(imported topic written by jaf0onl91)
Do you know if there is a way to create an analysis to detect if
someone has a printer installed locally but shared out to other people ? Thanks !!!
(imported topic written by jaf0onl91)
Do you know if there is a way to create an analysis to detect if
someone has a printer installed locally but shared out to other people ? Thanks !!!
(imported comment written by ktang91)
try this relevance script:
q:if (name of operating system = âWin2003â OR name of operating system = âWinXPâ or name of operating system = âWin2000â or name of operating system = âWinNTâ) then (string values of selects âname from win32_printer where servername=NULL and sharename != NULLâ of wmi as string) else ââ
A: hp LaserJet 3030 PCL 6
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/win32_printer.asp
ServerName
Data type: string
Access type: Read-only
Name of the server that controls the printer. If this string is NULL, the printer is controlled locally.
Shared
Data type: boolean
Access type: Read/write
If TRUE, the printer is available as a shared network resource.
Windows 2000 and Windows NT 4.0: This property is not supported.
(imported comment written by BenKus)
That relevance looks good, but if you are making a property, you should probably set the report interval to a higher interval (definitely not âevery reportâ⌠probably more like once or twice a day) because it looks like it can take a few seconds to evaluate this wmi property.
Ben
(imported comment written by dgibson91)
Something like this would be faster, and (I think) just as accurate.
q: if (name of operating system = âWin2003â OR name of operating system = âWinXPâ or name of operating system = âWin2000â or name of operating system = âWinNTâ) AND (exists key âHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printersâ of registry) then ((value âNameâ of it, value âPrinter Driverâ of it) of keys whose (value âShare Nameâ of it != ââ ) of key âHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printersâ of registry) else nothings
a: PrinterName, Printer Driver
Also, something similar we did to see what network printers were installed on our workstations:
q: if ((operating system as string = âWinXP 5.1.2600â OR (operating system as string = âWin2000 5.0.2195â AND value âProductTypeâ of key âHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptionsâ of registry = âWinNTâ )) AND exist key âHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\LanMan Print Services\Serversâ of registry) then ((value âNameâ of it, value âPrinter Driverâ of it, value âShortServerNameâ of key âDsSpoolerâ of it) of keys of keys whose (name of it = âPrintersâ ) of keys of key âHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\LanMan Print Services\Serversâ of registry) else nothings
A: QUEUENAME, DRIVERNAME, SERVERNAME
(imported comment written by BenKus)
Very nice!
It looks like the registry-based version is a few hundred times faster than the WMI version (< 1ms for my computer to get these results).
This is a great example of the idea that the WMI is inefficient and should only be used when there arenât other options.
Ben
(imported comment written by topik8891)
dgibson
Something like this would be faster, and (I think) just as accurate.
q: if (name of operating system = âWin2003â OR name of operating system = âWinXPâ or name of operating system = âWin2000â or name of operating system = âWinNTâ) AND (exists key âHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printersâ of registry) then ((value âNameâ of it, value âPrinter Driverâ of it) of keys whose (value âShare Nameâ of it != ââ ) of key âHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Printersâ of registry) else nothings
a: PrinterName, Printer Driver
I already try this and it works to find shared printer (I shared my printer), but when I donât share my printer anymore, Bigfix still show the printer (it shouldnât show any device). Can you tell me how to fix this problem ?
I have a customer that they want to detect and show all their external device such as printer, scanner etc that connected via USB, paralel & serial port. How Bigfix can do that things?
Anyway to pull back the share permissions of a printer? Like the âPrintâ permission, âManage this printerâ permission, or âManage Documentsâ?
entries of dacls of security descriptors of network shares does not offer print specific permission properties that I can tell. It only offers the general read, write, and execute permission setsâŚnot the other permissions needed to represent the printer shares.
old thread but anyone know how to return permissions for printers ?
You can create a task that uses powershell to list printers and then print out permissions. And then use analysis to read the results
Get-Printer -ComputerName
(Get-Printer âMicrosoft Print to PDFâ -Full).PermissionSDDL
How would you itterate through the list of mapped printers ?
Get-Printer -ComputerName would give you a list of printers which you can iterate through and print out the permissionSDDL. Is that what you asked?
yup that works, thanks.