• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 315
  • Last Modified:

Deploying Point and Print in a Windows 2008, 2003 AD server environment to stop being prompted for security and UAC when selecting a new printer.

We use Dell and Toshiba (all in one) printers.
We have Windows 2008 and 2003 servers in our AD environment. Our print server is a 2003 R2 Standard Edition server. Our users are Windows 7 and a few Visa pc's. They can go to \\myprintserver from the command prompt and select printer to install. However, then it prompts them with the security warning prompt and "do you wnat to continue". They respond with Yes. However the print driver download begins and they then get a UAC prompt because they do not have sufficient credentials to download the driver. So our helpdesk person has to go by, login with there credentials and download the driver. Then they are ready to print.
We want to get around this issue. What is the best way to do this?
Implement Point and Print?
Pre-stage the print drivers on the pc's we image?
Upgrade our print server to Windows 2008?
Use only signed print drivers? (I am not sure we can always guarantee the download of signed drivers).

What would be best practices?
0
lanman777
Asked:
lanman777
  • 2
1 Solution
 
ZephyrTCCommented:
You tried applying printers through a login script?

VBS can do this, and if you use a case statement with a little cool coding, you can apply printers as needed by users according to their security groups.

Here's a quick example of adding  a printer to a computer via VBS.

dim objNetwork

set objNetwork = CreateObject("Wscript.Network")

objNetwork.AddWindowsPrinterConnection "\\YourServer\PrinterShare"

set objNetwork = nothing

Open in new window


Also, in Server 2008, you can assign printers based on OUs in Group Policy. (this may be your preferred option).

Simply navigate to:
http://technet.microsoft.com/en-us/library/cc754699.aspx

Both linked articles are necessary.  
0
 
ZephyrTCCommented:
Also, if you go the scripting route with UAC enabled, you will need to apply this registry setting in order to allow the scripts to run:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Policies\System
EnableLinkedConnections=dword:1

This can be applied through GPO as well.
0
 
Hypercat (Deb)Commented:
The easiest way, IMO, to deploy printers in the environment you've described is by using the Print Management console and group policies.  This allows you to deploy printers through group policies and bypasses the need for local users to have an administrative-level password to install printer drivers.  

Here are a couple of Technet articles:

http://technet.microsoft.com/en-us/library/cc731292.aspx

http://technet.microsoft.com/en-us/library/cc725938.aspx
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now