IP Printer deletion via login script using wmic not working

I have a Server 2003 DC with about 80 XP Pro workstations at a client site. They recently purchased a new printer/copier to replace an older one. I was asked to help roll out the new copier and delete the old one on the XP workstations. The old one was setup with a direct IP connection on the XP stations and the new one is being shared as \\servername\printershare. I added the following to their login scripts and the addition of the new printer is successful but the deletion does not work when regular users log in.

rundll32 printui.dll PrintUIEntry /in /n\\SERVER\printername
wmic printer where "PortName LIKE 'IP_192.168.1.158%%'" delete

However when I login as an administrator or a user with admin rights this works perfectly - adds the new printer (first line) and deletes the old printer (second line) but when using a normal user (very little rights on the domain and on PCs as it is a classroom/training type location) the first line works and adds the printer but does not delete the old printer. I have checked the GP that is running and enabled the deletion of printers but that does not do it. I believe it is because the user does not have enough rights on the local machine to run WMIC but I am not sure.

I am looking for an easy/quick way to either give the necessary rights needed for WMIC on the local PCs to the users to do this without opening up other rights/issues or a replacement line in the login script to do the deletion of an IP based printer. Any help is appreciated.
rogersinghAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
Regular users don't have permissions to create or delete local printers; only network printers are user specific.
In other words: you need to map the network printer in the user's *logon* script, but delete the local printer using a *startup* script applied to the XP machines with a GPO.
rogersinghAuthor Commented:
GPO is a weakness of mine - possible to define exact steps please? I do understand what you are saying though and it makes perfect sense.
oBdACommented:
Create the startup script, put it into the netlogon folder, make sure it runs correctly as administrator (whether it works as a startup script is another matter ...), especially that there are no user input/confirmation prompts at all.
Add a new GPO to a test OU with a test workstation in which you enable a startup script ("Computer Configuration\Windows Configuration\Scripts"); do NOT browse to the script, just enter \\Your.ADDomain.Name\netlogon\YourScriptName.extension as script path.
Reboot the test machine, check the event log for errors in applying the GPO, check if the printer has been removed.
You can control the application of the GPO in the production OUs using security filtering (in the Scope tab of the GPMC).
How to Implement Group Policy Security Filtering
http://www.windowsnetworking.com/articles_tutorials/Group-Policy-Security-Filtering.html

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rogersinghAuthor Commented:
Ok, will do this today and let you know. Appreciate the insight!
rogersinghAuthor Commented:
Thanks - that worked! Points awarded!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.