3.2.5 Message Processing Events and Sequencing Rules
The Deployed Printer Connections client-side plug-in reads a list of printer connections, shared from a central server, that a network administrator would like to deploy to client computers, and it configures the client computer based on this information. The client computer then uses the applicable printer connection settings to create connections to printers that a user on the client computer can use.
When the client-side plug-in receives a Process Group Policy event (section 3.2.4.1), it MUST perform the following processing steps:
The client-side plug-in MUST initialize the DesiredConnections list abstract data model element (section 3.2.1) to the list of printer connections in the PreviouslyAppliedConnections list abstract data model element (section 3.2.1).
For each GPO in the Deleted GPO list parameter (specified in [MS-GPOL] section 3.2.4.1), the client-side plug-in MUST remove any printer connections from the DesiredConnections list that were assigned to the user or machine by this GPO, as determined by the GUID of the GPO.
The client-side plug-in MUST issue one LDAP search for each GPO in the New or Changed GPO list parameter ([MS-GPOL] section 3.2.4.1) to obtain a list of all new or changed printer connection settings. The message format for this LDAP search is specified in section 3.2.5.1.
The list of printer connection settings that was obtained from Active Directory in the previous step SHOULD be removed from the DesiredConnections list cache, as determined by the Group Policy Object (GPO) GUIDs. The list of printer connection settings MUST then be added to the DesiredConnections list.
The client-side plug-in MUST compare the DesiredConnections list with the PreviouslyAppliedConnections list, and then:
If a connection is in the DesiredConnections list and the PreviouslyAppliedConnections list, the client-side plug-in MUST do nothing.
If a connection is not in the DesiredConnections list but is in the PreviouslyAppliedConnections list, the client-side plug-in MUST delete the printer connection from the client system. The connection is removed from the Printer connections list abstract data model element (section 3.2.1) maintained by the spooler. This can be performed by calling a local operation equivalent to DeletePrinterConnection(UncPath).
If a connection is in the DesiredConnections list and not in the PreviouslyAppliedConnections list, then:
The client-side plug-in MUST add the printer connection by creating a new connection to the printer. The connection is added to the Printer connections list abstract data model element maintained by the spooler. This can be performed by calling a local operation equivalent to AddPrinterConnection(UncPath).
If the printer connection could not be added, a failure case MUST NOT be logged. The client-side plug-in MUST try adding the connection again during the next policy application.
A printer connection MUST be added or deleted for the current user only or for all users of the machine, depending on whether the connection settings are in the User section or Machine section of the GPO.
To determine this, the client-side plug-in MUST examine the SessionFlags parameter ([MS-GPOL] section 3.2.4.1) that is associated with the Process Group Policy event. If the Computer Policy Application Mode flag in SessionFlags is not set to 1, the client-side plug-in MUST temporarily impersonate the user by using the SecurityToken parameter ([MS-GPOL] section 3.2.4.1) that is associated with the Process Group Policy event, before adding or deleting the printer connection.<6>
The client-side plug-in MUST save the list of all the printer connections that it maintains as a new version of the PreviouslyAppliedConnections list.