Forum Discussion

Nicholas Semenkovich's avatar
Nicholas Semenkovich
Brass Contributor
Jan 19, 2023

Unable to add Brother printer / Registration timed out

Has anyone seen issues adding a Brother printer to Universal Print?   I purchased a MFC-L5700DW to use Universal Print.   I've authorized the "Brother Universal Print Hardware Client" as a Global...
Jimmy_Wu's avatar
Jimmy_Wu
Iron Contributor
Jan 28, 2023

Hi all,

 

We would like to provide a bit more context of the recent change that impacted these printers.  Microsoft is required to make changes to make TLS 1.2 more secure. Unfortunately, these changes impacted Brother printers that were using the recently deprecated ciphers.

 

Listening to your feedback regarding the difficulty of using the workaround. We are working to temporarily allow Brother printers to connect to Universal Print until they can publish printer updates supporting stronger ciphers.

 

We expect the rollout for the temporary connectivity access to be complete by Feb. 3, assuming no other issues were hit.

 

We are actively discussing how we can better provide early notice to partners and allow for time to make the necessary changes going forward.

 

Regards,

Jimmy

  • Jimmy_Wu's avatar
    Jimmy_Wu
    Iron Contributor
    Feb 03, 2023
    Update:
    The rollout for temporary connectivity has completed. If you are encountering issues with registering new printers or printer connectivity to Universal Print, please post a reply.

    Thanks everyone for your patience.
    • Chris98072Gb's avatar
      Chris98072Gb
      Copper Contributor
      Feb 09, 2023

      Jimmy_Wu 

      Additional information on the printer configuration required during this workaround period (Feb 02, 2023 -> ??).

       

      The Brother MFC printer setting "TLS Settings > TLS Protocol (Client)" must be set to the default value of (TLS 1.0/1.1/1.2) to successfully collect print jobs from the Universal Print Services. We find that setting this value to "TLS 1.2" will cause the connections to fail and jobs to remain stuck in the "Pending" or "Processing" state in the UP dashboard.

       

      -Chris

      • Jimmy_Wu's avatar
        Jimmy_Wu
        Iron Contributor
        Feb 09, 2023
        Thank-you for this additional information. I will pass this to my contact within Brother.
    • georgepambous's avatar
      georgepambous
      Copper Contributor
      Feb 03, 2023
      Hello Jimmy,

      All our printers on all offices worldwide are now able to receive print jobs and also tried to enroll new one and completed successfully.

      Thanks and next time keep us informed before making any changes that affect users.
  • mps1_mpslegalsupport's avatar
    mps1_mpslegalsupport
    Copper Contributor
    Jan 29, 2023

    Edit: Jimmy_Wu It is probably clearer if I explain what seems to be the issue by way of screen shot. I have attached the relevant screenshots. One attachment is the registration workflow on the brother side of things. As you can see, the permission grant on the microsoft side doesn't show up in the workflow. So it looks like it is able to register the application in the users tenant, and then gets stuck when it should then advance to the granting of admin permissions.

     

    The other is the workflow to manually grant admin permission to the tenant for the brothe app. 

     

    As I mentioned in the original post, cipher suites and TLS updates don't seem to be the issue. It would seem that someone at brother simply needs to add the url to the application registration as a reply URL. Since this is a multi tenant app, only the App owner (brother) can do this. If I am correct this is literally a 15 second fix that requires no further investigation or input from microsoft.

     

     

    I opened a support chat for this earlier this week because I got this error on the brother side as well when trying to register a new printer, but when I tried to manually accept permissions for my tenant on the AAD side, I got this error:

    AADSTS50011: The redirect URI
    'https://entra.microsoft.com/TokenAuthorize' specified in the request does not match the redirect URls configured for the application '40af16e9-e149-4a7d-88d3-6a8e300ef866'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to
    https://aka.ms/redirectUriMismatchError to learn more about how to fix this.

    Seems to me the fix is as simple as adding the entra token auth url to the brother app. Only brother can do this.

    • YVR007's avatar
      YVR007
      Copper Contributor
      Jan 31, 2023

      One more here impacted by the same issue and keen to find a solution.  

      mps1_mpslegalsupport 

  • georgepambous's avatar
    georgepambous
    Copper Contributor
    Jan 28, 2023
    Dear Jimmy,

    Finally, we here some great news. Please speed up the process if is possible to not waste one more week without UP printers.

    Please understand also us SysAdmins that they blame us without knowing what is happening and without changing anything.

    1st was the defender shortcuts that was triggered as malicious and now the UP printers not connecting.

    Please let us know if anything changes so we can also inform our people.
  • Chris98072Gb's avatar
    Chris98072Gb
    Copper Contributor
    Jan 28, 2023
    Hi Jimmy,

    This is great news, thank for the quick update and your continued attention to this issue. I'm pleased to hear this incident might help improve the change messaging and coordination with partners in the future.

    Cheers,
    -Chris

Resources