Ricoh scan to folder issues

Re: Ricoh scan to folder issues

I remember something having to do with IEEE 802.11 in User tools - System Settings - Interface needing to be enabled when using Kerberos. I wonder if it might require a Certificate update for scanning to recognize the Ricoh as a valid domain device?

Re: Ricoh scan to folder issues

I haven't had any clients with this issue. But you know Microsoft, when things are going OK they love to change it up and make it difficult for us.

What version of Windows are you using?

Are you using SMB or FTP for scanning?

Re: Ricoh scan to folder issues

Scan folders on Server 2016-2022 depending on the client, all using SMB. Firmware for all models is up to date to allow SMB2/3.

I'm thinking it may not be a Kerberos issue as I removed all of the realm information from a machine and I'm still getting the same error, so even with NTLMv2 I'm getting the same issues: system log tells me the service account doesn't have permissions to the share, yet from a workstation I can log in with the same credentials and access the share without any issue. The account has Modify permissions on the folder so it can do everything other than change security permissions on it.

It's only an issue with older machines at this point, and not consistent so I'm going to probably pull network logs and check Group Policy as well. Of course, it's the customers I don't manage computers for having the issue so I don't have their GPO's listed out.

Sent from my Pixel 6 Pro using Tapatalk

Re: Ricoh scan to folder issues

Wireshark may also be useful as if might show a bit more than the machines logs.

See if you can export the the updated certificate from the server and the use WIM to install it on the Ricoh.

Re: Ricoh scan to folder issues

The certs I mentioned in the original post were actually just ciphers used for Kerberos. Microsoft has stopped supporting RC4 and older ciphers for Kerberos. Since these were older models that shipped with the old export grade ciphers (40-bit ciphers) I wasn't sure if modernity was finally catching up to them.

Doing a Wireshark this week on at least one of them.

Sent from my Pixel 6 Pro using Tapatalk

Re: Ricoh scan to folder issues

Now I understand the folder access problems that I have recently had in some clients.
Is there any known way to keep the service working? The only option you could use is to instruct users to scan files to the device's internal HDD and then download it through web access. Or by sending to e-mail.

Re: Ricoh scan to folder issues

I am wondering if maybe the the updated kerberos certificate may have changed what Modify is allowed to do, i.e. only modify existing files and not write/create a new file?

Re: Ricoh scan to folder issues

Forgot to update this:

Using the old Microsoft Network Monitor we were able to see the MFP attempt to make a NetBIOS query to the server and then never go beyond that. This was consistent over multiple clients. The issue in each case was the same: NetBIOS over TCP/IP was disabled in the environment.

Since the only device that needs this feature enabled is the file server: the rest of the network doesn't need it at all. By default, the servers take the setting from the DHCP server even though they have a static IP. To enable the feature, in the registry at HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Param eters\Interfaces for each interface that's listed change the NetBiosOptions key from 0 to 1. The possible options for this are: 0 = Use DHCP Server setting; 1 = Enabled; 2 = Disabled

After enabling it, and getting the appropriate exemption from one customer's Security staff, everything worked as it should with no issues. In both cases, the staff had changed their networks to remove NetBIOS due to security findings in related audits.