Saturday 18 December 2010

Printer Deployment using Group Policy Preferences

I was recently trying to deploy a printer using the Preferences feature of Windows Group Policy, the server sharing the printers was running Server 2008 R2 and the client Windows 7 Professional.

When logging on with a test account I was getting one printer of the five mapped, if I navigated to the server through Start > Run > \\Servername I could see all of the printers listed and double clicking on each one gave the message that a driver was being found and installed, the printer was then available for use.

Thinking I needed to install the drivers for the first time on each machine I logged off and on again. Only one printer again! Following a bit of research via everyones favourite search engine I discovered Point and Print Restrictions.

These restrictions can be used to allow only certain print servers to be used to provide printer driver downloads. This prevents untrusted or untested drivers from being installed. By default if Windows 7 is on a domain and doesn't have a native driver for the printer you want to connect to then you don't get the printer. This is fine if you are an admin as you can simply navigate to the server and install the printer manually, however for school staff and pupils we don't allow that freedom so we need to work around this.


1. Open Group Policy Management Console
2. Navigate to the OU you require to make settings for.
3. Right click and Select "Create a GPO in this domain, and link it here" Give your new policy a name.
4. Right click and select Edit for the new policy
5. Expand Computer Configuration > Policies > Administrative Templates > Printers
6. Right click "Point and Print Restrictions" Select Edit
7. Select "Enabled"


To set specific print servers to be used


1. Select "Users can only point and print to these servers"
2. In the text box type the fully qualified server name, if you require several entries separate them with a semi-colon (Also you can set to use any server in the Forest)
3. Select "Do not show warning or elevation prompt" in the "When Installing drivers for a new connection" box
4. Select "Do not show warning or elevation prompt" in the "When updating drivers for an existing connection" box


To set any forest print servers to be used

You can also set the point and print settings to allow any print server in the computers forest to serve drivers, in order to do this select the option "Users can only point and print to machines in their forest" also set the 'Do not prompt" options


By setting the 'do not prompt' options the printers will be installed automatically with no intervention. However this may give undesired results and impair your security, as always try on a test system before transferring onto your live network.

Now when preferences attempt to install printers, you will get all of your assigned printers after a short delay while the driver installs.

Thursday 2 December 2010

You have been logged on with a temporary profile

While working with a Windows 7 test machine I had the need to remove a users locally cached profile, I went to c:\users and removed the offending folder, logged on and was met with the systray balloon telling me that I was logged on with a temporary profile.

It appears that the issue was due to me not removing the user's info from the registry as well as the local folder, following some research on Technet I found that it is necessary to navigate to

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

and delete the users value, these will be listed as SID's but if you click on the SID then you will find a key which relates to the user named "ProfileImagePath" as shown below


Delete the SID value and when the user logs on again they will get either a new profile or their network profile pulled down.

KB974909 Hyper-V network connection dies

Virtual machines running in Hyper-V on Windows Server 2008 R2, Datacenter, Enterprise and Standard editions may occasionally lose their network connection during either high throughput or with multiple concurrent connections.

Restoring the connection can only be achieved by restarting the virtual machine.

By downloading and installing the patch found at knowledge base article KB974909 this problem will be alleviated, however this does require you to restart the host machine.