PRI050 WH06


Presentation Description

No description available.


Presentation Transcript

Inside Printer Setup And Installation For Windows Vista: 

Inside Printer Setup And Installation For Windows Vista Adrian Lannin Program Manager Digital Documents Microsoft Corporation

Agenda : 

Agenda Driver installation and… User Account Control Printer permissions Driver Store Group Policy for Devices Printer driver installation and… Printer Driver Packages Localized Drivers Point and Print Cross-platform Installation

User Account ControlWhat is it?: 

User Account Control What is it? All users, including administrators, run as standard users 'Elevation' points are provided when the user needs to perform an operation that truly requires administrative rights For example, running a setup application is a privileged operation

User Account ControlPrinter install operations: 

User Account Control Printer install operations On Windows XP, installing a printer by plug and play or point and print does not require administrator rights Installing a local printer driver requires administrator rights Managing a printer, changing properties, sharing a printer is an administrator task Running a setup application is an administrator task

Printer Installation Rights: 

Printer Installation Rights In Windows Vista, a standard user can Use the Add Printer Wizard (APW) to install a local printer When there is an inbox driver available, and When they are physically at the machine


Permissions The user that installs the printer is given the Manage Documents permission With this permission, they can manage and delete a printer that they installed Members of the administrators group also have this permission – when elevated

Install Applications: 

Install Applications A setup application should automatically request permission to run with administrator rights Windows Vista uses heuristics to detect setup.exe If Windows Vista can't determine what rights an application requires, it runs the application with user rights The user must right-click and select Run as Administrator Recommendation: Use an application manifest containing this attribute: More information: MSDN Developer Center andlt;requestedExecutionLevel level='requireAdministrator' uiAccess='false' /andgt;

Scenarios Enabled: 

Scenarios Enabled A standard user can use the APW to install a printer using an inbox driver Useful for non-plug and play installations Useful when a standard user needs to print to a printer but they don’t have the driver – they can install a generic driver and get basic print capability Setup applications automatically request administrator permission

Driver StoreWhat is it?: 

Driver Store What is it? The driver store is a trusted cache of inbox and third party drivers, on the local hard disk Third party drivers are copied from media to the driver store We call the driver and the files the driver package All drivers are installed from the driver store Because drivers in the store are trusted, standard users may install them

Printer Driver Install Phases: 

Printer Driver Install Phases Put the driver package in the driver store Inbox drivers are already in the driver store Driver is copied from media Signing is checked If everything is good, driver is copied into the driver store This is a privileged operation! Install the driver Driver files are installed to their final location from the driver store This is NOT a privileged operation. Any user can install a driver

Driver Versions: 

Driver Versions Driver store is a side by side store New driver package versions co-exist with old versions Plug and Play ranking determines the driver selected for installation Use the DriverVer directive in the INF to specify driver package version Packages are not deleted when the drivers are deleted Available for reinstallation Pnputil.exe – driver store utility Offline support

Scenario Enabled: 

Scenario Enabled A print administrator adds a set of OEM printer drivers to the driver store on a corporate standard Operating System image These drivers can be installed by a standard user because they are in the driver store Easier deployment Cost savings/no help desk assistance required

Group Policy For Devices What is it?: 

Group Policy For Devices What is it? Two phases of device installation Admin rights: Place the driver in the driver store User: Install the driver By using Group Policy for Devices, an administrator can delegate the privilege required for step 1 to a standard user Why? Majority of corporations will run locked-down desktops in the future Amazing cost savings for IT departments More reliable, secure systems

Driver Installation Policy: 

Driver Installation Policy This policy allows digitally signed and trusted drivers to be installed by a standard user Digitally signed by Microsoft (e.g. WHQL, Windows) A commercially acquired certificate An internally generated or a test certificate Trusted The certificate that signed the driver is present on the machine, in the certificate store

How To Delegate Printer Driver Installation Rights: 

How To Delegate Printer Driver Installation Rights

Driver Requirements: 

Driver Requirements Effective for INF-based driver packages Printer vendors need to ensure that their drivers are available in driver packages that install via an INF Many Windows XP printer drivers can be installed when this policy is enabled Drivers that have co-installers may not work The co-installer does not run until an administrator logs in

Scenario Enabled: 

Scenario Enabled The print administrator uses group policy to delegate printer installation rights to an organizational unit (OU) Members of that group put signed printer drivers into the driver store, when the driver was signed by a trusted source The administrator can obtain a certificate and use it to sign driver packages

Driver PackagesWhat are they?: 

Driver Packages What are they? A Driver Package is an INF, all the files referenced by an INF, and the CAT file A package must be signed A common problem is that some INFs refer to files that do not exist The driver store checks file dependencies when the driver is added, and will not import packages that have missing dependencies

Printer Installation And Driver Packages: 

Printer Installation And Driver Packages Windows Vista tries to install packages in most cases Local Installation Remote Installation Point and Print Web Point and Print When using packages is not an option, legacy mode is used

Package Point And Print: 

Package Point And Print In package point and print, the complete driver package is put in the client's driver store All components of the driver are installed on the client Client installation checks signing Result is a more secure form of point and print Windows Vista to downlevel uses 'legacy' point and print Dependency handling requires an INF change This is called being 'package aware'


Package-Awareness To be package-aware Either: Ensure that all the files in the driver package are unique, and don't appear in other packages And use the PackageAware keyword Or: Isolate the shared files into a separate core INF And use the core driver keywords

Example INFSimple case: 

Example INF Simple case If a printer driver contains a unique set of files Add the section highlighted below [DDInstall Section] CopyFiles=... [PrinterPackageInstallation.x86] PackageAware=TRUE [DestinationDirs] ...

Core File Dependencies: 

Core File Dependencies Shared files are placed in core printer drivers Using Unidrv on Windows XP Using Unidrv on Windows Vista [DriverInstall] [email protected],@OEMABC.GPD DataFile=OEMABC.GPD DataSection=UNIDRV_DATA Include=NTPRINT.INF Needs=UNIDRV.OEM,TTFSUB.OEM [DriverInstall_Vista] [email protected],@OEMABC.GPD DataFile=OEMABC.GPD CoreDriverSections='{D20EA372-DD35-4950-9ED8-A6335AFE79F0}, UNIDRV.OEM, UNIDRV_DATA, TTFSUB.OEM'

Sample (Partial Sample): 

Sample (Partial Sample) [Version] Signature='$Windows NT$' ClassGUID={4D36E979-E325-11CE-BFC1-08002BE10318} Class=Printer . . . [Manufacturer] ; Models sections for x86 driver on pre-Windows Vista [Company.NTx86] 'Device Description' = DriverInstall, PNP_ID, ABC_Printer ; Models section for x86 driver on Windows Vista and later [Company.NTx86.6.0] 'Device Description' = DriverInstall_Vista, PNP_ID, ABC_UniDrv5_Printer [PrinterPackageInstallation.x86] PackageAware=TRUE CoreDriverDependencies={D20EA372-DD35-4950-9ED8-A6335AFE79F0} ... [DriverInstall_Vista] [email protected],@OEMABC.GPD DataFile=OEMABC.GPD CoreDriverSections='{D20EA372-DD35-4950-9ED8-A6335AFE79F0}, UNIDRV.OEM, UNIDRV_DATA, TTFSUB.OEM'

Scenario Enabled: 

Scenario Enabled Printer driver vendors can ensure the complete driver package is installed on the client during point and print Driver signing is checked during remote installations, so package-aware drivers are trusted in more install scenarios

Point and PrintInterop support: 

Point and Print Interop support Windows Vista point and print completely interoperates with prior versions of Microsoft Windows Legacy point and print (old) Package point and print (new) Windows Vista supports package point and print to Windows Vista clients Windows Vista supports legacy point and print to pre-Windows Vista clients

Point And PrintPackage-aware drivers: 

Point And Print Package-aware drivers Windows Vista Windows XP Windows Vista Package-aware Legacy Package-aware on Windows Vista Package point and print to Windows Vista and later Legacy to older versions Legacy

Package-Aware Drivers: 

Package-Aware Drivers Making the driver package-aware is fairly straightforward When the driver is installed on Windows Vista, the platform takes care of the interop differences down to Windows 2000 If the same driver package must be installed on Windows XP, then use Operating System version decorations to isolate the Windows Vista INF attributes

Localized DriversWhat are they?: 

Localized Drivers What are they? All drivers have localizable resources Inbox Operating System components use .MUI files to store resources Inbox printer drivers need embedded resources so print drivers have the localized language embedded i.e. French printer DLLs contain French strings But printer drivers also respect MUI, so installing a language pack results in a language switch on the local machine Point and print clients still get the original language of the server OEM drivers can embed multiple resources in the binary

Scenario Enabled: 

Scenario Enabled Language switching on the local machine Windows Vista to Windows Vista point and print: Language switching works for driver packages Point and print to downlevel machines works as before (client gets the server native language)

Cross-Platform InstallationWhat is it?: 

Cross-Platform Installation What is it? Machines share printers with other machines that have different processor architectures The client needs to obtain the driver from the server, if it doesn’t have one locally The server needs to host a driver for the client Where does the hosting machine get the correct driver? From the appropriate media

Scenario Enabled: 

Scenario Enabled When the user shares a printer on an x86 computer with an x64 client, they need to add an additional driver for that client The user inserts the x64 media, and installs the driver from the disk

Call To Action: 

Call To Action Always make your driver package available as an INF Enables so many scenarios! Use the package-aware mechanism in Windows Vista Package-aware drivers are preferred in point and print, they are trusted, and provide more client functionality If you write a setup application, use an application manifest so the Windows Vista will automatically ask the user to run it with elevated privileges

Call To Action: 

Call To Action Understand your company logo goals and review new logo requirements Basic and Premium At WinHEC Practice setup dev skills in Printer Installation Hands on Lab Attend the Ask the Experts sessions Attend related sessions PRI019 Developing XPSDrv Print Drivers DEV052 Installing Driver Packages in Windows Vista and Windows Server Longhorn

Additional Resources: 

Additional Resources Read the Printer Package Installation white paper on Technical advice Online XPS Portal Links to relevant blogs, whitepapers, specs WHDC Printing documents Print Server Information: UAC development resources: Windows Digital Documents Platform Team Newsletter;lcid=1033 Prninfo @


© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.