Had a need for users on the domain to be able to install printer drivers without being administrator.
Found this article at "Windows client TechCenter" (http://social.technet.microsoft.com/Forums/en-US/w7itprosecurity/thread/df21d2c2-c2d4-4107-bfe3-bf8c5a1cd946/)
Basically:
A. Use GroupPolicy to edit the Driver Installation policy. It is located:
Computer Configuration\Policies\Administrative Templates\System\Driver Installation
The setting is called "Allow non-administrators to install drivers for these devices setup classes". You will need to add the device class GUID of printers.
The GUIDs can be found here: http://msdn.microsoft.com/en-us/library/ff553426(v=vs.85).aspx
B. Since these are network printers (from print server), modify the following:
1.Configure Group Policy settings for "Point and Print" on BOTH computer and user settings (Vista previously only had user settings). The Location of the settings can be found here in GPOs:
Computer Configuration\Policies\Administrative Templates\Printers\Point and Print Restrictions
User Configuration\Policies\Administrative Templates\Control Panel\Printers\Point and Print Restrictions
2.Point and Print settings will vary on what kind of restrictions you want, but if you want users to be able to install ANY printer, with ANY driver, from ANY server, set the Point and Print settings to "Disabled".
Subscribe to:
Post Comments (Atom)
1. Problem with AWE not enabled:
ReplyDeleteREFERENCE:
http://www.devproconnections.com/article/database-development/enabling-sql-server-awe-memory
Use the SQLCMD command line utility to run this SQL script:
-- Checking for AWE:
EXEC sp_configure 'show advanced options', 1
RECONFIGURE
GO
-- A config_value/run_value of 0 means that AWE is not enabled
EXEC sp_configure 'awe enabled'
GO
-- Enabling AWE:
-- (Make sure to grant 'lock pages in memory' to
-- SQLService account and restart SQL after this change)
EXEC sp_configure 'awe enabled', 1
RECONFIGURE
GO