Solved

Scanner unexpectedly stopped connecting to server share

Posted on 2014-01-07
7
542 Views
Last Modified: 2014-02-04
Hello friends,

Over the weekend, a canon imagerunner 2530 stopped it's ability to place scanned items into a network share on the server.

two canon reps have been to the office and claim they have successfully scanned a document to their laptop, and so therefore blame the server.

The server is SBS 2011 standard, and the \SCANNED folder which is shared on the domain, also is the landing point for the FTP server which another scanner in the office dumps it's scanned documents to via FTP.  Bot have been working fine for 2 months since server installation.

The Imagerunner used standard SMB network protocol when originally set up, and has worked for 2 months without fail recently.

I have tried everything I know to try:
I created a new share and verified a user permissions to that new share
I have tried changing user credentials on the scanner to someone of higher elevated credentials
I have checked and rechecked the settings on the printer/scanner via the web interface repeatedly
I have tried to use the FTP functionality of the same machine and cannot get it to work that way either.

Users CAN print to this machine just fine.

Other things I've tried:
turn off ALL firewalls on every level
turn off Kaspersky completely in addition to all firewalls being turned off

Two office service reps (company responsible for the imagerunner) came and tried to make it work, but said it's the server and beyond their ability to resolve.

EVERY OTHER SERVICE on this server is working perfectly, all users can access this folder, the other machine can drop files into it, and there is no other issue on the network.

I don't know what else to try ....  ASSUMING that the issue really is on my server, I ask for suggestions and ideas to try from better minds than my own.

I've tried a lot of little quirks, but I'm open to all ideas at this point.

Ike
0
Comment
Question by:Faxxer
  • 5
  • 2
7 Comments
 
LVL 18

Accepted Solution

by:
Akinsd earned 500 total points
ID: 39764120
You may want to install wireshark on your server and capture the traffic from the copier to see what's happening to it.

It could also be something as simple as IP address (DNS error)
Is the copier connecting via host name or IP address. If host name, replace with server IP or check if the proper DNS is configured in the copier.

Also check the domain name configuration on the copier. If configured, disable or delete the entry and try again

If the copier supports NTLMv1 and NTLMv2, try setting it to use both. How are you typing the user name ? Domain\username? If not try that too
Also launch and check the secpol.msc from run command or browse to security policies on the server, look for the settings for digital signature

Security settings
Local policies
Security options
Microsoft Network Server: Digitally sign communications (always)
And ............(if client agrees)
Try disabling both and see if it makes any difference
If not, restore the original setting.

If non of those work, ask the reps to come back and initialize the machine, then reload or update the firmware


All the best
0
 

Author Comment

by:Faxxer
ID: 39764171
Great suggestions Akinsd, I will have to be on site to actually test the settings each time so it might take me a few days.  Thank you and I'll report back asap...
0
 

Author Comment

by:Faxxer
ID: 39767163
Well, I've tried my very best to make sense of the wireshark capture, to no avail....

I have confirmed that I can scan to file and send to ANY other client in the domain without any problems, so the issue is directly with the server.

Quick question on the printer DNS, should it be the server IP or my isp's dns server? (Currently it's the old AT&T one, which has been working up until this last weekend just fine)

Now what I can't figure out ...  is what changed?   I did TWO windows updates in the window from working to not working:
1. Was the Exchange 2010 update rollup 4 (a big update to be sure, but it's for EXCHANGE and shouldn't be responsible for affecting a single printer on the network should it?) Nothing else broke.
2. the other was that timezone update from winupdates....

that's all that happened on this box.

I am using Kaspersky SOS 3 (Small Office Security) but the clients are using it also and no issues there...
I have tried 'disabled' mode on the server firewalls and Kaspersky also

I tried putting in the IP address instead of host, no difference at all. This printer may be older than you realize...it doesn't have an option ANYWHERE in the web interface for NTLM.

The 2 things I've not tried yet are the secpol.msc changes you suggested and calling back canon...  Will doing this make the server vulnerable to any outside attack? (Even if it's a short window)  

I'm not sure calling the reps back out to init the printer will be something needed since I can get it to work on client machines.

I am thinking about creating a share on each client that needs this scanner and adding that share in the address book of the printer, (i.e. "Joe" sends to Joe's pc share and so on)

I still would like to resolve to the server as it has backup, and all the users have the share for access, so any other ideas that come to mind, please keep them coming.

Will report back again if I find anything new and try the secpol.msc changes.

Ike
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 18

Expert Comment

by:Akinsd
ID: 39768183
The digital signature is a Microsoft thing to ensure that only the device software they have tested and approved (digitally signed) can connect. It gives some security but in this current technology age, that security is very minimal and many vendors no longer digitally sign their software with Microsoft since it has a dollar cost to it and the signature does not apply to updated version meaning they have to digitally sign each update.

So in short, it shouldn't hurt anything.

There is a possibility that the sever is now using a higher level of authentication that the copier does not support with it's current version. Check with Canon and find out if there's a firmware that adds NTLMv1, v2 or v3 functionality

http://technet.microsoft.com/en-us/library/dd566199(v=ws.10).aspx


Any security update, whether for exchange or other services is global on the server. Considering all the vulnerabilities with email transmission in this age, security has become tougher. eg, allowing no authentication or permitting email relays globally will cause your email server to be blacklisted.... That's by the way.

Using a separate file server or scanning directly to clients may not be a bad idea if it won't hurt any workflow, compliance or IT management
0
 

Author Comment

by:Faxxer
ID: 39768250
Thank you for the info!  I will try the next steps and report back asap.
0
 

Author Comment

by:Faxxer
ID: 39770092
ok..I have an update.

I am unable to modify the secpol.msc settings despite adding my user as a network admin to the server, (which is supposed to be the highest authority isn't it?)

I went ahead and uninstalled the Kaspersky to test, I have had trust issues with A/V suites in the past and sometimes I just need to know.  Sadly it resolved nothing.

I also dropped the firewall on the domain side, again no joy.

I'm willing to try the secpol.msc edit, but perhaps you could assist me in gaining access to the properties instead of just poking my mouse at greyed out settings?  

I appreciate your help

ike
0
 

Author Comment

by:Faxxer
ID: 39832396
I gave up and ended up creating an address for each user so they could send their job to their pc.

Thank you for trying.

There are alot of other posts out on the internet regarding ImageRunner about this that seem to all be clammering with no solution also...frustrating.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Hyper-convergence systems have taken the IT world by storm and have quickly started to change our point of view of how the data center should and could be architected. In this article, I’ll explain the benefits of employing a hyper-converged system …
Learn about cloud computing and its benefits for small business owners.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now