higher elevated credentials
I have checked and rechecked the settings on the printer/scanner via the web interface repeatedly
I have tried to use the FTP functionality of the same machine and cannot get it to work that way either.

Users CAN print to this machine just fine.

Other things I've tried:
turn off ALL firewalls on every level
turn off Kaspersky completely in addition to all firewalls being turned off

Two office service reps (company responsible for the imagerunner) came and tried to make it work, but said it's the server and beyond their ability to resolve.

EVERY OTHER SERVICE on this server is working perfectly, all users can access this folder, the other machine can drop files into it, and there is no other issue on the network.

I don't know what else to try ....  ASSUMING that the issue really is on my server, I ask for suggestions and ideas to try from better minds than my own.

I've tried a lot of little quirks, but I'm open to all ideas at this point.

Question by:Faxxer
  • 5
  • 2
LVL 18

Accepted Solution

Akinsd earned 2000 total points
ID: 39764120
You may want to install wireshark on your server and capture the traffic from the copier to see what's happening to it.

It could also be something as simple as IP address (DNS error)
Is the copier connecting via host name or IP address. If host name, replace with server IP or check if the proper DNS is configured in the copier.

Also check the domain name configuration on the copier. If configured, disable or delete the entry and try again

If the copier supports NTLMv1 and NTLMv2, try setting it to use both. How are you typing the user name ? Domain\username? If not try that too
Also launch and check the secpol.msc from run command or browse to security policies on the server, look for the settings for digital signature

Security settings
Local policies
Security options
Microsoft Network Server: Digitally sign communications (always)
And ............(if client agrees)
Try disabling both and see if it makes any difference
If not, restore the original setting.

If non of those work, ask the reps to come back and initialize the machine, then reload or update the firmware

All the best

Author Comment

ID: 39764171
Great suggestions Akinsd, I will have to be on site to actually test the settings each time so it might take me a few days.  Thank you and I'll report back asap...

Author Comment

ID: 39767163
Well, I've tried my very best to make sense of the wireshark capture, to no avail....

I have confirmed that I can scan to file and send to ANY other client in the domain without any problems, so the issue is directly with the server.

Quick question on the printer DNS, should it be the server IP or my isp's dns server? (Currently it's the old AT&T one, which has been working up until this last weekend just fine)

Now what I can't figure out ...  is what changed?   I did TWO windows updates in the window from working to not working:
1. Was the Exchange 2010 update rollup 4 (a big update to be sure, but it's for EXCHANGE and shouldn't be responsible for affecting a single printer on the network should it?) Nothing else broke.
2. the other was that timezone update from winupdates....

that's all that happened on this box.

I am using Kaspersky SOS 3 (Small Office Security) but the clients are using it also and no issues there...
I have tried 'disabled' mode on the server firewalls and Kaspersky also

I tried putting in the IP address instead of host, no difference at all. This printer may be older than you realize...it doesn't have an option ANYWHERE in the web interface for NTLM.

The 2 things I've not tried yet are the secpol.msc changes you suggested and calling back canon...  Will doing this make the server vulnerable to any outside attack? (Even if it's a short window)  

I'm not sure calling the reps back out to init the printer will be something needed since I can get it to work on client machines.

I am thinking about creating a share on each client that needs this scanner and adding that share in the address book of the printer, (i.e. "Joe" sends to Joe's pc share and so on)

I still would like to resolve to the server as it has backup, and all the users have the share for access, so any other ideas that come to mind, please keep them coming.

Will report back again if I find anything new and try the secpol.msc changes.


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

LVL 18

Expert Comment

ID: 39768183
The digital signature is a Microsoft thing to ensure that only the device software they have tested and approved (digitally signed) can connect. It gives some security but in this current technology age, that security is very minimal and many vendors no longer digitally sign their software with Microsoft since it has a dollar cost to it and the signature does not apply to updated version meaning they have to digitally sign each update.

So in short, it shouldn't hurt anything.

There is a possibility that the sever is now using a higher level of authentication that the copier does not support with it's current version. Check with Canon and find out if there's a firmware that adds NTLMv1, v2 or v3 functionality


Any security update, whether for exchange or other services is global on the server. Considering all the vulnerabilities with email transmission in this age, security has become tougher. eg, allowing no authentication or permitting email relays globally will cause your email server to be blacklisted.... That's by the way.

Using a separate file server or scanning directly to clients may not be a bad idea if it won't hurt any workflow, compliance or IT management

Author Comment

ID: 39768250
Thank you for the info!  I will try the next steps and report back asap.

Author Comment

ID: 39770092
ok..I have an update.

I am unable to modify the secpol.msc settings despite adding my user as a network admin to the server, (which is supposed to be the highest authority isn't it?)

I went ahead and uninstalled the Kaspersky to test, I have had trust issues with A/V suites in the past and sometimes I just need to know.  Sadly it resolved nothing.

I also dropped the firewall on the domain side, again no joy.

I'm willing to try the secpol.msc edit, but perhaps you could assist me in gaining access to the properties instead of just poking my mouse at greyed out settings?  

I appreciate your help


Author Comment

ID: 39832396
I gave up and ended up creating an address for each user so they could send their job to their pc.

Thank you for trying.

There are alot of other posts out on the internet regarding ImageRunner about this that seem to all be clammering with no solution also...frustrating.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
New style of hardware planning for Microsoft Exchange server.
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month13 days, 14 hours left to enroll

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question