This step-by-step quick start guide explains how to enable Universal Print and set up a printer.
Create new group policy
Enable Point and Print restrictions. Enter fully qualified server name that users will connect to install a new printer.
HP Universal Print Driver GPO deployment
September 2021
Point and Print refers to the capability of allowing a user on a Windows 2000 and later client to create a connection to a remote printer without providing disks or other installation media. All necessary files and configuration information are automatically downloaded from the print server to the client.
Microsoft has been battling a set of vulnerabilities, known as "PrintNightmare", which began life as an accidentally disclosed zero-day at the end of June and permitted an attacker to run arbitrary code on Windows with SYSTEM privileges. A flaw in the Windows Printer Spooler service allowed miscreants to potentially run riot on exposed systems.
For the last couple of months Miicrosoft released a series of patches that haven't really fixed the issues. Now, the company has announced that it's going to require users to have Administrator privileges to add or update printers for use by Windows.
For most individual Windows users, the change will mean having to click on some prompts to gain elevated privileges in order to add or update printers, but it may be more troublesome for enterprise scenarios where users run in Standard mode without access to Admin privileges.
Having initially told users to shut down Print Spooler, Microsoft's latest missive means it will require administrator privileges for Point and Print driver installation, a change that will hit all supported versions of Windows and turned up in this week's round of patches.
Install new printer
Install and configure new printer on your print server. Do not forget to share printer.
Deploy printer with GPO
Righ-click on your newly created printer and select "Deploy with Group Policy". Browse and select GPO. For connection type select "Per Machine".
Connect client to shared printer
Browse server share to see your newly installed and shared printer.
Install driver manually
Select Install driver to download and install necessary files from print server.
Admin credentials prompted
Before "PrintNightmare" users were not required to have Administrator privileges to add or update printers for use by Windows. Follow the next steps to fix this.
Download driver files
Visit HP site for Universal Print Driver for Windows Download driver you need (PS or PCL) and extract files to disk.
Copy driver files to client computer
Create a new folder in a remote client computer and copy all driver files in there, for example C:\UPD\..
Deploy files to driver store
Need to copy printer driver .inf files to Windows Driver Store of a remote computer. Open PowerShell and run the following script. -ComputerName refers to remote client computer (eg pc101).
Invoke-Command -ComputerName pc101 {pnputil.exe -a "C:\UPD\*.inf" }
Restart client computer
Restart remote client computer to deploy printer by GPO or let the user to connect manually to printer share. Either way printer is successfully deployed on a remote client computer.
