Win svr 2019 print server issue

Tim Richards Admin Account 1 Reputation point
2021-09-24T03:13:00.96+00:00

hello

we are hoping you can help. We have setup a new 2019 print server and run in to an issue.

For years we have used Group Policy targeted at security groups to map printers but all of a sudden with the new server new users or users with new laptops are not getting the printers mapped. If you do a gpresult you can see the following:

Result: Failure (Error Code: 0x80070bcb)

And if you check the event viewer on the client you see:

The user 'xxxxxxx' preference item in the 'Drive and Printer Mapping {xxxxxxxxxxxxxxxx}' Group Policy Object did not apply because it failed with error code '0x80070bcb The specified printer driver was not found on the system and needs to be downloaded.' This error was suppressed.

However, if you go \printserver\printer and connect the driver installs fine and after that the GP runs fine and you get a Result: success.

We have looked through google and done every possible combination (including Disabling) of Point and Print Restrictions GPO policy under both both the User Configuration tree under User/Policies/Administrative Templates/Control Panel/Printers; and the Computer Configuration tree under Computer/Policies/Administrative Templates/Printers but with no joy.

We also saw articles talking about KB3170455 but obviously that is for older server OS's. We also confirmed that the driver concerned shows as 'true' under Packaged in Print Management We would be really grateful if anyone has any suggestions.

cheers

Windows Server Printing
Windows Server Printing
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Printing: Printer centralized deployment and management, scan and fax resources management, and document services
655 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,506 Reputation points
    2021-09-24T12:01:32.343+00:00

    Hello @Tim Richards Admin Account

    This seems to be due to recent updates to protect from the PrintNightmare exploit. Only users with Admin rights would be able to see the printer because the would have access to the drivers. One workaround is to install manually the printer drivers locally, and this will allow any users on the computer to map the device. Otherwise Microsoft released an article regarding the printer and printer driver management post patching:

    https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872

    Hope it helps,

    ------------------

    --If the reply is helpful, please Upvote and Accept as answer--

    1 person found this answer helpful.
    0 comments No comments