Score:1

looking for "access denied" server log entries on network shared print jobs (Windows) after removing the 'Everyone' group

cu flag

In an effort to try to remove the ability for users to print directly to an MFP shared printer, relegating the users to use their badge ID for more secure printing while in the office... Currently testing with one printer by removing the 'Everyone' group and adding an 'Allow' group the access to print (for exceptions). SO far that does the trick. And I can print all day with my badge but when I try to print directly it fails immediately, WHICH IS the desired outcome. My trouble is trying to find ANY log entries on any Log server, be it a DC, or a logging specific server. Or on the copiers themselves. I've scoured the Admin Log in the "Microsoft-PrintServices-Admin" log. I enabled the "Operational" Log as well which had nothing of my attempted print jobs that failed. I've been looking on some of the Domain Controllers and so far with no luck. Here are the logs I've looked into so far. I just would love to know if anyone has attempted this, and what log (if any) a failed print job would show in, and what event ID it might have? List of log names I've looked into so far: Classic Security log, Microsoft-Windows-SMBServer-Security, Microsoft-Windows-NTFS/Operational, Microsoft-PrintServices/Admin, Microsoft-PrintServices/Operational, Microsoft-Windows-SMBClient/Security, Microsoft-Windows-SMBClient/Connection, Microsoft-Windows-SMBClient/Audit, Microsoft-Windows-NTLM/Operational.

Thanks a million!

I'd love to use:

Get-WinEvent -ComputerName DC-SERVER -FilterHashtable @{
>> LogName = 'Microsoft-Windows-SMBServer/Security'
>> ID = '551'} -MaxEvents 10 | Format-List

But not knowing the correct logname, or event ID makes it hard.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.