Hi Michael, Windows NT 4.0 drivers are kernel-mode printer drivers. They are defined in the registry under HKLM\System\CurrentControlSet\Control\Print\Environments\Windows NT x86\version-2 and are installed in the folder %systemroot%\system32\spool\drivers\w32x86\2. Non kernal mode or user mode drivers (windows 2000+) are defined under a version-3 key and installed to w32x86/3. A kernel mode driver can crash a server (or workstation). Regardless of whether the driver has been stable for months the potential is there. As an example, we had a Xerox Docucentre that gave us no troubles for 6 months until a new employee noticed and tried to use the stapling function which crashed any TS system where she tried to print. The Xerox driver was a kernel mode driver. If you're not careful, it's quite easy to download and install kernel mode drivers. Some printer manufacturers (did I mention Xerox?) have released windows 200/XP "compatibile" drivers that were still kernel mode drivers. Some of the older barcode and label printer drivers are often kernel mode, though if that's the case http://www.seagullscientific.com will probably have equivalent user mode (or even x64) drivers that you can use instead. Drivers can also be uploaded from client workstations (depending on Citrix policy settings) but a major source of "undocumented" driver installation can also occur from admin RDP logons where printer autocreation will install drivers from the admin's workstations. If your file/print servers have kernel mode drivers installed, then those will propagate to all of your TS systems. Stopping installation of kernel mode drivers on to your systems is easy. Windows Server 2003 has a group policy setting to disable installation of kernel mode drivers, but its dead simple (Via GPO) to set admin/system access to read only for the version-2 registry key and w32x86/2 directory to prevent kernel mode drivers being installed on win2k systems. How to get rid of them if they're already there? First make sure they're not on your file/print servers and then get them off your terminal servers. There are a number of different ways to clean things up including scripting and freeware utilities, but the simplest thing is to open the printers and faxes folder, right click, select server properties > drivers and delete them. Of course that assumes they're not being used. If they are, for each printer that's using the kernel mode driver, replace the driver with an equivalent user mode driver, then delete the kernel mode driver. Once the kernel mode drivers are removed from all your servers, you've got a good chance that refreshing the printer driver list in the CMC will clear them out. Set a group policy to prevent installation of kernel mode drivers and things will stay clean. regards, Rick Ulrich Mack Volante Systems Level 2, 30 Little Cribb Street Coronation Drive Office Park Milton Qld 4064 tel: +61 7 32431847 fax: +61 7 32431992 rick.mack@xxxxxxxxxxxxxx ________________________________ From: thin-bounce@xxxxxxxxxxxxx on behalf of Michael Boggan Sent: Fri 19/05/2006 23:55 To: thin list Subject: [THIN] Printers question When I look in the CMC for XP 1.0, under the Drivers section, there are several Windows NT 4.0 drivers listed. We have no NT 4.0 servers and the servers that are listed as having those drivers are 2003 servers. I have gone into the drivers on those servers and they are not there. Any idea why these are showing up in the CMC and what i can do to get rid of them? Thanks, Michael Boggan ##################################################################################### This e-mail, including all attachments, may be confidential or privileged. Confidentiality or privilege is not waived or lost because this e-mail has been sent to you in error. If you are not the intended recipient any use, disclosure or copying of this e-mail is prohibited. If you have received it in error please notify the sender immediately by reply e-mail and destroy all copies of this e-mail and any attachments. All liability for direct and indirect loss arising from this e-mail and any attachments is hereby disclaimed to the extent permitted by law. #####################################################################################