https://worldofeuc.com logo
Join Slack
Powered by
Working with a customer that has an odd challenge:...
# _general
d
Working with a customer that has an odd challenge: They can never connect to their print servers to map a printer directly on VMs, but they can from standalone machines, laptops, etc. We even tried standing up a fresh build server with nothing on it... same problem.... but I'll put this in a thread to not crowd the space!
Every time they try to connect... we tried even doing some unsafe things like forcing RPC over named pipes... Nothing. I know there was the Print Nightmare thing a few years back but with a new 2022 VM and print server... no joy. If anyone's seen this we'd love a solution!
j
Check the Win Event logs for LSA EventID 6167, Partial mismatch of machine ID
If present, you might be running into this (this is describing it occurring on W11, but the hardening happened on W11, S22, S25 I believe). Releasing Windows 11 Build 26100.5061 to the Release Preview Channel : r/Windows11
r
I read something about this, maybe it is related to this
p
I'm seeing the same thing on Windows 11 23H2 on Amazon Workspaces Pools
d
The RPC changes didn't work for us, unfortunately
p
What version OS is your Print server on is it 2022 as well?
d
They have the same impacts on 2019, 2022, and 2025
r
@Jon Bucud I have this on a Citrix PVS instance in maint mode. "There is a partial mismatch in the machine id event id 6167". So I manually re-added it to the domain, but the same thing again.... Any Ideas?
j
Does the rest of the criteria match? Was the currently in maint mode PVS server created from a template that may have not unique SIDs post spin up? It’s not as cut and dry to search for an installed KB and uninstall to test since KB5064531 is subject to SSU supersedence
r
@Jon Bucud I am not sure if the original machine was created correctly but If that is what is required for this to occur I assume that's the case. :-(
j
I wouldn’t beat yourself up too hard @Robert Berggren, duplicate SIDs have been a non-issue for a very long time. Take a look at https://www.infrastructureheroes.org/microsoft-infrastructure/microsoft-windows/the-windows-sid-and-an-old-problem/ and confirm if they do have duplicates. If so, and if you also have installed updates on both DCs and your PVS servers recently then we’re definitely on the right track. Otherwise, red herring.
r
@Jon Bucud I'll have a look if we have any duplicates SIDs, thank you for the link. 👍
p
@DJ Eshelman Did you manage to solve it?
d
I have been away but I'll be back with the client tomorrow. My bet would be no.
r
I can report that we have duplicates on this image, two different machines booted from the same PVS image have the same SID. Edit: checked two other setups and all machines have identical SIDs there as well.
p
@DJ Eshelman In our environment we had to open up additional TCP135 and TCP 49512 - 65535 (Dynamic RPC) to the Print server , one of our engineers ran Wireshark.
d
No firewalls but... we'll verify that ;-)
Welllll this is embarrassing. It turns out that there had been an "Epic Recommended" policy that was set with Universal Print server enabled with no fallback to native... What threw us off was that we thought it may have been a strange interaction between XenServer Tools and installing the VDA but it would appear that our first testing was a bit of a fluke and we didn't catch that policies hadn't been fully applied. So - there ya go. Mind even your Citrix policies because computer policies like that will affect even console sessions!!
🖨️ 1
3 Views
Open in Slack
PreviousNext
Powered by