Error 0x0000011b when connecting to a printer Follow

Avatar
Laura Vela

BarTender Content Team


Symptoms

After installing a Windows Update, the following error 0x0000011b might be displayed on computers when trying to connect to a printer:

Error 0x0000011b - No Workgroup Printer access - it worked yesterday! -  Microsoft Q&A

Environment 

There are three updates released recently that may provide this behavior: (KB5005613, KB5005627 and KB5005563).

The reason for this updates is to correct an exploit vulnerability in printer driver injection (called PrintNightmare). This exploit in the Windows Point and Print feature, enabled the possibility to perform remote code execution and gain local SYSTEM privileges.

When the first updates were released, they did not automatically protect the machines. Users had to create a Registry Key to mitigate the vulnerability manually, however, in September's patch, Microsoft enabled this setting by default for every Windows device, and that is when users started experiencing the 0x0000011b error when trying to use network printers.

Please see Unable to Print after Applying Windows Update KB5004945 (aka "Print Nightmare" Fix) for more information.

 

Solution

Option 1

Follow and apply Microsoft's recommendations on how to handle printer installation after having applied these updates:

Managing deployment of Printer RPC binding changes for CVE-2021-1678 (KB4599464)

KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates

 

Option 2 - Uninstall the update

One temporary solution could be to uninstall the update from the print servers. In the case of using Windows Server Update Services (WSUS), the update should also be disapproved.

NOTE 2: When making this change, the computer will no longer be protected against the vulnerability

 

Option 3 - Disable the new requirement

Also as temporary measure, instead of uninstalling the update, it should be possible to deactivate this new implementation to control the exploit by changing a value in the registry key.

NOTE: Before making any changes to the registry, we recommend doing a backup of it.
NOTE 2: When making this change, the computer will no longer be protected against the vulnerability

 

Please do the following:

  • In the Windows search box, type regedit, and select Registry Editor
  • Navigate to the HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\Print key
  • Create a new DWORD-32 bit value named RpcAuthnLevelPrivacyEnabled, and set it to 0
  • Restart the print spooler service

The registry key must be applied on print servers and client computers.

 

 

Additional resources

 

Do you have feedback or questions on this article? We encourage you to post them on our Community Forums