- Joined
- Sep 22, 2011
- Messages
- 1,520
- Motherboard
- HP EliteDesk 800 G5 Mini
- CPU
- i9-9900
- Graphics
- UHD 630
- Mac
-
- Mobile Phone
-
Microsoft and Apple updates broke MacOS Catalina, Big Sur and Monterey printing to a Windows SMB printer share. This thread proposes a work-around to restore MacOS printing to the shared Windows printer. Implement these patches at your own risk, since we're overriding the PrintNightmare vulnerability patches.
Background
In order to address "PrintNightmare" vulnerabilies in the Windows print spooler (improper execution of priviledged file operations), both Microsoft and Apple implemented OS updates. I still have an HP 5L LaserJet (parallel port) attached to a Windows print server, servicing both Windows and Mac clients. Amazing and a testimony to how well HP built the printer and their driver (which still installs on Windows 10 / Windows Server 2016). MacOS still provides a HP PCL 4/5 driver.
Restoring MacOS printing to a Windows SMB share
In order to restore the ability to print from MacOS to the Windows SMB printer share, I have implemented the patches below. Implement these patches at your own risk, since we're overriding the PrintNightmare vulnerability patches.
On the Windows PC servicing the shared printer
The Windows patch that broke MacOS (and Windows 7) printing to the shared printer was KB5005565. Adding the following registry key on the Windows PC servicing the shared printer restored shared printer functionality:
On the MacOS Client printing to the shared printer
Following Microsoft's PrintNightmare patch in KB5005565, Apple pushed RPC updates for Catalina 10.5.7, Big Sur 11.6.3+ and Monterey 12.2+ that broke (again) MacOS printing to a Windows shared printer. The work-around that restores MacOS printing to the shared printer is to add the following to the printer's SMB path:
For example, if the original printer SMB printer path was
the new SMB printer path is
More details about the MacOS fix are here.
Background
In order to address "PrintNightmare" vulnerabilies in the Windows print spooler (improper execution of priviledged file operations), both Microsoft and Apple implemented OS updates. I still have an HP 5L LaserJet (parallel port) attached to a Windows print server, servicing both Windows and Mac clients. Amazing and a testimony to how well HP built the printer and their driver (which still installs on Windows 10 / Windows Server 2016). MacOS still provides a HP PCL 4/5 driver.
Restoring MacOS printing to a Windows SMB share
In order to restore the ability to print from MacOS to the Windows SMB printer share, I have implemented the patches below. Implement these patches at your own risk, since we're overriding the PrintNightmare vulnerability patches.
On the Windows PC servicing the shared printer
The Windows patch that broke MacOS (and Windows 7) printing to the shared printer was KB5005565. Adding the following registry key on the Windows PC servicing the shared printer restored shared printer functionality:
Code:
DWORD32: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\RpcAuthnLevelPrivacyEnabled = 0On the MacOS Client printing to the shared printer
Following Microsoft's PrintNightmare patch in KB5005565, Apple pushed RPC updates for Catalina 10.5.7, Big Sur 11.6.3+ and Monterey 12.2+ that broke (again) MacOS printing to a Windows shared printer. The work-around that restores MacOS printing to the shared printer is to add the following to the printer's SMB path:
Code:
?encryption=noFor example, if the original printer SMB printer path was
Code:
SMB://<print server IP address>/<share name>
Code:
SMB://<print server IP address>/<share name>?encryption=noMore details about the MacOS fix are here.