GPO not mapping printers at times

Roberto 646 Reputation points
2021-09-22T13:09:58.39+00:00

Hello.

Our clients run Windows 10 Enterprise, and the domain controllers are still Windows Server 2012 R2.

Recently many users report that they don't see the printers when logging onto some PCs but they see them when logging onto other PCs.
This happens both for users with roaming and local profiles.
Printers are mapped for users via GPO, with option "Run in logged-on user's security context.." enabled.

When users then try to map the printer manually, they are asked for administrator credentials for installing the driver, and of course at that point they call the helpdesk.

I tried to run gpupdate/force but it didn't help.
gpresult reports the gpo has been received.
Once I install the device drivers on the client, the printers are mapped for the users.

Can anybody help me sort this out?

Thank you and best regards.
Roberto

Windows for business | Windows Server | User experience | Print jobs
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments No comments
{count} votes

Accepted answer
  1. Philippe Levesque 5,836 Reputation points
    2021-09-22T14:51:03.023+00:00

    Hi

    Microsoft release a new KB that affect the point and print behavior.

    See that link for detail; https://support.microsoft.com/topic/873642bf-2634-49c5-a23b-6d8e9a302872

    To resume it, you need new registry to make it act like before.

    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
    RestrictDriverInstallationToAdministrators, 0

    It was to prevent a security risk they changed the way they do it, just to state it, as making the registry change can open you to a risk.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Limitless Technology 39,926 Reputation points
    2021-09-23T07:48:26.727+00:00

    Hello Roberto,

    This is due to recent updates to protect from the PrintNightmare exploit.

    Microsoft released an article regarding the printer and printer driver management post patching:

    https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872

    Hope it helps,


    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.