We help IT Professionals succeed at work.

GPO - Deploy Printers

596 Views
Last Modified: 2014-05-07
We are running a windows 2008 R2 AD and I'm rolling out a GPO to deploy printers.  It's in the testing phase now but I accidently added it to the entire domain.   Everyone got the test printers which I didn't want.  I removed the link to the domain and not only the test printers where removed but the printers we'd manually connected to on some workstations.

Any thoughts on how I can prevent this from happening as I only wanted to remove the test ones.

Thanks ..
Comment
Watch Question

Information Security
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Joel BrownIT Director

Author

Commented:
@ Ricardo,


If they had manually connected to printer " A " and then through gpo I added printer " A " again ....  would removing them from the gpo have removed both ?    

Joel
Joel BrownIT Director

Author

Commented:
@ Ricardo,

Just to confirm in the GPO I can add " Authenticated Users " to the Security Filter but unless I link the GPO to an OU it won't apply to anyone .......

I'm assuming it looks at the OU members and then only applies to those which are also in the Security Filter box ......   I only have one domain so things are pretty simple ...

J
Ricardo MartínezInformation Security

Commented:
Neither way, if you want to remove the added printer you need to select the option "Delete" from the dropbox where you added it, the one that has Add, Update, Delete, Replace options.

From the context of printer "A" you mentioned, it's possible that it have replaced the manually added printers, and somehow when you removed the link of the policy it deleted them all, but it's not the normal behavior.

Yes, you can add a group to the security filter so only those users get the policy, but the printer must be added threw a User Policy insted of a Computer Policy, what type of policy are you using?
Joel BrownIT Director

Author

Commented:
I'm using a computer policy  ......
Ricardo MartínezInformation Security

Commented:
If you're using computer policies then you need to select a group with computers and specify that the computers in that group will be the recipients of the policy and add those computers to a security group.

Commented:
To prevent this in the future, create a test ou with the same policies as the other ou's and then move a few "test" computers into that test ou to see if it is working properly. That way  you can work out the bugs only on a select few machines.
Joel BrownIT Director

Author

Commented:
so to clarify,    

"Computer Group A"  ,  contains Computer A1, A2, A3

GPO is linked to "Computer Group A"

"Computer Group B" ,  contains only Computer B1

Security Filter includes only  " Computer Group B "

Who does the GPO get applied too ?
Ricardo MartínezInformation Security

Commented:
Computer B1, if by security filter u mean adding "Computer Group B" as the recipient in common options of the policy. Remember to try this on a test environment with test computers.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.