[THIN] Re: Where the %&#$ are these drivers coming from?

  • From: "Adam Granatela" <agranatella@xxxxxxxxx>
  • To: thin@xxxxxxxxxxxxx
  • Date: Mon, 19 Feb 2007 15:04:14 -0600

Hey Rick, thanks for the pointers.

I'll definitely put this into place.  Thing is, I can see the session that
the printer is being installed for, and it's definitely a non-admin ICA
connection.  The event logs give the same sort of auto-install message for
the non-native driver as they do for the native driver.  Typically I expect
to see a 1106 or whatever error saying the auto-creation failed, and then
see that the printer is using the UPD.  However with this one, the driver is
being installed upon user login.

It looks like Windows thinks that these drivers (canons and HPs) are Windows
native drivers, and the files are cached somewhere and are being
auto-installed.


On 2/19/07, Rick Mack <ulrich.mack@xxxxxxxxx> wrote:

Hi Adam,

There are some additional driver installation options that you can apply,
but that aside, a major source of printer driver "contamination" is an
administrator logging in to servers via RDP. If you've got a Canon printer
at home, the culprit might even have been you ;-)

It's a really good idea to firstly limit who can log on via RDP (use
tsconsec during server build), and secondly to make sure that no printer
autocreation takes place for the RDP listener.

The following unmanged group policy will applied to all your servers will
help:

CATEGORY "Remote Admin (RDP) Session Settings"

   POLICY "Disable RDP Client Remapping"
    KEYNAME "SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp"
        PART "Disable Use connection settings from user setting" CHECKBOX

        VALUENAME "fInheritAutoClient"
           VALUEON  NUMERIC 1
             VALUEOFF NUMERIC 0
        END PART
        PART "Disable Connect Client Printers on Logon" CHECKBOX
        VALUENAME "fDisableCpm"
           VALUEON  NUMERIC 1
             VALUEOFF NUMERIC 0
        END PART
        PART "Disable LPT Mapping" CHECKBOX
        VALUENAME "fDisableLPT"
           VALUEON  NUMERIC 1
             VALUEOFF NUMERIC 0
        END PART
        PART "Disable Clipboard Mapping" CHECKBOX
        VALUENAME "fDisableClip"
           VALUEON  NUMERIC 1
             VALUEOFF NUMERIC 0
        END PART

    END POLICY ; disable rdp client capabilities

END CATEGORY ; rdp settings

regards,

Rick

--
Ulrich Mack
Commander Australia

On 2/20/07, Adam Granatela <agranatella@xxxxxxxxx> wrote:

> Here's a nice fun one.  PS4 enterprise, 3 servers.  Policies are set to
> grab native drives, otherwise use Citrix UPD.  There are no printer
> mappings, and no print drivers set to replicate.  No session printers, no
> imported print servers, and no login scripts that run on the Citrix servers
> other than the default usrlogon.cmd files.
>
> I went through and deleted out all non-native MS drivers.  In fact, I
> wiped out all drivers except the Citrix UPD.  I went into the registry and
> verified that the only driver was listed under version-3 and was the Citrix
> UPD.  All should be good, right?
>
> Nope.  The next time a user logged on using a Canon driver, it
> auto-created, and auto-installed the driver.  I can see it in the registry
> listed as a driver with Canon listed as the provider, and not Microsoft.  My
> question to you guys, how is this driver being installed?  I refreshed the
> local host cache on all servers (datastore is SQL), and did an update
> printer and driver information after deleting all the drivers, and verified
> that in the CMC, only the UPD was listed for this particular server I'm
> testing with (although it happens on all of them).
>
> Help!
>
> Adam
>




Other related posts: