We’re collecting a standard set of instructions to follow for all consultants to save time and have a standard approach for ths;
Client Updated; Print Server Not Updated (Reported Behaviour: Dial comes up do you trust the server, then asks credentials, when trying to print)
Requires the following key on the Client
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrintRestrictDriverInstallationToAdministrators = 0 (REG_DWORD)
Then at a later date we need to review workstation patching policies
Print Server Updated; Client Not Updated (Check for Cumulative Update September)
Requires the following key on the Server
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\RpcAuthnLevelPrivacyEnabled = 0 (REG_DWORD)
Restart the print spooler on the server afterwards
This key was put in place in January to mitigate cve-2021-1678 but not enforced until now.
You’re expected going to have this issue if your workstations haven’t been updated since January but I’ve seen a few cases with more recently updated workstations.
Trackback from your site.