Solved

Allow non-administrators to install printers (local).

Posted on 2008-10-07
5
1,735 Views
Last Modified: 2013-12-15
Question,


I'm deploying an image globally to a few hundred sales people. These users need to be able to install local printers on the machines, but cannot have poweruser/administrator privledges.


Can this be set with a local group policy to allow the installation?


The installs will be purely driver and not from CD's that require additional applications. Its possible that we can load the drivers onto the local machine. It is also possible to have the users VPN into the domain to perform some kind of task.


What to do? Sactfice security for the convienience of letting users install printers?


Can we do an install of the printer under administrator that will allow the end-user to simply add the printer?




Two policies I have found but am unsure if are helpful are:


Local Computer Policy | User Configuration | Administrative Templates  | Control Panel
| Printers there is the Point and Print Restrictions setting.

 Computer Configuration | Windows Settings | Security Settings | Local Policies| User Rights Assignment | "Load and Unload Device Drivers."
0
Comment
Question by:citslogin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 5

Accepted Solution

by:
ccns earned 500 total points
ID: 22663660
Computer Configuration | Windows Settings | Security Settings | Local Policies| User Rights Assignment | "Load and Unload Device Drivers."

this is the policy you will need to enable on your computers in AD. will give access to deal to the printers.
0
 
LVL 1

Author Comment

by:citslogin
ID: 22663709
This has to be done in AD or can be done on local machines?
0
 
LVL 1

Author Comment

by:citslogin
ID: 22669919
I tried to set this policy but under add/remove printers the option for local printers is greyed out. Only network printers button is available.
0
 
LVL 1

Expert Comment

by:ifmtech
ID: 22670663
It sounds like you are editing the local policy.  I would suggest applying this change to a GPO in AD.  It is probably greyed out because it is being overridden by AD currently.
0
 
LVL 1

Expert Comment

by:ch_b
ID: 22691041
Try this link, this allows to run a specific line in you bat with higher priviledge:
http://www.computerhope.com/runas.htm
0

Featured Post

Report: Liquid Web beats Amazon, Rackspace & More

A study by performance analyst firm Cloud Spectator finds that Liquid Web beats rivals Amazon, Rackspace and DigitalOcean when it comes to website and cloud application performance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question