The best way to secure SMB scans??

**zed255** · 12-31-2010, 07:22 PM

How do the clients think their scans are going to get into the folder if it isn't shared? They can assign different permissions to the folders based on user and group. For instance, John Doe scans to a folder only he has full permissions for, all other users are denied any access, even listing contents. If the folder is properly secured what's the issue with seeing the path? Even if somebody knows the path they would need John Doe's credentials to access the folder.

IMHO, this is something for the client's IT to work out.

**Vulkor** · 01-12-2011, 04:57 AM

Just don't use Simple File Sharing. Share the Folder only to that username/pass per pc and each smb scan destination on copier would need that user/pass. That way only copier and The person can only get in their pc's shared files.

**Morlock49** · 01-21-2011, 03:48 AM

There is another way. if the customer does not want to share folders out , then use network twain and a program like paperport and have the user pull the scan from the copier, and store the scanned image in a secure folder. not elegant but if security is paramount.

**Mr Spock** · 01-21-2011, 05:34 AM

use the advanced sharing option (turn off simple file sharing)
set up the folder like this
users\docs\scanned\bob
users\docs\scanned\mary
users\docs\scanned\larry
etc.

setup a user copier password copier (password cannot expire)
go to the properties of the scanned folder then security tab. add copier to the list with full permissions
in each of the user folders just make sure only that user has full permissions and no one else is listed.
set up one touches for each folder using the copier as the login id
The folder will accept the scan from the machine but only the individual user can access the file (and the copier account but don't tell them).

**Vulkor** · 02-02-2011, 02:07 AM

Of course most IT guys don't like their being a blanket user account named Copier on every pc. Especially if someone knows the password. But yeah I've done it that way before

**JR2ALTA** · 02-02-2011, 04:48 AM

So, if I am understanding correctly....You don't really need "allow all permissions" like i've been taught? Do I uncheck "Everyone" ?

The problem I have is allowing all permission makes it visible in My Network Places and //hostname through the Run command.

Can all this be done without Active Directory?

I feel dumb, but I can't wait to try this stuff out! Thanks guys

**Stirton.M** · 02-02-2011, 08:10 AM

SMB scanning can be set to anything you want. There are restrictions in some cases, like with domain controllers, but in general, any windows machine with a shared folder can make it public, or password protected to the specific user of that computer or folder if the share is set at a server.

Just because you can "see" the folder shared, does not mean you can view the contents unless you have the login and password authorized from that computer. Even multiple users on a single computer can have separate shared folders that the others cannot see without prior setup to allow those users to view the others in advanced sharing.

Alternatively, if the copier has user boxes, for example, is a Konica Minolta device, anyone can set up a personal user box, password protect it for their own use, scan and print to and download from that user box securely. I would assume that competitor machines would have something similar to this ability, though I cannot say with any certainty.

**RRodgers** · 02-02-2011, 04:09 PM

You can use the admin share that is usually hidden anyway's C$.

**hackersun** · 02-08-2011, 11:38 AM

aficio 3025 with windows 7

I have a folder with Windows 7 ordeandor shared with everyone, and firewall off completely, but in the copier ricoh aficio 3025 smb port never see the folder when you scan and send the document, everything is perfect, user without a password on windows 7. Why not send the document?

**RRodgers** · 02-09-2011, 03:35 PM

Originally posted by JR2ALTA

This question is nothing new, but recently I've had customers very upset that their folders must be shared with SMB.

First I was using the sharename$ trick to hide the folder on the network, then I remembered the Path will show up on the copiers address book.

Now, I've told them that move sensitive docs to an unshared folder.

Looking for any other ideas.

Thanks

Is this on a Konica Box? The Konica's support putting a password on the document before you scan it over.

**Stirton.M** · 02-28-2011, 02:15 PM

Differentmed

GET LOST ASSHOLE!

Nobody here wants your crap that you sell. Find another place to screw with.

**jeffreyclay** · 03-01-2011, 01:09 AM

Since SMB isn't secure (never was, read about it on Microsoft's tech notes) Why not use WEBDAV with SSL certificates?

The best way to secure SMB scans??

The best way to secure SMB scans??

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment