General
Print and Document Services are handled by Servers:SAD-PRINT01.
Firewall Rules
In order to enable remote management through RSAT, the following exceptions must be allowed through Windows Firewall:
Set-NetFirewallRule -DisplayGroup "File And Printer Sharing" -Enabled True
Set-NetFirewallRule -Name FPS-ICMP4-ERQ-In -Enabled True
Set-NetFirewallRule -Name FPS-ICMP6-ERQ-In -Enabled True
Configuring Point and Print Post Print Nightmare
Manually
Run the following command at an administrator command prompt on the client PC to allow non-admin users to install print drivers:
reg add "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint" /v RestrictDriverInstallationToAdministrators /t REG_DWORD /d 0 /f
To remove the above registry key, execute the following command as an administrator:
reg delete "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint" /v RestrictDriverInstallationToAdministrators /f
Group Policy
In addition to the group policy that pushes a printer, I have created a second group policy called C_Configure_PointandPrint. To configure this policy, perform the following actions:
- Create a group policy with the name C_Configure_PointandPrint and link it to your workstation OU.
- Edit it and navigate to Computer Configuration > Preferences > Windows Settings > Registry
- Create a new registry setting with the following settings:
Action: Update Hive: HKEY_LOCAL_MACHINE Key Path: Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint Value Name: RestrictDriverInstallationToAdministrators Value Type: REG_DWORD Value Data: 0 Base: Decimal