When using Window's Printbrm tool to export printers to a directory on a server, I get the export but no longer have read permissions for the .printerexport.
The code I am using runs on the server (in a batch file) where the printer export will be stored. Running the bat file from the server correctly gives me read permissions when exporting locally. The issue appears when running the bat file from the server exporting to the same server. The bat file is run on the local admin account and server is connected to via domain user.
Batch file to export:
rem Connect to server set /p u=Username: net use \\servername\dir /user:domain\%u% * /persistent:no rem Use pushd because printbrm does not support spaces in path name pushd \\servername\dir C:\Windows\System32\spool\tools\PrintBrm.exe -b -f %computername%.printerexport -o force popd
Batch file to reimport:
rem Connect to server set /p u=Username: net use \\servername\dir /user:domain\%u% * /persistent:no rem Use pushd because printbrm does not support spaces in path name pushd \\servername\dir C:\Windows\System32\spool\tools\PrintBrm.exe -r -f %computername%.printerexport -o force popd
Printer export file is created successfully. When running the batch file to reimport, I get:
Operation mode: restore Target server: local machine Target file path: \\servername\dir\%computername%.printerexport. Queue publish mode: none Overwrite mode: keep existing settings Queue ACL mode: restore ACLs from backup The following error occurred: 0x80070002. The system cannot find the file specified.
Checking the %computername%.printerexport properties>Security, I get a message:
You must have Read permissions to view the properties of this object.
When executed correctly, I should be able to export all the printers/queues/drivers/etc, and reimport them.
EDIT: After experimenting further, I found that when running the export file as local admin, the printerexport would still have the permissions issue even with the
-noacl flag. As a workaround, I am running the export bat file as my domain user (I can view/edit the printerexport permissions), and I'm running the import as local admin (needed to properly import everything).
After experimenting, I found that exporting and importing with the flag
-noacl gave me the results I needed.
According to Micorsoft Printbrm details, when using the -noacl flag:
the restored print queues will inherit the permissions of the target print server
User contributions licensed under CC BY-SA 3.0