Forum Discussion
Universal Print Connector registration failed
No luck so far!
- Got promo code added to O365/AAD tenant.
- Installed UPC on home Win 10 Pro 1909 machine.
- Logged in with corp AAD non-GA user which has UP license provisioned.
- Attempting to register printer fails each time, Event Viewer shows I get a 403 Forbidden event.
- Home printer is a Brother MFC-J825DW.
Did I miss a provisioning step?
- Carlos_CapellanBrass ContributorI tried the newest Connector yesterday and now registering the printer worked for me on a non AD joined/registered PC (my home PC).
- MattStandingCopper Contributor
I am having the same issue. Account has the GA and PA roles. Machine is a Windows 10 Ent PC and is AAD joined:
AzureAdJoined : YES
EnterpriseJoined : NO
DomainJoined : YES
DomainName : ***
Device Name : ***.gmd.localWhen trying to register the connector I get:
"You don't have access to perform this operation"
- Rani_AbdellatifMicrosoft
If you're sure you meet the prerequisites described here, please create a support ticket.
- Rani_AbdellatifMicrosoft
Hi, Carlos!
The user that registers printers must have the Printer Administrator or Global Administrator role in AzureAD. You say you used a non-GA user, please try again with one of the above roles and let us know.
If you haven't added the Printer Administrator role in your tenant yet, you can find steps here.
- Carlos_CapellanBrass Contributor
Hi Rani_Abdellatif, added the Printer Administrator role to my account per the Powershell commands you sent along, waited about 2 hours so I'm positive the role is applied to my account, and still getting the exact same 403 Forbidden response when I try to register the printer in UPC.
Anything to try next?
- keeronMicrosoft
Hi Carlos_Capellan I work in Universal Print team (developer owning the Print Connector). Can you share the full error message (that contained the 403 error) with me offline (via private message). I specifically need a trace id from the request we made. Hopefully that might get us closer to finding out the underlying issue.
Keeron
- dnienhausCopper Contributor
Hi all,
i also experience the same issue.
Added my user to relevant AD roles (print administrator and global administrator) already a few days ago, but cant access the ressource: error 403.
any news about this topic so far?
- Carlos_CapellanBrass Contributor
dnienhaus hi there, for me the issue was that the machine I was trying to use it on was not AAD joined or AAD registered with our AAD tenant (it was just my personal home PC). When I tried on a different machine that was AAD joined (work laptop) I was able to register the printer with no issues.
I did not see anything about the registration failures in the Sign-In logs for the AAD user I was using, so I can't say it was our Conditional Access policies that were blocking it (arguably, the CA policies were *not* blocking because I was able to sign in and get the register printers step).
So, if you have the bandwidth, I'd say open a case and see if you can figure out what policy in the AAD tenant is blocking registering printers on non-AAD joined/registered machines. (Although to be fair, I'm only assuming AAD registered works, as it worked for me with an AAD joined machine)
Hopefully we can figure this out!
Carlos
- Rani_AbdellatifMicrosoft
dnienhaus, is your AzureAD user account with which you sign in to the connector app assigned a UP license?
Carlos_Capellan, thanks for chiming in! I'd be interested to know if what worked for you also works for dnienhaus so we could document it as a prerequisite. dnienhaus, please let me know.
The official connector machines prerequisites don't require the machine to be AzureAD-joined. The test machine I use for a connector is not joined to AD or AzureAD, and I'm signed in to the machine using a local user. For printer registration, the identity that matters on the connector is the one used to sign in to the app. It must be Global Admin or/and Printer Admin.