You know its all well and good to say its microsofts fault and xerox has nothing to do with it but meanwhile its the end users and admins that screwed over waiting for a more permanent solution. As someone affected by it across 18 sites with all sorts of different models of xerox devices it seems to be a never ending problem. We pulled 3170455 when we discovered it to be what caused our nightmare affecting hundreds of users and now it seems to have popped straight back up again with another recent patch microsoft has released. Now all our users are getting error 0x80070bcb and we again have to pull back patches yet our other devies in the fleet from HP and Canon seem to chug along without a problem. Maybe this will help some people when they google the error to know they are not alone
Since it is an MS issue, you need to tell them, Xerox has no ability to make a Hotfix for their OS.
We're having the same issue on Server 2008 R2. Been told to install the MS hotfix- except there isn't one.
I haven't seen any reports of it, I just searched and found no reports of it so if you have the exact issue you may be the first reporting it, or I just don't have the ability to find other reports.
I do work for Xerox in 2nd level, but there are many 2nd level teams, and many locations, and I am far removed from Engineering, so it is entirely possible this has been reported and I just can't find references.
I made this post originally because I am a co-worker of the author of the listed documents (he worked the issue on our side until it was handed off to MS), no such work is being done by him now.
We are experiencing this on 2008R2 servers, do you have any recommendations for a hotfix for 2008r2 Servers?
At this point it would be both have an issue.
Is Xerox willing to stand by the products that are not under development any more (not making them money) and make a driver and pay to have it signed, or is MS willing to allow the installation of unsigned drivers to help out their customers.
I personally don't see either one happening, but I am pretty low on the totem pole (And I post here in an un-official capacity, I don't get paid to do so). Only time will tell I guess.
If Xerox makes an official statement in some way I will post it in this thread, my guess, if they do, is that they will say you can use the Global Print Driver with most machines in those cases. It does officially support a lot of devices, and un-officially supports even more ala Basic Prit mode (No finishing) or Workcentre color and BW (Does have limited finishing)
Thanks Joe, this looks like a resolution to the problem installing a signed, package aware, print driver. What about the problem installing a non signed, package aware print driver? Is this still with Microsoft or is this now for Xerox to issue up to date drivers?
Xerox Second Level Support Notice – Microsoft Spooler Update KB3170445 breaks the ability to Install Print Drivers in Some Environments.
When attempting to install a printer from a Microsoft Windows 2012 R2 print server on a client workstation, the printer installation will fail with error code 800f024b.
Can occur with the following environments;
Print Server – Server 2012 R2
Client – Windows 7, Windows 8.1, Windows RT 8.1, Windows RT, Windows 10.
This notification is to explain the findings of Xerox/Microsoft investigation regarding the impact of installing valid signed print drivers after installing the Hotfix KB3170455. Xerox Development along with Microsoft have determined the issue being seen, where one cannot install a signed, package aware, print driver is related to a missing hotfix on the print server (Server 2012 R2) prior to installing KB3170455 on both the print server and client workstations. Microsoft hotfix KB300850 must be installed on the 2012 R2 print server prior to installing KB3170455.
When KB300850 is not installed on your 2012 R2 print server prior to installing KB3170455, a signed, package aware, print driver installation will fail on client work stations with the following error in your event viewer;
Microsoft has committed to ensure they add information on KB3170005 referring customers to KB300850 if they see issues installing valid signed drivers.
- Remove hotfix KB3170455 from the 2012 R2 print server.
- Install hotfix KB300850 on the 2012 R2 print server.
- Re-install hotfix KB3170455 on the 2012 R2 print server. https://technet.microsoft.com/library/security/MS16-087
**Note** The procedure above will require a restart of the print server.
For additional information regarding the KB installation and/or questions around behaviors please contact Microsoft @ http://support.microsoft.com/
I found a workaround for this on a technet forum post. Its basically forcing the server to think the drivers are package aware so they can install without prompting. So far it seems to be working ok for us.
On the print servers registry go to HKLM\System\CurrentControlSet\Control\Print\Enviroments\Windowsx64\Drivers\...\Driver name, change the PrinterDriverAttributes value to an odd number by adding 1 to it. I found the Fuji Xerox printers were nearly all 0 so I made them 1. A few were 4 so I made them 5. Then restart the spooler.
Hopefully Fuji Xerox update the drivers soon so this isn't necessary. I see Canon have promised to update their drivers within the next couple of weeks :)
As far as we know MS is still working on it, they won't provide updates to Xerox on the matter unless we were in some way needed to resolve the issue. (Remember the issue happens on multiple vendors drivers that are/were digitally signed, packaged and certified by MS themselves.)
Your best bet is to
1: remove the patch, install the driver, re-apply the patch
2: install the driver locally on devices that give the error
3: wait for the fix from MS
Lot's of companies refuse to temporarily remove the patch, but that is up to them, they need to decide if a temporary patch removal is a bigger deal than not being able to print, or paying someone to locally install driver on client PC's.