Printer Group Policy not showing up on updated Windows computers?

group-policy printing
5,698

Solution 1

My colleague solved this. See this article: http://windowsitpro.com/patch-tuesday/update-kb3163622-breaks-group-policy-it-s-not-me-it-s-you

KB3163622 appears to break the way security policies are applied:

What happened: MS16-072 changes the security context with which user group policies are retrieved. This by-design behavior change protects customers’ computers from a security vulnerability. Before MS16-072 is installed, user group policies were retrieved by using the user’s security context. After MS16-072 is installed, user group policies are retrieved by using the machines security context.

Why it happened: This issue may occur if the Group Policy Object is missing the Read permissions for the Authenticated Users group or if you are using security filtering and are missing Read permissions for the domain computers group.

How to fix it: To resolve this issue, use the Group Policy Management Console (GPMC.MSC) and follow one of the following steps:

  • Add the Authenticated Users group with Read Permissions on the Group Policy Object (GPO).
  • If you are using security filtering, add the Domain Computers group with read permission.

Solution 2

My guess would be the policies do not have Authenticated Users security principal with Read permission.

Share:
5,698

Related videos on Youtube

surfrock66
Author by

surfrock66

Updated on September 18, 2022

Comments

  • surfrock66
    surfrock66 almost 2 years

    We have had about 20 print mapping policies for years in an organization with ~300 clients. This company hasn't done windows updates in over 2 years. Over the weekend, we were authorized to push out ALL windows updates needed to bring us current (after testing). It turns out we missed an edge situation; the entire subset of printer deployment group policies no longer make it to clients.

    The policies haven't changed, but they do not show up at all. If we do RSOP or gpresult, they don't even show as not applied. Our exempted computers still receive and execute the policy normally, including a freshly imaged computer with an old image.

    When running "gpupdate /force" we get an error on the afflicted computers, with the following text:

    The following warnings were encountered during user policy processing: The Group Policy Client Side Extension Folder Redirection was unable to apply one or more settings because the changes must be processed before system startup or user logon. The system will wait for Group Policy processing to finish completely before the next startup or logon for this user, and this may result in slow startup and boot performance. Computer Policy update has completed successfully.

    For more detailed information, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy results.

    Certain User policies are enabled that can only run during logon.

    OK to logoff?. (Y/N)

    Allowing it to log off, rebooting, etc. does not change the result. Subsequent executions of the command show the same message. The GPResult output does not mention the printer policies, or any failures.

    This is happening on Windows 7 and Windows 10. Some of the policies map computers through "Deployed Printers" and some through "Control Panel." Neither show up at all anymore.

    We are now going through the process of uninstalling updates 1 by 1 to see what changed (there are 278) but we're completely stumped as to what could cause the policy to not even propogate. Nothing has changed on our Windows Server 2008 domain controllers, and the policies show on all 3.

    Any troubleshooting thoughts would be appreciated.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Group Policy to disable Printer Preferences
Allow users to remove printers via group policy
Group Policy Preferences Printers: Server 2008R2 Error 0x80070bc4 does not set default printer after a printer has been created
Best method to add network printers using GPO
Unable to deploy printers via GPO User Configuration after Windows update KB5005033 got installed ("Do you trust this printer?" issue)
Change printer to black and white with Windows group policy
Update driver on deployed printer
Printer deployment via Group Policy not working on a single system
Allow domain users to modify local printer settings Windows 7 via Group Policy
Windows 7: Deploying Printer Settings without a Print Server