I am trying to use a GPO to deploy printers to Windows 10 workstaions in our domain. On a Windows Server 2016 DC, the policy that I am using is under Computer Configuration->Policies->Windows Settings->Printer Connections. I added the path \\PrintServer\SharedPrinterName.
I installed the relevant printer drivers on the workstation via pnputil.exe and Add-PrinterDriver in PowerShell, because after the PrintNightmare patch, non-admins cannot install drivers. I run gpupdate /force and no printers show up, regardless if I am logged on as a local admin user or a standard user.
However, if I add the regigistry key
HKLM:\Software\Policies\Microsoft\Windows NT\Printer\PointAndPrint\RestrictDriverInstallationToAdministartors
and set it to 0, the printers will be added, whether a local admin user or standard user logs on.
I would prefer to not have to add this key to each workstation everytime I need to add a printer. My understanding was that if the printer drivers were pre-installed, the GPO would install the printer without the registry change.
What am I missing?
Best Answer
Most the time it's the driver class that cause you that headache. Type 3 can, or can not prompt for an admin credential even if you have preinstalled the driver into the machine. It's a try for all of them
Try the newer Type 4 if you can, or try with a newer version of the driver. Some manufacturer might tag them V3 or V4 in the download link.