Windows 10 live login

[Kidaver]

I've had about 50/50 shot of SMB scanning working on Windows 10 using Live Login instead of Local Account and I do not know what lets it work or not work. Any tips or advice?

[copier tech]

This is a copier forum.

Try https://answers.microsoft.com/

[slimslob]

This is a copier forum.

Incorrect. This forum on CTN is the Connectivity forum. This thread has to do with scanning from a copier to a Windows 10 computer which is a connectivity issue. Maybe you don't know anything about Connectivity, but most of us do.

[slimslob]

Personally I prefer using my Windows Live login only online for websites that require it. When you try to use it for SMB scanning you introduce far too many unknown characters into the whole transaction.

[copier tech]

Incorrect. This forum on CTN is the Connectivity forum. This thread has to do with scanning from a copier to a Windows 10 computer which is a connectivity issue. Maybe you don't know anything about Connectivity, but most of us do.

Yes now he has edited his post it becomes clearer what's he's asking, but thanks anyway.

"more specific question sorry copier tech (multitasking and addled brain)"

[copier tech]

But back to the question...................

I personally set up a new Admin log in account, call it scans for example & set a password, give this password to customer IT etc & ask them not to change it.

You can then use these credentials to set up SMB scanning etc.

[CompyTech]

Always setup a local account with a password for scanning, even do this on windows 7 and domain environments now too. Guy I work with even goes further and edits the registry to "hide" the account so the customer can't edit it and not see it on the login screen.

[rthonpm]

Always setup a local account with a password for scanning, even do this on windows 7 and domain environments now too. Guy I work with even goes further and edits the registry to "hide" the account so the customer can't edit it and not see it on the login screen.

In a domain environment, I'll generally request IT to create a service account for scanning, and then create shares with Domain Users granted read/write or modify permissions. The last thing you want to do is go through the trouble of creating a local account on a PC or server only to have the customer running a GPO that deletes any local accounts not in a whitelist. If you're able to put the account that the machine and share are using to authenticate outside of your hands, then it's one less thing to worry about. For the network environments I manage, I go to the level of creating a GPO for service accounts that deny them the ability to log into any machine on the domain. They can authenticate to a machine, or run a service on a PC, but someone that happens to find the password for the service account wouldn't be able to do much with it outside of the scan shares, which are the only things that they can authenticate to, since all of my workgroup customers are running a Professional version of Windows (one of my requirements for support), I'll create a similar local security policy on the machines for any account being used for scan authentication.

As for the Microsoft account scanning issue, keep in mind that a Microsoft account is more or less a means of authenticating to internet services, not the local machine. SMB works on the principles of local accounts (be they in a domain or a local PC), a Microsoft account is working as a shim on top of a local account on the computer without any visibility to what that account is so there's nothing for an external device to authenticate against. For the few workgroup customers I support, I've recommended creating a traditional local account for their PC's and then just associating their Microsoft account (generally O365) to that local account to allow local resources to continue to function.

[Kimi]

I've had about 50/50 shot of SMB scanning working on Windows 10 using Live Login instead of Local Account and I do not know what lets it work or not work. Any tips or advice?

Create a new use account and skip all the email account parts and go straight to basic username and password, share the folder with this account and it will work 100% of the time.