Windows Server 2019 - Printers No Longer Deploying

Matt 6 Reputation points
2022-02-16T13:09:15.547+00:00

I have a complicated problem I need some assistance with. I administer a small network for my employer on a part time basis. I do not consider myself to be an outright professional at this, but I seem to get by with my 30 years of computer tinkering experience.

Let me paint the picture. We have a small organization of approximately 25 members. Our active directory has a policy to deploy 4 printers on a by-user basis. Everything functioned normally approximately 10 months ago. Recently, we hired a new employee and I noticed that the printers are no longer deploying. I also built a new machine for a different employee, who also is not getting printer deployment. The printers deploy from a server separate from the domain controller, which seems to be functioning without issue..

I dug around and found the following symptoms: On the print server, I found the printers were missing from Deployed Printers. I rebuilt them using the same GPO policy as before. After a rebuild and refresh, they again disappear. I tried creating a new GPO policy and redeploying with the same result. On the domain controller, if I try to right click on any printers, the system will infinitely hang-up until I stop the print spooler. I have a strong feeling the issue is with a corrupt printer driver on the DC, although I cannot confirm this. Or something with AD, but that almost never changes. The only change I've made to AD in the last year was the addition of a new policy enforcing strict passwords.

I am happy to completely start from scratch with the printers. Wipe the slate clean. But I cannot even do that. I cannot remove or uninstall any printers or drivers on the domain controller. The system hangs up no matter what I try, as long as the print spooler is running. I have even tried powershell commands, which hang up as well. And I cannot address anything with the print spooler off.

There is only so much I can do, especially since this DC is a 24 hour production machine. I've run out of ideas. Any thoughts?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,950 questions
0 comments No comments
{count} vote

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,591 Reputation points
    2022-02-17T14:36:14.887+00:00

    Hello @Matt

    This is due to recent updates to protect from the PrintNightmare exploit.
    Only users with Admin rights would be able to see the printer because the would have access to the drivers. One workaround is to install manually the printer drivers locally, and this will allow any users on the computer to map the device. Otherwise Microsoft released an article regarding the printer and printer driver management post patching:

    https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872

    Hope this helps with your query,

    --
    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.