Connecting to a 2000 print server without a username and p..

Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

How can I set up security on a Windows 2000 Server print queue so that
users logged into local accounts at a workstation, not authenticated to an
active directory server, can add a printer without needing to use a
username and password? I've tried adding Anonymous Login to the security
tab but that didn't seem to work.

Thanks.
7 answers Last reply
More about connecting 2000 print server username
  1. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    See Bruce Sanderson's article at:
    http://members.shaw.ca/bsanders/NetPrinterAllUsers.htm
    --
    Cari (MS-MVP)
    Printing & Imaging


    "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    news:Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    > How can I set up security on a Windows 2000 Server print queue so that
    > users logged into local accounts at a workstation, not authenticated to an
    > active directory server, can add a printer without needing to use a
    > username and password? I've tried adding Anonymous Login to the security
    > tab but that didn't seem to work.
    >
    > Thanks.
  2. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    "Cari \(MS-MVP\)" <Newsgroups1@coribright.com> wrote in
    news:e8pTlWqrFHA.3556@TK2MSFTNGP10.phx.gbl:

    > See Bruce Sanderson's article at:
    > http://members.shaw.ca/bsanders/NetPrinterAllUsers.htm

    Thanks, but it's actually a different issue that I have. The printer queue
    has a username and password but I want the printer queue to not have a
    username and password.

    >
    >
    >
    > "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    > news:Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    >> How can I set up security on a Windows 2000 Server print queue so
    >> that users logged into local accounts at a workstation, not
    >> authenticated to an active directory server, can add a printer
    >> without needing to use a username and password? I've tried adding
    >> Anonymous Login to the security tab but that didn't seem to work.
    >>
    >> Thanks.
    >
  3. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    "L" <lnl@lnl.lnl.lnl.org.invalid> a écrit dans le message de news:
    Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    > How can I set up security on a Windows 2000 Server print queue so that
    > users logged into local accounts at a workstation, not authenticated to an
    > active directory server, can add a printer without needing to use a
    > username and password? I've tried adding Anonymous Login to the security
    > tab but that didn't seem to work.
    >
    > Thanks.
    Did you had the anonymous user right on the printer too?
  4. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    A while back I was trying to get SQL to backup to a remote share on another
    server. The SQL service and the Agent was running as under the local system
    account and kept getting an access denied when trying to access that share.
    Someone in the SQL group sent me a KB article for changing a registry key to
    enable true anonymous access to the share. I've searched through my notes
    but can't seem to find that response. If I do, I'll post it up.


    "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    news:Xns96C4D8E5C82B4lnllnllnllnlorginval@216.196.97.131...
    > "Cari \(MS-MVP\)" <Newsgroups1@coribright.com> wrote in
    > news:e8pTlWqrFHA.3556@TK2MSFTNGP10.phx.gbl:
    >
    >> See Bruce Sanderson's article at:
    >> http://members.shaw.ca/bsanders/NetPrinterAllUsers.htm
    >
    > Thanks, but it's actually a different issue that I have. The printer queue
    > has a username and password but I want the printer queue to not have a
    > username and password.
    >
    >>
    >>
    >>
    >> "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    >> news:Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    >>> How can I set up security on a Windows 2000 Server print queue so
    >>> that users logged into local accounts at a workstation, not
    >>> authenticated to an active directory server, can add a printer
    >>> without needing to use a username and password? I've tried adding
    >>> Anonymous Login to the security tab but that didn't seem to work.
    >>>
    >>> Thanks.
    >>
    >
  5. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    I found it.
    http://support.microsoft.com/kb/q289655/

    Perhaps this may not work. I'm not sure if this will apply to printer
    sharing and I'm not sure user access will be counted as a Null session. It
    may be worth a try..

    "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    news:Xns96C4D8E5C82B4lnllnllnllnlorginval@216.196.97.131...
    > "Cari \(MS-MVP\)" <Newsgroups1@coribright.com> wrote in
    > news:e8pTlWqrFHA.3556@TK2MSFTNGP10.phx.gbl:
    >
    >> See Bruce Sanderson's article at:
    >> http://members.shaw.ca/bsanders/NetPrinterAllUsers.htm
    >
    > Thanks, but it's actually a different issue that I have. The printer queue
    > has a username and password but I want the printer queue to not have a
    > username and password.
    >
    >>
    >>
    >>
    >> "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    >> news:Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    >>> How can I set up security on a Windows 2000 Server print queue so
    >>> that users logged into local accounts at a workstation, not
    >>> authenticated to an active directory server, can add a printer
    >>> without needing to use a username and password? I've tried adding
    >>> Anonymous Login to the security tab but that didn't seem to work.
    >>>
    >>> Thanks.
    >>
    >
  6. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    Granting anonymous access to resources can be problematic and is not usually
    recommended.

    See if the information at
    http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/DepKit/2c82586e-bd58-42b7-9976-228a23721e35.mspx
    or
    http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/1494bf2c-b596-4785-93bb-bc86f8e548d5.mspx
    is any use.

    If security (access management/control) on the computer sharing the printer
    is not a concern, you could enable the Guest account on that computer; this
    will allow anonymous authentication. Be careful what resources (shares,
    folders etc.) that the Guest account has access to. If I recall correctly,
    on Windows 2000, the Guest account is included in the Everyone group.

    Another thing you can do that is sometimes useful is to put a command like
    the one below in either a user's Start Menu\Programs\Startup or the All
    User\Start Menu\Programs\Startup folder on the client computer or in a logon
    script.

    net use \\servername\ipc$ password /user:username

    This will authenticate the Windows session running the command (on the
    client computer) to the specified computer (servername) using the username
    and password specified in the command. Then, the user can use a resource
    (e.g. printer) to which that username has permissions. There are a couple
    of downsides to this approach:

    1. the username and password are in plain text in the command line, thus
    exposing that user account to compromise
    2. if there are other resources (e.g. file shares) on that server the user
    needs to access with a different user account, that will most likely not be
    possible becuase a given Windows session can only be authenticated on the
    target server with one user account at at time; the net use command causes
    authentication on the target computer, so the user can not use a different
    user account to access a different resource on that computer.

    --
    Bruce Sanderson MVP Printing
    http://members.shaw.ca/bsanders

    It is perfectly useless to know the right answer to the wrong question.


    "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    news:Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    > How can I set up security on a Windows 2000 Server print queue so that
    > users logged into local accounts at a workstation, not authenticated to an
    > active directory server, can add a printer without needing to use a
    > username and password? I've tried adding Anonymous Login to the security
    > tab but that didn't seem to work.
    >
    > Thanks.
  7. Archived from groups: microsoft.public.win2000.printing,microsoft.public.win2000.general (More info?)

    "Bruce Sanderson" <bsanders@junk.junk> wrote in
    news:#Q5#36DtFHA.1472@TK2MSFTNGP15.phx.gbl:

    > Subject: Re: Connecting to a 2000 print server without a username and
    > password? From: "Bruce Sanderson" <bsanders@junk.junk>
    > Date: Wed, 7 Sep 2005 23:29:49 -0700
    > Newsgroups:
    > microsoft.public.win2000.printing,microsoft.public.win2000.general
    > X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
    >
    > Granting anonymous access to resources can be problematic and is not
    > usually recommended.
    >
    > See if the information at
    > http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/
    > DepKit/2c82586e-bd58-42b7-9976-228a23721e35.mspx or
    > http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/
    > ServerHelp/1494bf2c-b596-4785-93bb-bc86f8e548d5.mspx is any use.
    >
    > If security (access management/control) on the computer sharing the
    > printer is not a concern, you could enable the Guest account on that
    > computer; this will allow anonymous authentication. Be careful what
    > resources (shares, folders etc.) that the Guest account has access to.
    > If I recall correctly, on Windows 2000, the Guest account is included
    > in the Everyone group.
    >
    > Another thing you can do that is sometimes useful is to put a command
    > like the one below in either a user's Start Menu\Programs\Startup or
    > the All User\Start Menu\Programs\Startup folder on the client computer
    > or in a logon script.
    >
    > net use \\servername\ipc$ password /user:username
    >
    > This will authenticate the Windows session running the command (on the
    > client computer) to the specified computer (servername) using the
    > username and password specified in the command. Then, the user can
    > use a resource (e.g. printer) to which that username has permissions.
    > There are a couple of downsides to this approach:
    >
    > 1. the username and password are in plain text in the command line,
    > thus exposing that user account to compromise
    > 2. if there are other resources (e.g. file shares) on that server the
    > user needs to access with a different user account, that will most
    > likely not be possible becuase a given Windows session can only be
    > authenticated on the target server with one user account at at time;
    > the net use command causes authentication on the target computer, so
    > the user can not use a different user account to access a different
    > resource on that computer.
    >
    > --
    > Bruce Sanderson MVP Printing
    > http://members.shaw.ca/bsanders
    >

    Bruce, you are awesome! Thanks so much for writing such a detailed and
    clear response. It answers all of my questions.

    >
    > "L" <lnl@lnl.lnl.lnl.org.invalid> wrote in message
    > news:Xns96C3E04D27E31lnllnllnllnlorginval@216.196.97.131...
    >> How can I set up security on a Windows 2000 Server print queue so
    >> that users logged into local accounts at a workstation, not
    >> authenticated to an active directory server, can add a printer
    >> without needing to use a username and password? I've tried adding
    >> Anonymous Login to the security tab but that didn't seem to work.
    >>
    >> Thanks.
    >
    >
    >
    >
Ask a new question

Read More

Security Microsoft Servers Windows