Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Allow non-administrators to install printers (local).

Posted on 2008-10-07
5
Medium Priority
?
1,739 Views
Last Modified: 2013-12-15
Question,


I'm deploying an image globally to a few hundred sales people. These users need to be able to install local printers on the machines, but cannot have poweruser/administrator privledges.


Can this be set with a local group policy to allow the installation?


The installs will be purely driver and not from CD's that require additional applications. Its possible that we can load the drivers onto the local machine. It is also possible to have the users VPN into the domain to perform some kind of task.


What to do? Sactfice security for the convienience of letting users install printers?


Can we do an install of the printer under administrator that will allow the end-user to simply add the printer?




Two policies I have found but am unsure if are helpful are:


Local Computer Policy | User Configuration | Administrative Templates  | Control Panel
| Printers there is the Point and Print Restrictions setting.

 Computer Configuration | Windows Settings | Security Settings | Local Policies| User Rights Assignment | "Load and Unload Device Drivers."
0
Comment
Question by:citslogin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 5

Accepted Solution

by:
ccns earned 2000 total points
ID: 22663660
Computer Configuration | Windows Settings | Security Settings | Local Policies| User Rights Assignment | "Load and Unload Device Drivers."

this is the policy you will need to enable on your computers in AD. will give access to deal to the printers.
0
 
LVL 1

Author Comment

by:citslogin
ID: 22663709
This has to be done in AD or can be done on local machines?
0
 
LVL 1

Author Comment

by:citslogin
ID: 22669919
I tried to set this policy but under add/remove printers the option for local printers is greyed out. Only network printers button is available.
0
 
LVL 1

Expert Comment

by:ifmtech
ID: 22670663
It sounds like you are editing the local policy.  I would suggest applying this change to a GPO in AD.  It is probably greyed out because it is being overridden by AD currently.
0
 
LVL 1

Expert Comment

by:ch_b
ID: 22691041
Try this link, this allows to run a specific line in you bat with higher priviledge:
http://www.computerhope.com/runas.htm
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
Make the most of your online learning experience.
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question