Forum Discussion
Device Control blocking Network Print Jobs???
Suddenly I'm seeing my InTune test group getting print failures to network printers with:
"The current print job was rejected due to Device Control Print Restrictions. Rejection Reason: Print blocked by Defender rule..." (Event IDs 372 and 871)
I have 1 Device Control policy that allows our Encrypted USB drives (no printer option checked) and blocks all other USB drives (no printer option checked).
I have no Defender rules that explicitly block print jobs...
I've edited local group policy to disable Point and Print Restrictions
I've edited local group policy to disable Enable Device Control Print Restrictions
I've created a custom InTune configuration policy to disable both of the above, yet this issue persists...
Why is Device Control suddenly blocking printing to network printers? I've been troubleshooting this for over a week and it's completely maddening! Has anyone else run into this? It's preventing us from rolling out Defender org-wide.
--SOLVED--
This is what my DC policy looks like:
I built reusable setting configurations for each of the above policies:
For the blocking policy, I changed 'Deny' to 'DenyAudit' and configured 'RemovableMediaDevices' in the 'All Removable Storage' policy above:
I'm still blocking all removable USB storage devices with the exception of devices in my Allowed Policy. Everything seems to work now; I'll let this bake for a day or two but it's looking promising!
- It seems I am having the same issue and it took me forever to find out.
I am adding a reusable setting for allowing the network printers.
Can someone share the reusable settings? Do I need to configure only the name like "Network Printer" within the instance?
BenBrandt3 was there an update in the printer drivers? Are the endpoints allowed to install printer drivers? The block could be due to inability to install updated drivers or certain classes. Advanced hunting and device control report should give you more details.
rahuljindal-MVP Not that I'm aware, but this gives me a new aspect to investigate, appreciate the suggestion!
