windows 2003 domain with roaming profiles "adding printer" issue

Posted on 2011-04-26
Last Modified: 2012-06-21
This is the oddest thing I have had happen yet.  Recently I was told to delete the common AD accounts "IE = teacher1a, teacher1b, etc"  Then when the IT directors plan totally fell apart and didnt work, which didnt surprise me, he told me to re-make those accounts and re-attach their email and put back to normal.  Their home folders were re-added successfully and their email mailboxes were attached successfully also.  

Here is the odd issue, some, but not all, cannot re-add printers to their accounts.  Now I am running roaming profiles, which shouldnt be an issue.  Half can run a simple batch script and re-add all their printers, but half get an error that says they do not have local permissions.  I have checked the computers that work and the local permissions are no different than the ones that do not work.  The security is the same on all machines in AD as well.

What could I be missing in order to simply have all the accounts be able to add printers?  They are all running Windows XP SP.3 and my domain is a windows 2003 domain.

Any suggestions would be much appreciated.

thank you
Question by:ecubenetworks
    LVL 10

    Accepted Solution

    I think it's a profile issue , delete the old profiles from the machine and re-start , then re-login .
    LVL 10

    Expert Comment

    Also check event logs and look for errors.
    LVL 3

    Expert Comment

    Is printer drivers installed in system?

    Permission error occurs when user try create printer without permission to install proper drivers.

    Install printer drivers under administrator account.
    LVL 7

    Expert Comment

    What is the exact error message?
    Can you also post the batch script. If not then remove the @Echo Off from the script and then run the batch script manually to see the error.
    Also, Did you re-assign the permissions for the users on the printer? As these are new user accounts the SID will be different than before.

    Author Comment


    So you think it's the profile pulled from the server to the machine itself?  Not the profile on the DC?

    I'll give that a shot!

    God I hope this does the its like 3 of 100 users...weird!

    Author Comment

    Ok it HAS to be a profile issue!
    I deleted the local profile and still was occuring.  But then I thought that profile is pulled from the server (roaming) so if the server profile is bad, then the local one would be too.

    I turned off the roaming profile and deleted the local profile.  Logged in as the user and everything worked fine (minus the profile stuff from their desktop, which wasnt much as it is so is a good test)
    Next I'll try a new roaming profile and local profile and see if that does the job.

    thanks for your help!!

    Author Closing Comment

    On the right path! Is a profile issue between local and roaming!

    LVL 10

    Expert Comment

    Glad that it worked for you.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Suggested Solutions

    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now