Link to home
Start Free TrialLog in
Avatar of lanman777
lanman777

asked on

Deploying Point and Print in a Windows 2008, 2003 AD server environment to stop being prompted for security and UAC when selecting a new printer.

We use Dell and Toshiba (all in one) printers.
We have Windows 2008 and 2003 servers in our AD environment. Our print server is a 2003 R2 Standard Edition server. Our users are Windows 7 and a few Visa pc's. They can go to \\myprintserver from the command prompt and select printer to install. However, then it prompts them with the security warning prompt and "do you wnat to continue". They respond with Yes. However the print driver download begins and they then get a UAC prompt because they do not have sufficient credentials to download the driver. So our helpdesk person has to go by, login with there credentials and download the driver. Then they are ready to print.
We want to get around this issue. What is the best way to do this?
Implement Point and Print?
Pre-stage the print drivers on the pc's we image?
Upgrade our print server to Windows 2008?
Use only signed print drivers? (I am not sure we can always guarantee the download of signed drivers).

What would be best practices?
Avatar of ZephyrTC
ZephyrTC
Flag of United States of America image

You tried applying printers through a login script?

VBS can do this, and if you use a case statement with a little cool coding, you can apply printers as needed by users according to their security groups.

Here's a quick example of adding  a printer to a computer via VBS.

dim objNetwork

set objNetwork = CreateObject("Wscript.Network")

objNetwork.AddWindowsPrinterConnection "\\YourServer\PrinterShare"

set objNetwork = nothing

Open in new window


Also, in Server 2008, you can assign printers based on OUs in Group Policy. (this may be your preferred option).

Simply navigate to:
http://technet.microsoft.com/en-us/library/cc754699.aspx

Both linked articles are necessary.  
Also, if you go the scripting route with UAC enabled, you will need to apply this registry setting in order to allow the scripts to run:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Policies\System
EnableLinkedConnections=dword:1

This can be applied through GPO as well.
ASKER CERTIFIED SOLUTION
Avatar of Hypercat (Deb)
Hypercat (Deb)
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial