Windows 7 / Getting Started

Configuring Package Point and Print Restrictions

Windows XP SP1 and Windows Server 2003 introduced the following Group Policy setting:

User Configuration\Policies\Administrative Templates\Control Panel\Printers\Point And Print Restrictions

This policy setting controls the servers to which a client computer can connect for Point and Print. A new feature of this policy setting for Windows 7 and Windows Vista is the ability to control the behavior of UAC prompts when installing printer drivers on Windows Vista computers using Point and Print. This policy setting applies only to non- Print Administrators clients and only to computers that are members of a domain.

Controlling the behavior of security prompts using the Point And Print Restrictions policy setting when installing printers using Point and Print

When you enable the policy setting, the client is restricted to only Point and Print to a list of explicitly named servers. You can configure Windows 7 and Windows Vista clients to not show security warnings or elevation prompts when users Point and Print or when drivers for printer connections need to be updated.

If you do not configure the policy setting:

  • Windows XP and Windows Server 2003 client computers can point and print to any server in their forest.
  • Windows Vista and later client computers can point and print to any server.
  • Windows Vista and later computers will show a warning and an elevation prompt when users point and print to any server.
  • Windows Vista and later computers will show a warning and an elevation prompt when a driver for an existing printer connection needs to be updated.

If you disable the policy setting:

  • Windows XP and Windows Server 2003 client computers can point and print to any server.
  • Windows Vista and later client computers can point and print to any server.
  • Windows Vista and later computers will not show a warning or an elevation prompt when users point and print to any server.
  • Windows Vista and later computers will not show a warning or an elevation prompt when a driver for an existing printer connection needs to be updated.

Note that the Users Can Only Point And Print To Machines In Their Forest setting applies only to Windows XP SP1 (and later service packs) and Windows Server 2003.

In addition to this updated Point And Print Restrictions policy setting, Windows 7 and Windows Vista include two new policy settings related to Point and Print:

  • Only Use Package Point And Print This policy restricts clients' computers to use Package Point and Print only. If you enable this setting, users will only be able to point and print to printers that use package-aware drivers. When using Package Point and Print, client computers will check the driver signature of all drivers that are downloaded from print servers. If you disable or don't configure this setting, users will not be restricted to Package Point and Print only.
  • Package Point And Print - Approved Servers Restricts Package Point and Print to approved servers. If you enable this setting, users will only be able to use Package Point and Print on print servers approved by the network administrator. When using Package Point and Print, client computers will check the driver signature of all drivers that are downloaded from print servers. If you disable or don't configure this setting, Package Point and Print will not be restricted to specific print servers.

In Package Point and Print, the complete driver package is put in the driver store on the Windows 7 or Windows Vista client computer. All files in the printer driver are installed on the client, and the installation process ensures that the package is digitally signed properly before adding it to the store. This result is a more secure form of Point and Print than found on previous versions of Windows.

Note Printing from Windows Vista and later versions to print servers running earlier versions of Windows uses legacy Point and Print.

[Previous] [Contents] [Next]

In this tutorial:

  1. Managing Printing
  2. Enhancements to Printing in Windows 7
  3. Printing Enhancements Previously Introduced in Windows Vista
  4. Additional Printing Enhancements in Windows 7
  5. How Printing Works in Windows 7
  6. Understanding XPS
  7. Understanding the Windows Printing Subsystem
  8. Understanding Printer Driver Isolation
  9. Understanding the Print Management Console
  10. Enhancements to the Print Management Console in Windows 7
  11. The Print Management Console
  12. Adding and Removing Print Servers
  13. Configuring Default Security for Print Servers
  14. Adding Printers Using the Network Printer Installation Wizard
  15. Creating and Using Printer Filters
  16. Creating and Using Driver Filters
  17. Managing Printers Using Print Management
  18. Configuring Properties of Printers
  19. Publishing Printers in AD DS
  20. Managing Printer Drivers
  21. Configuring Printer Driver Isolation Mode
  22. Configuring Printer Driver Isolation Mode Using the Print Management Console
  23. Configuring Printer Driver Isolation Mode Using Group Policy
  24. Troubleshooting Driver Isolation
  25. Exporting and Importing Print Server Configurations
  26. Printer Export Files
  27. Performing Bulk Actions Using Print Management
  28. Client-Side Management of Printers
  29. Installing Printers Using the Add Printers Wizard
  30. Searching for Printers
  31. Installing Printers Using Point and Print
  32. Using Devices And Printers
  33. Using the Color Management CPL
  34. Managing Client-Side Printer Experience Using Group Policy
  35. Configuring the Add Printer Wizard
  36. Disable Client-Side Printer Rendering
  37. Configuring Package Point and Print Restrictions
  38. Extending Point and Print Using Windows Update
  39. Deploying Printers Using Group Policy
  40. Preparing to Deploy Printers
  41. Deploying a Printer Connection
  42. Limitations of Deploying Printers Using Group Policy
  43. Migrating Print Servers
  44. Migrate Print Servers Using Print Management
  45. Migrating Print Servers Using PrintBRM
  46. Monitoring and Troubleshooting Printers
  47. Configuring E-Mail Notifications
  48. Configuring Print Server Notifications
  49. Configuring Script Actions
  50. Configuring Detailed Event Logging