This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 47%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Back in the good old days, before PrintNightmare patches in 4Q21, we pushed printers out by Group Policy Printer Deployment. (Clarifying: Not with Preferences, but with Policies, using the Print Management MSC.) At the site I'm working on now, they were all per-computer, but the same thing applies to per-user printers elsewhere.
PrintNightmare patches, as most admins know, thoroughly broke GPPD.
Now, all workstations have zombie printers hosted by now-decommissioned print servers, and we can't get rid of them. Even brand-new user profiles inherit them.
They are removed from the printer GPOs via Print Management MSC. But because the print CSE doesn't work anymore, neither does the printer removal.
PowerShell Get-Printer doesn't even list them.
Standard users can't remove them (and never could, which is by design). Admin users can remove them, but they return.
I'm guessing that resetting Windows would get rid of them, since there's no trace left of them in Policy. But that's pretty extreme.
There are dozens or maybe 100s of references to the old print servers in the Registry, but I'm hoping only 1 or 2 of them, or flags in the printer settings, actually need to be removed. I can probably come up with some PowerShell magic to get rid of all of them--if that will address it. But I'm hoping there's a simpler way.
Anyone know a surgical way to get rid of them?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 74%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Ok, I have the exact same problem. Old Deployed Printers are unable to be removed.
I found that you can remove them from the hidden devices Printer Queues node of Device Manager (turn on Show Hidden Devices and expland the Print Queues Node) and they actually go away. I haven't tried scripting this with PowerShell yet but I see that it might be possible.
First, remove all references to the disconnected print server from the registry. I removed all references that included the old print server name. The printers now showed in the Printers and Devices list as Disconnected. I then opened Device Manager and removed the hidden print queues.
At this point, the printers disappeared from the list of Printers and Devices and did not return on reboots and logins.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 42%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
This has worked for me. Thanks for posting!
You can surgically remove them by editing the registry.
As you stated, the user was not able to remove printer. That is a feature with Deployed Printer.
The printers are added with a flag so they can't be deleted so clearing them from the registry is the way to go.
Start with HKEY_USERS\USERSID\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PushedConnections
There is also HKEY_USERS\USERSID\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PushedPrinterConnectionStore
When a connection does exist this will be a per user registry key based on their SID.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\Client Side Rendering Print Provider
The connections also live under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\Client Side Rendering Print Provider\Servers\SERVERNAME\Printers
Restart the Print Spooler service after the key clean up.
Again, the printers are LONG gone from the ...\Policies... keys as they were removed via GPPD many months ago. They don't depend on the printer CSE. But everything else is left behind by the now-disabled CSE.
I have found there are 100s of entries on each computer in varying locations. PowerShell can probably do this job by searching recursively for the names of the decommissioned print servers, and I'm probably up to the task of scripting it...but the time involved and the risk of borking large numbers of computers is not justified. Really need something that can be applied through some API that can be called by PowerShell or WMIC or some other means. And I concede the possibility that there isn't one.
On a related topic, I've inquired about the flag that's set by GPPD before in another thread and no one knew the answer. I know there must be one but I've not been able to find it, either. That flag is key to another project, already completed: A PS script that allows GPPD to add and remove printers, with the biggest missing piece being raising the flag that prevents removal except by GPPD (or my script). If you know where that flag is set, I'd love to be able to add it to the script.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(182.40000000000003, 6%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
None of these answers are helpful.
The answer to modify registry keys starting with "HKEY_USERS\USERSID" this is dynamic and different for every user. As are many of the printer GPO registry entries, many have SID notations encoded into the location which is different per GPO.
None of this makes it possible (at least not without gargantuian effort) to remove only the neccessary keys in an "Automated Fashion" (automated being the key part). I have 1000+ machine domain with this problem, and these and many of the solutions I've read throughout the forums are a disaster for automation.
Is this truly this broken?!
No, no solution yet, and at this point not expecting to find one. Although, as they say, hope springs eternal, so I do a web search or post a new thread from time to time when the issue pops up at yet another client.
But I do think I can answer whether this is truly broken: Yes, @Gerald , it is.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 79%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
I'm going through the same thing. Thankfully it's just a single workstation that was joined to a domain. Their DC and print server died. I tried all of the above and even searching for all traces of the registry for the printer name. I deleted all traces to no avail. Next step is to blow it all away. If you find anything, please reply to this.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello
Thank you for your question and reaching out.
Please create script or startup GPO using below command to delete unwanted or orphaned printers.
wmic printer where (name like '%%(copy %%') delete
--If the reply is helpful, please Upvote and Accept as answer--
Thanks, but that didn't work either. And I found WMIC PRINTER LIST BRIEF (like PS>Get-Printer) doesn't list the orphaned printers, so it makes sense it also can't delete them.
My hypothesis, is that the Policy is still present because the printer CSE is no longer capable of removing it, post-PrintNightmare patches. There are dozens or maybe 100s of printer-related registry entries containing the names of the decommissioned print servers & their printers. Probably, removing them will solve the problem, hopefully without causing other problems. But I'm not sure how to accomplish that across a single computer, let alone the whole domain.
Settings/Devices/Printers and Scanners appears to be building its list in part from that Policy, but the printers themselves are not enumerated by Windows for PowerShell, WMIC, or whatever because they're no longer there to enumerate.
If true, the focus needs to be removing orphaned Policy, not orphaned Printers. Haven't figured out how to do that.
The printers are no longer in HKLM or HKCU\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PushedPrinterConnectionStore, so Group Policy is being pushed to the machine correctly. But the printer CSE is failing to take over from there and work its magic on the Registry.
Hi JRV,Add the Print Server Role to a machine with Group Policy Management Console. The policy module from Print Management will now be loaded by GPMC and you can remove the old objects. There is no need to run any scripts. I discuss this method in one of the Vista technology guides from Microsoft but even I no longer have a copy. Thanks
@Alan Morris , thanks, but the Print Management MSC is installed and the old printers were removed from GP Printer Deployment many, many months ago. I know how it used to work, before PrintNightmare patches.
The problem is that the CSE no longer works after the PrintNightmare patches. It can't add printers anymore. It also can't remove printers added by GPPD before PrintNightmare patches were installed.
That last sentence is the subject of this entire thread, and I'm trying to find a scriptable solution.
I'm not sure what CSE is for you.
The Microsoft default for adding connection to shared printers when the printers use Type 3 drivers is that the users on the client system are required to have local administrative rights on the client systems.
If the user is admin, the connections should be added.
If the driver on the server is a Type 4, the connection should be added regardless of the client level of access to the system but the driver on the server is NEVER copied to the client system so the connection is created with a framework driver normally resulting in a degraded print experience.
You can change this default requirement by allowing non admins the ability to install the software from the print server, the software being the print driver.
The domain policy located in Computer \ Admin Templates \ Printers \ Limits print driver installation to Administrators
When you disable this policy a standard used can make the connection to a shared printer which uses a Type 3 driver.
CSE = Client Side Extension. A part of Group Policy that reads HKLM\Software\Policies and HKCU\Software\Policies and does whatever the Policy is supposed to do.
I know about the Policy settings you mention, and the additions to them that PrintNightmare patches required. But disabling PrintNightmare patching is unacceptable, and I'm not trying to get point-and-print back. Just GPPD.
GPPD did not use point-and-print but its CSE was disabled by PrintNightmare patches none the less, and has so far not been fixed. At this point, not holding my breath that it will be. Lots of threads about this from angry sysadmins on the major message boards about it.
I guess I could try disabling PrintNightmare patches, refresh Policy on every workstation, and then re-enable the patches. Not sure whether re-enabling point-and-print will re-enable the CSE but that might be worth a try.