Hi everyone
In my last post I talked about the print driver restriction, but you can fall into another case, where the computer are not updated at all which will cause another problem, they would not be able to connect to the printer share at all…
This may happen for some reason, like LTSC/LTSB IoT device which are restricted for Windows Update, or older OSs.
The registry key to use on your printserver for the time you remediate to the problem is; RpcAuthnLevelPrivacyEnabled
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print
RpcAuthnLevelPrivacyEnabled (DWORD) to 0.
1: Enables Enforcement mode. Before you enable Enforcement mode for server-side, make sure all client devices have installed the Windows update released on January 12, 2021 or a later Windows update. This fix increases the authorization level for printer IRemoteWinspool RPC interface and adds a new policy and registry value on the server-side to enforce the client to use the new authorization level if Enforcement mode is applied. If the client device does not have the January 12, 2021 security update or a later Windows update applied, the printing experience will be broken when the client connects to the server through the IRemoteWinspool interface.
0: Not recommended. Disables the increase authentication level for printer IRemoteWinspool, and your devices are not protected.
Reference: Managing deployment of Printer RPC binding changes for CVE-2021-1678 (KB4599464)
Phil’s Blog | IT to the core ! 