Super. Thanks for the update
Deploy Printers GPP nots works in Windows Server
I have a problem with my network printers server and GPO, I tried to deploy printers in users in my company but impossible.
I saw many topics talking about PrintNightmare vulnerabilities and Microsoft patch it but still impossible to do something.
I tried many solutions like :
1.Via Group Policy (Computer Configuration > Preferences > Windows Settings > Registry), I added the registry entry “RestrictDriverInstallationToAdministrators” to “HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint” and set to 0 (DWORD).
- Enabled the following in a GPO:
Computer Configuration > Policies > Administrative Templates > Printer > Package Point and print - Approved servers > [Enter FQDN(s) of print server(s).]
Computer Configuration > Policies > Administrative Templates > Printer > Point and Print Restrictions > [Enable and enter FQDN(s) of print server(s). I personally set security prompts for “Do not show warning or elevation prompt”.]
User Configuration > Policies > Adminstrative Templates > Control Panel > Printers > Package Point and print - Approved servers > [Enter FQDN(s) of print server(s).]
User Configuration > Policies > Administrative Templates > Control Panel > Printers > Point and Print Restrictions > [Enable and enter FQDN(s) of print server(s). I personally set security prompts for “Show warning only”.]
- You may also want to confirm that you have “Computer Configuration > Policies > Administrative Templates > System > Driver Installation > Allow non-administrators to install drivers for these device setup classes” set up with {4658ee7e-f050-11d1-b6bd-00c04fa372a7} and {4d36e979-e325-11ce-bfc1-08002be10318}, which are both printer-related. But if your deployed printers were working before that update went out, then you may have already had this set!
Or regedit update, but nothing works, always have a prompt elevation to deploy a printer to a non-admin domain user
There is a solution or I need to move to each user and install manually ?
Thank you !
Best Regards,
6 additional answers
Sort by: Most helpful
-
Jérémy MUNOZ 36 Reputation points
2022-03-28T16:02:00.76+00:00 Hey !
I succeed to deploy with Active Directory share and GPO.
I follow this site : https://rdr-it.com/en/troubleshooting/kb5005033-allow-non-administrators-to-install-printer-drivers/
And I active sharing with AD in my printers, so when my user is connected the printer is installed with print server name
https://www.technipages.com/add-delete-printers-active-directory
-
Jérémy MUNOZ 36 Reputation points
2022-03-29T06:58:50.217+00:00 Well I will resume my configuration before close this topic :
I configure GPO Point and Print Restriction :
Computer Configuration / Policies / Administrative Templates / Printers with "Do not display warning or elevation prompt"I create a regedit key in my GPO :
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint**RestrictDriverInstallationToAdministrators**
REG_DWORD value data 0
And in Common properties I checked **Delete the element when it is no longer applied **In my printer server, I activated sharing for each printers and list in Active Directory,
I used GPP from my print serverIf you want to follow :
- https://www.technipages.com/add-delete-printers-active-directory
- https://rdr-it.com/en/troubleshooting/kb5005033-allow-non-administrators-to-install-printer-drivers
@Alan Morris Thanks again for your help and your time !