Select the product you need help with
- Internet Explorer
- Windows Phone
- More products
Description of the Point and Print Restrictions policy setting in Windows Server 2003 and Windows XP
Article ID: 319939 - View products that this article applies to.
This article was previously published under Q319939
If you are using Windows XP, you can use the Point and Print functionality to print to shared printers that are hosted on computers that are running Microsoft Windows NT 4.0, Microsoft Windows 2000, Windows XP, and Windows Server 2003. If you use the Point and Print functionality to connect to a shared printer, the print driver for that shared printer is automatically downloaded to your workstation. This article describes how to use the Point and Print Restrictions policy setting.
Note It is possible for malicious users to embed viruses or other malicious code into a print driver. If you receive a damaged driver from a shared printer, your computer may be compromised.
Windows Server 2003 and Windows XP Service Pack 1 (SP1) include the Point and Print Restrictions policy setting. If you are an administrator, you can use this policy setting to control the servers that users can connect to for printing. This policy setting does not affect users who are members of the Administrators group. Additionally, this policy setting does not affect users who use the Point and Print functionality with shared printers that are hosted by computers that are running either Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98 Second Edition, or Microsoft Windows Millennium Edition (Me) (these platforms cannot supply drivers). In this scenario, you must have Administrator rights to create connections.
The Point and Print Restrictions policy is located in the following location in Group Policy Object Editor:
User Configuration\Administrative Templates\Control Panel\PrintersYou can configure the Point and Print Restrictions Group Policy setting in any of the following ways:
Note This message also occurs when you use OEM print drivers if the reverse lookup zone for the print server is not working correctly, and if the client cannot resolve the IP address of the print server to the fully qualified domain name (FQDN). If the NSLOOKUP <IP_Address_Of_Printserver> command does not resolve a server name, the client cannot resolve the IP address of the print server to the FQDN.
A policy is in effect on your computer which prevents you from connecting to this print queue. Please contact your system administrator.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
323445Similarly, if you are using a computer that is not a member of a domain, the computer is not subject to any of the configurations of this policy setting. You receive the following informational message:
(http://support.microsoft.com/kb/323445/ )How to create a new zone on a DNS Server in Windows Server 2003
You are about to connect to a printer on -SERVERNAME-, which will automatically install a print driver on your machine. Printer drivers may contain viruses or scripts that can be harmful to your computer. It is important to be certain that the computer sharing this printer is trustworthy. Would you like to continue?For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
314073If you are a mobile user and you travel with your laptop computer, Microsoft recommends that you either set this policy to Disabled or that you ask your administrator to give you administrative rights on your computer so that you can connect to shared printers while you are traveling.
(http://support.microsoft.com/kb/314073/ )How to troubleshoot network printing problems in Windows XP
The following policy settings are related to the Point and Print Restrictions policy setting:
Article ID: 319939 - Last Review: April 1, 2010 - Revision: 11.0