UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Printer share permissions are not configured as recommended.


Overview

Finding ID Version Rule ID IA Controls Severity
V-1135 3.027 SV-29509r1_rule ECCD-1 Low
Description
Improperly configured share permissions on printers can permit the addition of unauthorized print devices on the network. Windows shares are a means by which files, folders, printers, and other resources can be published for network users to remotely access. Regular users cannot create shares on their local machines; only Administrators and Power Users have that ability.
STIG Date
Windows 2003 Domain Controller Security Technical Implementation Guide 2012-07-02

Details

Check Text ( C-80r1_chk )
Run Windows Explorer.
Select the Control Panel folder. (NT=Printers folder)
Select the Printers folder.

If there are no locally attached printers, then mark this as “Not Applicable.”

Perform this check for each locally attached printer:

Right click on a locally-attached printer.
Select Sharing from the drop-down menu.

Perform this check on each printer that has the “Shared” radio-button selected:

Select the Security tab

The following table lists the recommended printer share security settings (Allow Permission):

Users - Print
Administrators, System, Creator Owner - Print, Manage Printers, Manage Documents

If there are no shared local printers, then mark this as “Not Applicable.”
If the share permissions do not match the above table, then this is a finding.
Fix Text (F-88r1_fix)
Configure the permissions on locally shared printers to meet the minimum requirements.