You can now control which printers your user can print on.
Connect to your Endpoint Configuration Manager portal (https://endpoint.microsoft.com/) and access the Devices\Windows\Configuration profiles blade to create a new custom profile
Then you need to configure the following OMA-URI to block printing from non approved printers and define the approved printers.
You can configure these OMA-URI for either device level or user level, depending if you want to apply the configuration to devices group or users group.
- User configuration
- Block printing from non approved printers
- OMA-URI: ./Vendor/MSFT/Policy/Config/Printers/EnableDeviceControlUser
- Value: <enabled/>
- Define the approved USB printers
- OMA-URI: ./Vendor/MSFT/Policy/Config/Printers/ApprovedUsbPrintDevicesUser
- Value: <enabled/><data id=”ApprovedUsbPrintDevices_List” value=”<USB printer VID/PID – like 03F0/0853,0351/0872″/>
- Device configuration
- Block printing from non approved printers
- OMA-URI: ./Vendor/MSFT/Policy/Config/Printers/EnableDeviceControl
- Value: <enabled/>
- Define the approved USB printers
- OMA-URI: ./Vendor/MSFT/Policy/Config/Printers/ApprovedUsbPrintDevices
- Value: <enabled/><data id=”ApprovedUsbPrintDevices_List” value=”<USB printer VID/PID – like 03F0/0853,0351/0872″/>
NOTE You can add as many as you need using a comma separated format; wildcard is not supported