Re: Inherited Permissions for Printers
From: Chriss3 [MVP] (noSpamHere_at_chrisse.se)
Date: 01/11/05
- Next message: Chriss3 [MVP]: "Re: XP Roaming Profile Issue"
- Previous message: Joe Richards [MVP]: "Re: AD properties in federated forest environment"
- In reply to: Paul Hadfield: "Inherited Permissions for Printers"
- Next in thread: Herb Martin: "Re: Inherited Permissions for Printers"
- Reply: Herb Martin: "Re: Inherited Permissions for Printers"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 11 Jan 2005 15:52:53 +0100
Hello Paul,
Good question. Yes it's possible to inheritance the Security (ACL) from the
computer object in the Active Directory, since all printers published in
active directory is child objects to it's host/computer/server.
You can give the "IT Helpdesk Staff" Full Control of child objects of type
PrinterObjects or just Add / Remove Printer Objects. You should see an entry
for the Printer Operators group with rights Add / Remove Printer Objects in
the ACL list on the computer/host/server object in AD.
Have a look at this KB, How to view printers within the ADUC MMC.
http://support.microsoft.com/support/kb/articles/Q235/9/25.ASP
-- Regards Christoffer Andersson Microsoft MVP - Directory Services No email replies please - reply in the newsgroup ------------------------------------------------ http://www.chrisse.se - Active Directory Tips "Paul Hadfield" <paul@anon.com> skrev i meddelandet news:%239EC3G99EHA.1084@tk2msftngp13.phx.gbl... > All, > > I realise this is a printing question, but I think it's probably more > GPO/AD related too. > > Is there any way that permissions for locally installed printers on a > Windows 2000 Advanced server can be set to inherit in the same way that > files and folders can? E.g. when someone creates a new local printer, I > want to be able to specify what the default security permissions will be > set to. > > We have a Windows 2000 domain with print queues set up locally on Windows > 2000 Advanced Server member servers. I'm trying to set up our member > servers so that when a member of the domain security group "IT Helpdesk > Staff" creates a new local printer, the correct permissions are > automatically assigned to it and all the IT staff needs to do is add the > relevant User groups with print access. > > The domain secirity group "IT Helpdesk Staff" has only domain user rights > but is also a member of the local Power Users group on the Windows 2000 > member servers, and so has full permissions to create new printers > locally. > > Thanks again, > Paul. > > >
- Next message: Chriss3 [MVP]: "Re: XP Roaming Profile Issue"
- Previous message: Joe Richards [MVP]: "Re: AD properties in federated forest environment"
- In reply to: Paul Hadfield: "Inherited Permissions for Printers"
- Next in thread: Herb Martin: "Re: Inherited Permissions for Printers"
- Reply: Herb Martin: "Re: Inherited Permissions for Printers"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
|
