This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 85%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Dears,
the latest Windows updates is causing a lot of problems with network printers mapped on a print server.
Reference:
KB5005652—Manage new Point and Print default driver installation behavior (CVE-2021-34481)
Managing deployment of Printer RPC binding changes for CVE-2021-1678 (KB4599464)
The two recent patches (KB5004945, KB5004760, or KB5003690) causes these two main problems:
2) unable to use the print server with the new registry key RpcAuthnLevelPrivacyEnabled
The system logs reports this error: 0x0000011b
The two workarounds that you have to apply to survive and allow corporate users to be able to use the print server are:
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint
RestrictDriverInstallationToAdministrators = 0
2) Apply this registry key to disable the new default settings related to the print spooler vulnerabilities
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print
RpcAuthnLevelPrivacyEnabled = 0
The above workarounds are only a temporary solution to survive and allow users to print.
What is unclear to me is what should be the right way to manage these settings in a corporate environment without any end user interaction.
So, if I want to be protected and apply the recent security fixes without asking the end users to do something, what should I do?
Microsoft states that you need to set "RpcAuthnLevelPrivacyEnabled" to "1" on both Client and Print Server in order to be protected, but if you do this, you can't print.
So, what should we do in a Corporate environment to be secure and print without any end user interaction about "driver installation" etc.?
Thanks in advance
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 48%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVF%3C/text%3E%3C/svg%3E)
Had a problem with printer with job abord: Failure in UIO create address from IP Address. Computer is running windows 11 now after upgrate and the HP Laserjet printer model P2015d will not print. Contact HP and they comfirmed that this printer which is older model is not support/operate with windows 11. Purchase a brother laserJet printer for $159 and printing is OK. No more printing issues.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 37%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERA%3C/text%3E%3C/svg%3E)
In my case RpcAuthnLevelPrivacyEnabled = 0 on the Windows 10 clients running Windows 2019 LTSC helped. Server is older windows thus it do not have RpcAuthnLevelPrivacyEnabled settings att all.
Hope it was helpful
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 1%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFG%3C/text%3E%3C/svg%3E)
Where do you enter this RpcAuthnLevelPrivacyEnabled = 0 in WIndows 10 registering path?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(208, 47%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
After updating to the Universal HP print Driver v7.0.1 I am getting the following. This can be resolved by each user going into the Job storage tab and clicking the Radio button to Off. The issue with this is that my print server already has this as defaulted to Off and Off is selected when the client goes to "Select" the radio button again
Normally folks have been adding this setting to the machine sharing the printer.
If you wish to connect Windows to a Linux system over SAMBA, then setting this on the Win 10 system is correct,
Add a new registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\RpcAuthnLevelPrivacyEnabled (type DWORD)
Set the new key value to 0.
Restart the Print Spooler service.
Thanks
Removing the Printer from Server and reinstalling it fixes the issue. The registry key "RpcAuthnLevelPrivacyEnabled" did not fix the issue.