Windows Vista - Point & Print

Point & Print is a Windows feature that enables users to connect to a shared printer without the need to manually install the necessary printer driver software.  Point & Print automatically downloads and installs the required printer drivers when a user connects to a shared printer.  It also updates the printer driver on the client […]

Point & Print is a Windows feature that enables users to connect to a shared printer without the need to manually install the necessary printer driver software.  Point & Print automatically downloads and installs the required printer drivers when a user connects to a shared printer.  It also updates the printer driver on the client computer when the printer driver or the printer driver configuration is updated on the print server.

So - how is Point & Print different on Windows Vista?

Because Point & Print installs software on the client computer, Point & Print features are subject to the enhanced security model of Windows Vista.  New configuration settings were added to the Point & Print Restrictions group policy in Windows Vista.

Point & Print Security Best Practices: The Point & Print Restrictions Group policy can be edited using gpedit.msc.  The policies are located in User Configuration\Administrative Templates\Control Panel\Printers.   We're going to outline several different configuration scenarios.

Scenario 1: Using Deployed Printers: With Deployed Printers, only the printers defined for a user or group will be installed on the client computers that are managed by the group policy. This is considered the most secure practice because the client computers only have the printers installed that are defined in the Group Policy.  To configure Deployed Printers, use the Print Management Console (printmanagement.msc) to create the GPO and define the printers to deploy.

Configuration: Configure the GPO settings below.

  • After you configure the deployed printers, configure the Point and Print Restrictions group policy as follows:
  • Point and Print Restrictions: Enabled.
  • When installing drivers for a new connection: Do not show warning or elevation prompt.
  • When updating drivers for an existing connection: Show warning only.

User Experience: After you configure the deployed printers and the Point and Print Restrictions group policy, the deployed printers will automatically be installed on the client computer the next time the user logs on. The user will not see any warning messages when the printers are installed for the first time. However, if the printer configuration has been updated on the print server after the deployed printers have been installed on the client computer, the user will see a warning message that informs them that Point and Print must update the driver or configuration for the printer.

Continue to read full article....

Additional Resources:

microsoft, windows vista, point & print, printing, knowledgebase, guide