Printers deployed via 2008 R2 Print server using GPO not always showing up and / or not showing up at next logon if removed by user during previous session.

Objective: We wanted to switch from a printer installed on each machine by IP address approach on our 100+ workstations to a print server based model.

Environment: 2003 domain and forect function level running two 2008 R2 DC's and one 64bit 2008 R2 print server. All workstations are Windows 7 (SP1) 32bit.

Situation: We managed to install the 2008 R2 print server and all the printers (two Xerox and 4 Sharp) we needed with both 32/64 bit drivers. The Xerox installs went in without a hitch and after some initial problems (the 32 and 64 bit drivers did not match so it would not install on W7 32bit clients) we got the Sharp to work as well. To accomplish this task we followed the details outlined in https://technet.microsoft.com/en-us/library/cc753109(v=ws.10).aspx, specifically the section "To deploy printers to users or computers by using Group Policy ". We opted to deploy each shared printer to groups of users via GPO (using the Deploy with Group Policy option per printer on the print server) so that the users can access the printers from any computer they log onto and thus picked "The users that this GPO applies to (per user)" GPO option and initially set it against a user test OU. The test accounts had no issues loading the printers on systems that they had never logged into before. Moreover, all of the printer (MFD) functionalities worked without glitches. Security, i.e. access to the printers, e.g. so that floor 3 can only print to floor 3 printers, is set at the printer level per printer on the print server.

Issue: We have an application that requires us to keep a local copy of the users roaming profile on each W7 desktop they utilize. This means that the roaming and local profiles sync each time they log in. We noticed that on machines that the test user had logged unto before not all the printers showed up and / or if the 'removed' a printer and logged out and then logged back in then the removed printer would not re-appear automatically. Rebooting the system, running a gpupdate /force or logging off and back on did not fix the issue. The only way we were able to force all printers to appear and have removed ones come back was to delete the local user profile, however that causes serious issues with main application that needs that profile.

Challenge: How to force systems to always load the shared GPO deployed printers per user regardless of the fact that they have an older (pre GPO deployment of the printers) local profile that sync with the roaming one and/or to reload printers even f the user removed one at the next logon without having to delete the users local profile.
Is there a registry hack or something.
Many, many thanks in advance for help!
Laszlo DenesAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Bryant SchaperCommented:
Is the gpo set to replace?  Also does the error log provide any insight. Lastly the user needs permissions to be able to install a print driver.
Laszlo DenesAuthor Commented:
No insight from error log as such.
If you mean the loopback (https://technet.microsoft.com/en-us/library/cc782810(v=ws.10).aspx) option on the GPO by 'replace' then it is not set since we are applying the printers to users not computers!
The installation of the printers is not an issue (Windows 7 users do not have to be admin to install printers) if the user does not have a local copy of their profile on the system, or if we delete the local profile then it works perfectly for all printers. It is only an issue (as stated in our descriptive) if the user removed a GPO installed printer or if they had a previous local profile... then only the delete of the local profile works to return the printer(s) and it is fine after that, but we cannot start deleting those.
Laszlo DenesAuthor Commented:
What I did notice after further testing that if I delete printers that were previously deployed by GPO (and all worked) or if an existing locally stored roaming user profile copy for an account did not add the printers when the roaming profile for that account logged in then I can run gpupdate /force on the PC and all the printers appear. So now I am going to test if I can lower the group policy refresh interval for users (user>policies>administrative templates>system>group policy), since I am deploying to users not machines via GPO, from the default 90 minutes to something lower and see if that makes the printers reappear automatically while the user is logged on or perhaps there is a way to add that to the logon script so the user profile part of the gpo force updates after the user logs on. Still looking for help!!!!
joharderCommented:
Not quite sure why, but this GPP has always had some strange behavior.  It works fine for deploying printer configurations, but updates rarely work and deletions work usually but not always.  I have spent many hours trying to figure out exactly why.

It seems as though the printer GPP settings have some buginess.  Update seems much more problematic than delete.  

I recommend that you ask all users to leave their computers on one night.  Set the GPO to delete all entries by the registry GPP, not the printer GPP.  Of course, this means that you'll need to find all of the related entries in the registry.  A little painful, but it works.

Let the regular update occur such that it removes all of the entries.  After you've verified the correct behavior, i.e., no printers mapped, on some test machines, configure registry GPPs for what should now be the correct printers.

Of course, test this first on a few user computers manually to be absolutely certain.  Going forward, use only the registry GPP!

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
masnrockCommented:
I noticed the domain and forest function level? Is there a particular reason... If not, update it to 2008. This may fix help in fixing your issue, even though GPP has never been perfect.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Printers and Scanners

From novice to tech pro — start learning today.