This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 15%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hello.
Our clients run Windows 10 Enterprise, and the domain controllers are still Windows Server 2012 R2.
Recently many users report that they don't see the printers when logging onto some PCs but they see them when logging onto other PCs.
This happens both for users with roaming and local profiles.
Printers are mapped for users via GPO, with option "Run in logged-on user's security context.." enabled.
When users then try to map the printer manually, they are asked for administrator credentials for installing the driver, and of course at that point they call the helpdesk.
I tried to run gpupdate/force but it didn't help.
gpresult reports the gpo has been received.
Once I install the device drivers on the client, the printers are mapped for the users.
Can anybody help me sort this out?
Thank you and best regards.
Roberto
Hi
Microsoft release a new KB that affect the point and print behavior.
See that link for detail; https://support.microsoft.com/topic/873642bf-2634-49c5-a23b-6d8e9a302872
To resume it, you need new registry to make it act like before.
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
RestrictDriverInstallationToAdministrators, 0
It was to prevent a security risk they changed the way they do it, just to state it, as making the registry change can open you to a risk.
Hi @Philippe Levesque
Hi @Limitless Technology
Thank you. That solved the problem. :-)
Roberto
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 81%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Still having to do this to allow GPO to deploy printers. I have locked down every other part of the PrintNightmare recommended settings but cannot get round this. Isn't it about time Microsoft fixed this?
Hello Roberto,
This is due to recent updates to protect from the PrintNightmare exploit.
Microsoft released an article regarding the printer and printer driver management post patching:
Hope it helps,
--If the reply is helpful, please Upvote and Accept as answer--