We help IT Professionals succeed at work.

Printers mapped by security group do not automatically get removed

38 Views
Last Modified: 2020-10-09
Microsoft Server 2016 terminal services,  when using group policy by security group to map printers for users, we find that if a user is removed from a one printer group, and added to another, we find the user receives the new printers in addition to the previous printers. The user gets the new security group printers mapped, however the original printers do not get removed since the user was removed from the original group. We see that the registry key in the user profile for the original mapped printers remain and do not get removed automatically.
Comment
Watch Question

CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Are you using the preferences section of the GPO or the policies srction? for deployment?  (There are two ways)

Author

Commented:
GPP group policy preferences filtered by security group
System Administrator
CERTIFIED EXPERT
Distinguished Expert 2018
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I dont believe we have the Delete /Create option. The printers map from Print Management.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
"when you unlink the policy, the setting will not revert " - it depends on what the admin has set. You may choose to say "Remove this item when it is no longer applied". If you didn't choose that, it will not remove on its own, of course.

Author

Commented:
I believe that option is in ILT, however we are not using it. The GPO calls on Print management to map the printers and is filtered by security group.  Seems that the action of user removal from the security group would need to call on print management to fully remove the printers.
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
The way it is in 2016 is the way it was done on a 2008 environment, and removal from the security group automatically removes the printers from user accordingly.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Yes, that is true for non GPP printer deployment (not using the preference section but using the "printer deployment" part of the GPO as it was done "oldschool" since server 2003. For GPP however...

Author

Commented:
Thank You for your input, we will continue to dig into this.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
We use "printer deployment" (the "old way") ourselves and recently removed a printer - it got removed anywhere, automatically. If you remove a computer from the security group this GPO applies to (we use computer-bound deployment), it gets removed as well.
Using group policy preference printer items for deployment will have the effect that you see unless you select the option "Remove this item when it is no longer applied", so you might want to switch to the oldschool way.
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
The reason for the observed behavior was given and the solution to this was discussed

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.