Solved

Allow non-administrators to install printers (local).

Posted on 2008-10-07
5
1,734 Views
Last Modified: 2013-12-15
Question,


I'm deploying an image globally to a few hundred sales people. These users need to be able to install local printers on the machines, but cannot have poweruser/administrator privledges.


Can this be set with a local group policy to allow the installation?


The installs will be purely driver and not from CD's that require additional applications. Its possible that we can load the drivers onto the local machine. It is also possible to have the users VPN into the domain to perform some kind of task.


What to do? Sactfice security for the convienience of letting users install printers?


Can we do an install of the printer under administrator that will allow the end-user to simply add the printer?




Two policies I have found but am unsure if are helpful are:


Local Computer Policy | User Configuration | Administrative Templates  | Control Panel
| Printers there is the Point and Print Restrictions setting.

 Computer Configuration | Windows Settings | Security Settings | Local Policies| User Rights Assignment | "Load and Unload Device Drivers."
0
Comment
Question by:citslogin
5 Comments
 
LVL 5

Accepted Solution

by:
ccns earned 500 total points
ID: 22663660
Computer Configuration | Windows Settings | Security Settings | Local Policies| User Rights Assignment | "Load and Unload Device Drivers."

this is the policy you will need to enable on your computers in AD. will give access to deal to the printers.
0
 
LVL 1

Author Comment

by:citslogin
ID: 22663709
This has to be done in AD or can be done on local machines?
0
 
LVL 1

Author Comment

by:citslogin
ID: 22669919
I tried to set this policy but under add/remove printers the option for local printers is greyed out. Only network printers button is available.
0
 
LVL 1

Expert Comment

by:ifmtech
ID: 22670663
It sounds like you are editing the local policy.  I would suggest applying this change to a GPO in AD.  It is probably greyed out because it is being overridden by AD currently.
0
 
LVL 1

Expert Comment

by:ch_b
ID: 22691041
Try this link, this allows to run a specific line in you bat with higher priviledge:
http://www.computerhope.com/runas.htm
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question