Secuirty

[Solved] printer error “”A policy is in effect on your computer which prevents you from connecting to this printer queue. Please contact your system administrator.””

"A policy is in effect on your computer which prevents you from connecting to this printer queue. Please contact your system administrator."

Problem

When trying to connect to a printer from Windows 10 or Windows 11, you get an error message.

“A policy is in effect on your computer which prevents you from connecting to this printer queue. Please contact your system administrator.”

 

Diagnostics

The problem you’re experiencing is a result of a recent Microsoft update known as “Print Nightmare,” which has limited driver installation access to Administrators only. To learn more about this issue, you can refer to the following Microsoft article:

https://support.microsoft.com/en-us/topic/kb5005652-manage-new-point-and-print-default-driver-installation-behavior-cve-2021-34481-873642bf-2634-49c5-a23b-6d8e9a302872

While there could be various causes for the error message, the most prevalent reason is typically the one mentioned above.

Solution

Most organizations had this policy in place after the Prinet Nighmarre vulnerability

This is how you canĀ  restrict users to only be able to “point and print” to specific Printe servers using Intune, you can achieve this by configuring printer security settings in the device configuration profile. This helps control which printers users can install and use on their managed devices. Here’s a general outline of the steps involved:

  1. Sign in to the Microsoft Endpoint Manager admin center (previously known as Intune).
  2. Navigate to “Devices” > “Configuration profiles” and click on “Create profile.”
  3. Choose the platform and profile type suitable for your devices (e.g., Windows 10 and Endpoint security).
  4. Configure printer security settings. Look for settings related to “Point and Print Restrictions” or “Printer Security.” The specific options available may depend on the version of Windows and Intune you are using.
  5. Set the desired restrictions, such as allowing users to install printers only from specified print servers or trusted sources. You can specify the exact devices or print servers to which users can “point and print.”
  6. Assign the profile to the desired user or device group within your organization.
  7. Save and deploy the configuration profile.

Once deployed, the configured printer security settings will limit users to installing printers only from the designated print servers or trusted sources. Users will not be able to install printers from other sources or unauthorized devices.

Below is the registry key that gets added after the config policy is pushed, Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\ADMX_Printing”

Thanks for reading it and let me know if this does not fix your issue.

 

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button