Contact us:- Info@smartprintersetup.space

Smart Printer Guru

New additional Group Policy Objects in Windows Server 2008 R2

·

by

x7p86

  1. On the domain controller, select Start, select Administrative Tools, and then select Group Policy Management. Or, select Start, select Run, type GPMC.MSC, and then press Enter.
  2. Expand the forest and then domains.
  3. Under your domain, select the OU where you want to create this policy.
  4. Right-click the OU, and then select Create a GPO in this domain, and link it here.
  5. Give the GPO a name, and then select OK. Right-click the newly created Group Policy Object, and then select Edit to open Group Policy Management Editor.
  6. In Group Policy Management Editor, expand the following folders:
    • Computer Configuration
    • Policies
    • Administrative Templates
    • Control Panel
    • Printers

The following extra settings can be enabled under Computer Configuration:

  • Add Printer wizard – Network scan page (Managed network): This policy sets the maximum number of printers of each type that the Add Printer wizard will display on a computer on a managed network when the computer can reach a domain controller. For example, a domain-joined laptop on a corporate network.
  • Add Printer wizard – Network scan page (Unmanaged network): This policy sets the maximum number of printers of each type that the Add Printer wizard will display on a computer on an unmanaged network when the computer can’t reach a domain controller. For example, a domain-joined laptop on a home network.
  • Always render print jobs on the server: When printing through a print server, determines whether the print spooler on the client will process print jobs itself or pass them on to the server to do the work. This policy setting affects printing to a Windows print server only.
  • Execute print drivers in isolated processes: This policy setting determines whether the print spooler will execute print drivers in an isolated or separate process. When print drivers are loaded in an isolated process or isolated processes, a print driver failure won’t cause the print spooler service to fail.
  • Extend Point and Print connection to search Windows Update: This policy setting allows you to manage where client computers search for Point and Print drivers. If you enable this policy setting, the client computer will continue to search for compatible Point and Print drivers from Windows Update after it fails to find the compatible driver from the local driver store and the server driver cache.
  • Only use Package Point and print: This policy restricts client computers to use package point and print only. If this setting is enabled, users will be able to point and print only to printers that use package-aware drivers. When using package point and print, client computers will check the driver signature of all drivers that are downloaded from print servers.
  • Override print driver execution compatibility setting reported by print driver: This policy setting determines whether the print spooler will override the Driver Isolation compatibility that’s reported by the print driver. It enables executing print drivers in an isolated process even if the driver does not report compatibility.

If you enable this policy setting, the print spooler will ignore the Driver Isolation compatibility flag value that is reported by the print driver.

  • Package Point and print – Approved servers: Restricts package point and print to approved servers. This policy setting restricts package point and print connections to approved servers. This setting applies only to Package Point and Print connections and is independent from the Point and Print Restrictions policy that governs the behavior of non-package point and print connections.Client that’s running Windows Vista or a later version of Windows will try to make a non-package point and print connection anytime that a package point and print connection fail. This includes attempts that are blocked by this policy. Administrators may have to set both policies to block all print connections to a specific print server.If this setting is enabled, users will be able to package point and print only to print servers that are approved by the network administrator. When using package point and print, client computers will check the driver signature of all drivers that are downloaded from print servers.
  • Point and Print Restrictions: This policy setting controls the client Point and Print behavior, including the security prompts for Windows Vista computers. The policy setting applies only to non-Print Administrator clients, and only to computers that are members of a domain.When the policy setting is enabled, the following conditions obtain:
    • Windows XP and later clients will only download print driver components from a list of explicitly named servers. If a compatible print driver is available on the client, a printer connection will be made. If a compatible print driver is not available on the client, no connection will be made.
    • You can configure Windows Vista clients so that security warnings and elevated command prompts do not appear when users Point and Print, or when printer connection drivers need to be updated.When the policy setting is not configured, the following conditions obtain:
    • Windows Vista client computers can point and print to any server.
    • Windows Vista computers will show a warning and an elevated command prompt when users create a printer connection to any server using Point and Print.
    • Windows Vista computers will show a warning and an elevated command prompt when an existing printer connection driver needs to be updated.
    • Windows Server 2003 and Windows XP client computers can create a printer connection to any server in their forest using Point and Print.When the policy setting is disabled, the following conditions obtain:
    • Windows Vista client computers can create a printer connection to any server by using Point and Print.
    • Windows Vista computers will not show a warning or an elevated command prompt when users create a printer connection to any server by using Point and Print.
    • Windows Vista computers will not show a warning or an elevated command prompt when an existing printer connection driver has to be updated.
    • Windows Server 2003 and Windows XP client computers can create a printer connection to any server by using Point and Print.
    • The Users can only point and print to computers in their forest setting applies only to Windows Server 2003 and Windows XP SP1 (and later service packs).For more information about Point and Print, see the following article:Windows Hardware Dev Center Archive

Configure printer-specific settings for users

  1. Select Start, point to Programs, point to Administrative Tools, and then select Active Directory Users and Computers.
  2. Select the Active Directory container of the domain you want to manage (an Organizational Unit or a domain). Right-click that container, and then select Properties.
  3. Select New to create a new Group Policy.
  4. In Group Policy editor, expand the following folders:
    • User Configuration
    • Administrative Templates
    • Control Panel
    • Printers

The following settings can be configured under User Configuration:

  • Disable the deletion of printers: Prevents users from deleting local and network printers. If a user tries to delete a printer, such as by using the Delete command in the Printers tool in Control Panel, Windows displays a message that explains that the action is prevented by a policy. However, this policy does not prevent users from running programs to delete a printer.
  • Disable the addition of printers: Prevents users from using familiar methods to add local and network printers. This policy removes the Add Printer wizard from the Start menu and from the Printers folder in Control Panel. Also, users cannot add printers by dragging a printer icon to the Printers folder. If they try to use this method, a message appears that explains that the action is disabled by a policy.This policy does not prevent users from using the Add/Remove Hardware wizard to add a printer. Nor does it prevent users from running programs to add printers. This policy does not delete printers that users have already added. However, if users have not added a printer when this policy is applied, they cannot print. NoteYou can use printer permissions to restrict the use of printers without setting a policy. In the Printers folder, right-click a printer, click Properties, and then click the Security tab.
  • Display the down level page in the Add Printer wizard: Permits users to browse the network for shared printers in the Add Printer wizard. If you enable this policy, when users click Add a network printer but do not enter the name of a particular printer, the Add Printer wizard displays a list of all shared printers on the network and prompts users to choose a printer. If you disable this policy, users cannot browse the network. Instead, they must enter a printer name.This policy affects the Add Printer wizard only. It does not prevent users from using other tools to browse for shared printers or to connect to network printers.
  • Default Active Directory path when searching for printers: Specifies the Active Directory location in which searches for printers begin.The Add Printer wizard gives users the option of searching Active Directory for a shared printer. If you enable this policy, these searches begin at the location that you specify in the Default Active Directory path box. Otherwise, searches begin at the root of Active Directory.This policy provides a starting point for Active Directory searches for printers. It does not restrict user searches through Active Directory.
  • Enable browsing for Internet printers: Adds the path to an Internet or intranet webpage to the Add Printer wizard.You can use this policy to direct users to a webpage from which they can install printers.If you enable this policy and enter an Internet or intranet address in the text box, Windows adds a Browse button to the Locate Your Printer page in the Add Printer wizard. The Browse button appears beside the Connect to a printer on the Internet or your Company’s Intranet option. When users click Browse, Windows opens an Internet browser and navigates to the specified address to display the available printers.This policy makes it easy for users to find the printers that you want them to add.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *