Allow pruning of published printersID: oval:org.secpod.oval:def:19390 | Date: (C)2014-05-29 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
The Allow pruning of published printers machine setting should be configured correctly.
Determines whether the domain controller can prune (delete from Active Directory) the printers published by this computer. By default, the pruning service on the domain controller prunes printer objects from Active Directory if the computer that published them does not respond to contact requests. When the computer that published the printers restarts, it republishes any deleted printer objects. If you enable this setting or do not configure it, the domain controller prunes this computer's printers when the computer does not respond. If you disable this setting, the domain controller does not prune this computer's printers. This setting is designed to prevent printers from being pruned when the computer is temporarily disconnected from the network.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Printers\Allow pruning of published printers
(2) KEY: HKLM\Software\Policies\Microsoft\Windows NT\Printers\Immortal
Platform: |
Microsoft Windows Server 2008 R2 |