Cybersecurity
DevOps Cloud
IT Operations Cloud
Problem:
After upgrade to Windows 11 24H2, iPrint client prompts for User credentials after upgrade to windows 11 24h2 version for workstations where iPrint Single Sign-On is configured. Same configuration works fine on previous windows versions
Cause:
With Windows 11 24H2, Single Sign-On module of iPrint is blocked by Windows LSA (Local Security Authority).
Resolution:
iPrint client prompts for User credentials after upgrade to windows 11 24h2 version.
Same configuration works fine on previous windows versions
This is visible when printing to SSL printers or using iCM to deliver printers.
After entering User credentials, it will work till next reboot of the workstation
This is due to Microsoft changing the behaviour of winlogon process making mandatory to enable the MPR policy.
To enable MPR policy, there are two ways:
Computer Configuration > Administrative Templates > Windows Components > Windows Logon Options > Configure the transmission of the user’s password in the content of MPR notifications sent by winlogon.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableMPR"=dword:00000001
A reboot of the windows workstation is necessary for the policy change to take effect.