none
Run only specfied Windows applications - Rundll32.exe - Add Printer not working RRS feed

  • Question

  • Hello,

    I am in the process of setting up and configuring a new RDS server for some of our users. It is Server 2016 Standard. I have all of the group policies configured exactly how I like them except for one. I have the "Run only specified Windows applications" policy enabled and set up to only allow the exact applications that we want them to use. The problem I am running into is that I need them to also have the ability to add printers.

    Because this policy is enabled, it blocks them from being able to add printers under "Devices and Printers". If I disable the policy, they can add printers just fine. I want this policy enabled so that they can only run the specific programs that we set up and nothing else. With this policy disabled, they can run command prompt and powershell, and any number of applications that they can find.

    I know that the "Add Printer" option uses rundll32.exe, which I have added to the policy. I have also added shell32.dll to the policy as suggested by another user, but this doesn't make a difference either.

    Has anyone seen this before?

    Thank you.

    Wednesday, September 11, 2019 11:35 PM

Answers

  • Hi,

    Thanks for posting in our forum.

    I have also added shell32.dll to the policy as suggested by another user, but this doesn't make a difference either.

    As far as I know, we can use command “rundll32 printui.dll, PrintUIEntry” to manage printers.

    So, you can try to add printui.dll to see if it works.

    However, since our forum is not familiar with printer, If the suggestion not working, I will suggest you create a new thread in Print forum to confirm if there has other process used when add printer.

    https://social.technet.microsoft.com/Forums/en-US/home?forum=winserverprint

    Best Regards,

    William


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Daryl LFP Thursday, September 12, 2019 6:17 PM
    Thursday, September 12, 2019 6:51 AM

All replies

  • Hi,

    Thanks for posting in our forum.

    I have also added shell32.dll to the policy as suggested by another user, but this doesn't make a difference either.

    As far as I know, we can use command “rundll32 printui.dll, PrintUIEntry” to manage printers.

    So, you can try to add printui.dll to see if it works.

    However, since our forum is not familiar with printer, If the suggestion not working, I will suggest you create a new thread in Print forum to confirm if there has other process used when add printer.

    https://social.technet.microsoft.com/Forums/en-US/home?forum=winserverprint

    Best Regards,

    William


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Daryl LFP Thursday, September 12, 2019 6:17 PM
    Thursday, September 12, 2019 6:51 AM
  • William,

    That did the trick! Thank you very much!

    I now have the rundll32.exe and the printui.dll both as allowed applications, and this allowed me to add a printer without any issues.

    Thanks again.

    Thursday, September 12, 2019 6:17 PM
  • Hi,

     

    I am pleased to know that the information is helpful to you. If there is anything else we can do for you, please feel free to post in the forum.

    Have a nice day!

    Best Regards,

    William


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, September 17, 2019 6:47 AM