Jan 19 2023 10:21 AM
Has anyone seen issues adding a Brother printer to Universal Print?
I purchased a MFC-L5700DW to use Universal Print.
I've authorized the "Brother Universal Print Hardware Client" as a Global admin, and it seems to have solid permissions:
I've updated the printer to the latest firmware: Main: ZV2212051025 SUB1: 1.56
Registration seems to succeed on Azure's side -- registering with a Global admin (& Print admin):
But the printer simply reports it "timed out" every time:
Has anyone seen this?
Jan 19 2023 11:55 PM
Jan 20 2023 09:03 AM
Jan 23 2023 08:26 AM
Jan 23 2023 10:11 AM
We opened a ticket on Microsoft and they told us to contact Brother. Then we opened a ticket to Brother universal print department “ask an expert” and we are still waiting for a call or email.
Please if you get any update let us know
Thanks
Jan 23 2023 10:39 AM
Jan 23 2023 11:14 AM
Jan 24 2023 01:45 PM
Thanks all for the report. We are actively investigating the issue. We will post an update once we have more information to share.
Jan 24 2023 02:18 PM
@Nicholas Semenkovich same issue here, with a Brother MFC-L6900DW
getting "Registration timed out. Please try again. (ECODE:0x01,0x32000003,-98,0)" every time.
I have opened a support case with both Azure support and Brother but nothing re a fix yet. Brother have advised "We can see that an investigation has be lodged with our Technical specialists in Japan"
It's alarming to learn our print jobs rely on more than just the printer hardware and the Azure UP Service.
Jan 25 2023 08:44 AM
Jan 25 2023 08:46 AM - edited Jan 25 2023 08:49 AM
We got a reply on our Brother ticket at 01/25/2023:
"""
We assume the cause might be caused due to “cipher suites” change at Microsoft side. Nothing changed at our side. We are already communicating with Microsoft about this situation.
"""
No estimated time to fix or workaround (other than deploying the Print Connector)
Jan 25 2023 08:55 AM
Jan 25 2023 08:56 AM
Jan 25 2023 05:54 PM
Thank-you for your patience as we investigate ways to resolve the issue.
Current information shows that it’s going to take a bit of time before things will be sorted out as the fix will involve a combination of updates from Microsoft and Brother.
In the meantime, one option is to temporarily use Universal Print connector software to register the affected Brother printers until the official updates are released.
If you are already familiar with the Universal Print connector software, then you basically want to register the same physical printer through the connector software and “swap” the printer. The reason why you want to “swap” the printer is because this will allow your client machines that already have the printer installed to continue to work without needing to re-discover and install the printer.
Here are the steps to add the additional printer registration and swapping the printer without changing your printer share.
If you are not familiar with the Universal Print connector software, please refer here for details.
Hope this helps to unblock the immediate needs while we continue to address the root issue.
Regards,
Jimmy
Jan 26 2023 10:14 AM
Jan 26 2023 11:08 AM
Jan 27 2023 05:23 PM
Hi all,
We would like to provide a bit more context of the recent change that impacted these printers. Microsoft is required to make changes to make TLS 1.2 more secure. Unfortunately, these changes impacted Brother printers that were using the recently deprecated ciphers.
Listening to your feedback regarding the difficulty of using the workaround. We are working to temporarily allow Brother printers to connect to Universal Print until they can publish printer updates supporting stronger ciphers.
We expect the rollout for the temporary connectivity access to be complete by Feb. 3, assuming no other issues were hit.
We are actively discussing how we can better provide early notice to partners and allow for time to make the necessary changes going forward.
Regards,
Jimmy
Jan 27 2023 05:40 PM
Jan 27 2023 09:40 PM
Jan 28 2023 08:29 PM - edited Jan 30 2023 09:40 PM
Edit: @Jimmy_Wu It is probably clearer if I explain what seems to be the issue by way of screen shot. I have attached the relevant screenshots. One attachment is the registration workflow on the brother side of things. As you can see, the permission grant on the microsoft side doesn't show up in the workflow. So it looks like it is able to register the application in the users tenant, and then gets stuck when it should then advance to the granting of admin permissions.
The other is the workflow to manually grant admin permission to the tenant for the brothe app.
As I mentioned in the original post, cipher suites and TLS updates don't seem to be the issue. It would seem that someone at brother simply needs to add the url to the application registration as a reply URL. Since this is a multi tenant app, only the App owner (brother) can do this. If I am correct this is literally a 15 second fix that requires no further investigation or input from microsoft.
I opened a support chat for this earlier this week because I got this error on the brother side as well when trying to register a new printer, but when I tried to manually accept permissions for my tenant on the AAD side, I got this error:
AADSTS50011: The redirect URI
'https://entra.microsoft.com/TokenAuthorize' specified in the request does not match the redirect URls configured for the application '40af16e9-e149-4a7d-88d3-6a8e300ef866'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to
https://aka.ms/redirectUriMismatchError to learn more about how to fix this.
Seems to me the fix is as simple as adding the entra token auth url to the brother app. Only brother can do this.