Authentication issue with MP4000

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • ittim
    Technician
    • Aug 2011
    • 19

    #1

    Authentication issue with MP4000

    Hi all, A couple of years ago I set up our MP4000 to authenticate against our Active directory and it worked well.

    I've had to amend the settings as we have changed our domain which includes the domain controller and the exchange server.

    Now, i've managed to set up the ldap server to a point where the test connection comes back as ok. All set to cleartext auth yet for some reason I cannot get the copier to log in as any user.

    Can anyone suggest what I may be missing? as far as I can tell its all correct.
  • rthonpm
    Field Supervisor

    2,500+ Posts
    • Aug 2007
    • 2848

    #2
    Re: Authentication issue with MP4000

    Did the server OS change? If it's running server 2012 you will probably need to see about getting the firmware updated on the device to work with Microsoft's SMB3 implementation in Windows 8/Server 2012.

    Comment

    • ptrflrs
      Glorified Parts Swapper

      100+ Posts
      • Dec 2010
      • 192

      #3
      Re: Authentication issue with MP4000

      agree with rthonpm might be new and/or special firmware fix
      jesus loves you! (everyone else thinks you're an assh*le)
      street cred: CompTIA A+ & Network+ Certified; Konica Minolta Gold Seal x2,
      Konica Minolta Outward ASSociate, Ricoh, Sharp, Lexmark trained

      Comment

      • ittim
        Technician
        • Aug 2011
        • 19

        #4
        Re: Authentication issue with MP4000

        Thanks for the replies, no theres no OS change, still on 2003.

        Comment

        • rthonpm
          Field Supervisor

          2,500+ Posts
          • Aug 2007
          • 2848

          #5
          Re: Authentication issue with MP4000

          A couple of things come to mind:

          1. Authentication: is there a domain user account used to access LDAP that isn't on the new DC?

          2. If it's using cleartext for the password, does the group policy for the domain/OU allow the server to accept the connection?

          3. Did the domain name change? If so, does the copier recognise the new domain?

          Generally, I recommend that IT departments create a unique user account for the device to access the network with. From that, depending on the overall security requirements of the domain, I've had a few admins create a special OU for the copier's account (or multiple accounts) that allow the machine a slightly lower level of security, while taking away the ability for the account to interactively log onto a workstation.

          Comment

          • ittim
            Technician
            • Aug 2011
            • 19

            #6
            Re: Authentication issue with MP4000

            Thanks for the reply rthonpm, do you happen to know what privalages the account requires? I'm using my credentials as a domain admin but since the domain move I have had other issues with security as our new parent company are a bit over the top on their security so I may not have all the correct rights for the copier.

            How would I check that the copier has recognise the new domain?

            Thanks

            Comment

            • rthonpm
              Field Supervisor

              2,500+ Posts
              • Aug 2007
              • 2848

              #7
              Re: Authentication issue with MP4000

              If you're using a domain admin account to authenticate, you should have rights to hit any shares you need to. Before going too deep down the rabbit hole, just a few things:

              1. Are the shares you're trying to access on the DC or a server that was changed? If so, do the permissions show that Domain Users or the correct groups have Modify rights to them? Full control is never a good choice for any non-administrator accounts since it leaves the ability to change security settings open.

              2. Are the shares set to share at all?

              3. Can you access the shares from a workstation, and add/remove files?

              As for the copier seeing the new domain, from the web interface, if you look at the network settings it should show the domain name it's getting from the network. More than likely, it will be in parenthesis.

              Comment

              • ittim
                Technician
                • Aug 2011
                • 19

                #8
                Re: Authentication issue with MP4000

                Its not shares i'm looking to log into , it was set so that users had to authenticate to scan / scan to email. We've never used it to scan to a network share.

                Since my last post i've spoken to a guy from our copier support company, i've now got it set with no authentication. Users can scan to email. So although i've lost the security there it is at least working.

                One thing that is annoying though is I can no longer search our company address book and that is despite having all the ldap settings in place and it testing ok on the connection.

                Comment

                Working...