Jump to content

Deactivate Data Execution Prevention

Guest arno

By Guest arno
in Windows 2003 Server

 Share

Recommended Posts

Guest arno

Guest arno

Posted
Posted

Hello,

 

I have a Win 2003 R2 SP3 Terminal Server, DC and Printserver is a Win2003

SBS.

 

The Terminal Server stops working because of some problems with the spooler

service. I would like to know if I can deactivate "Data Execution

Prevention" by setting it from "only neccessary windows programs and

services" to "all programs/services with exceptions" (sorry, translated from

german). I am not sure what services/programs are monitored before and after

the change. Also the result is not clear. Currently, our programs stop

responding until I start the spooler service, however, what will happen

after the change - bluescreens?

 

I know that the cause of the problem may be one of the locally used and

redirected printers in the TS sessions, however, I do not know which one

causes the troubel. And we have many printers, as there are 4 subsidiaries

with many printers connected to the TS. The events do not tell me which

printer caused the trouble, it just says that the spooler service had to be

stopped.

 

Is there a way to restart the service automatically when it was stopped by

the data execution prevention?

 

regards

 

arno

  • Replies 5
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: Deactivate Data Execution Prevention

 

arno <nospam@invalid.net> wrote:

> Hello,

>

> I have a Win 2003 R2 SP3 Terminal Server, DC and Printserver is a

> Win2003 SBS.

>

> The Terminal Server stops working because of some problems with the

> spooler service. I would like to know if I can deactivate "Data

> Execution Prevention" by setting it from "only neccessary windows

> programs and services" to "all programs/services with exceptions"

> (sorry, translated from german). I am not sure what services/programs

> are monitored before and after the change. Also the result is not

> clear. Currently, our programs stop responding until I start the

> spooler service, however, what will happen after the change -

> bluescreens?

> I know that the cause of the problem may be one of the locally used

> and redirected printers in the TS sessions, however, I do not know

> which one causes the troubel. And we have many printers, as there are

> 4 subsidiaries with many printers connected to the TS. The events do

> not tell me which printer caused the trouble, it just says that the

> spooler service had to be stopped.

>

> Is there a way to restart the service automatically when it was

> stopped by the data execution prevention?

>

> regards

>

> arno

 

 

DEP is not the problem and won't help you here - and you've got to attack

the underlying cause, not the symptom. This is a bad printer driver, hands

down. Never install print drivers for your users (for redirection) - this

can lead to a very unstable terminal server. I'd uninstall all locally

installed print drivers and start over - check out

http://www.sessioncomputing.com/printing.htm and try posting in

microsoft.public.windows.terminal_services for the most expert help. You

have to be very careful with TS.

 

You can check out third party products for universal (or nearly so) printer

support - I'm a big fan of Tricerat's "Screwdriver" app. Works like a champ.

Not inexpensive, but worth it.

Guest arno

Guest arno

Posted
Posted

Re: Deactivate Data Execution Prevention

 

Hello,

> DEP is not the problem and won't help you here

 

I would like to understand what DEP is doing. Would the spooler crash cause

a bluescreen like it does with Win 2000?

KB 875352 on DEP says that it "helps prevent malicious code from running on

a system". So, I am in the lucky situation that my system does not get a BOD

because it thinks that a virus is attacking?

> This is a bad printer driver, hands down. Never install print drivers for

> your users (for redirection) - this can lead to a very unstable terminal

> server. > I'd uninstall all locally installed print drivers and start over

 

I know. So I have to turn off printer driver redirection on the TS because

the users must have their local printers for LOCAL use.

> - check out http://www.sessioncomputing.com/printing.htm and try posting

> in microsoft.public.windows.terminal_services for the most expert help.

 

ok.

> You can check out third party products for universal (or nearly so)

> printer support - I'm a big fan of Tricerat's "Screwdriver" app. Works

> like a champ. Not inexpensive, but worth it.

 

I'll have a look. Can you post an approx. price for on TS?

 

Thank you

 

arno

Guest Lanwench [MVP - Exchange]

Guest Lanwench [MVP - Exchange]

Posted
Posted

Re: Deactivate Data Execution Prevention

 

arno <nospam@invalid.net> wrote:

> Hello,

>

>> DEP is not the problem and won't help you here

>

> I would like to understand what DEP is doing. Would the spooler crash

> cause a bluescreen like it does with Win 2000?

 

No.

> KB 875352 on DEP says that it "helps prevent malicious code from

> running on a system". So, I am in the lucky situation that my system

> does not get a BOD because it thinks that a virus is attacking?

 

Um - not sure what you mean. You wouldn't get a BSOD because a service

stops. And DEP is not the thing stopping the service.

>

>> This is a bad printer driver, hands down. Never install print

>> drivers for your users (for redirection) - this can lead to a very

>> unstable terminal server. > I'd uninstall all locally installed

>> print drivers and start over

>

> I know. So I have to turn off printer driver redirection on the TS

> because the users must have their local printers for LOCAL use.

 

No, that isn't the problem....redirection itself is not the problem. The

problem is if you've installed any printer drivers for your users, on the TS

box, to *aid* their printer redirection,when the built-in stuff didn't work.

Never do that.

>

>> - check out http://www.sessioncomputing.com/printing.htm and try

>> posting in microsoft.public.windows.terminal_services for the most

>> expert help.

>

> ok.

>

>> You can check out third party products for universal (or nearly so)

>> printer support - I'm a big fan of Tricerat's "Screwdriver" app.

>> Works like a champ. Not inexpensive, but worth it.

>

> I'll have a look. Can you post an approx. price for on TS?

 

I'd check out http://www.tricerat.com - I think it was about $1k per server plus

annual maintenance. Well worth it. They're nice folks - easy to work with.

>

> Thank you

>

> arno

Guest arno

Guest arno

Posted
Posted

Re: Deactivate Data Execution Prevention

 

Hi again,

 

>> KB 875352 on DEP says that it "helps prevent malicious code from

>> running on a system". So, I am in the lucky situation that my system

>> does not get a BOD because it thinks that a virus is attacking?

>

> Um - not sure what you mean. You wouldn't get a BSOD because a service

> stops. And DEP is not the thing stopping the service.

 

DEP is stopping the service, that's what the message says when I log on the

console of the TS ("DEP, this program has been shut down for security

reasons, name: spooler sub system application")

> No, that isn't the problem....redirection itself is not the problem. The

> problem is if you've installed any printer drivers for your users, on the

> TS

> box, to *aid* their printer redirection,when the built-in stuff didn't

> work.

> Never do that.

 

It could be the new printer driver (for PDF, RTF, Excel output) that comes

with one of the applications on the TS. We will disable all printer

redirections (no redirected printer, no driver problem I hope) and see if we

still have problems. This is the only "new" driver we know of.

 

regards

 

arno

  • 1 month later...
Guest arno

Guest arno

Posted
Posted

Re: Deactivate Data Execution Prevention

 

> It could be the new printer driver (for PDF, RTF, Excel output) that comes

> with one of the applications on the TS. We will disable all printer

> redirections (no redirected printer, no driver problem I hope) and see if

> we still have problems. This is the only "new" driver we know of.

 

Disabling all printer redirections on the TS stopped the problem. And

printing speed increased dramatically.

 

On the TS we turned printer redirection on again but disabled the feature on

all RDP clients except those that really need it. Additionally, we removed

all local installations of the PDF-printer (same printer as on the TS but

old and incompatible dirvers that came with the test version of the

software). The problem did not occur again.

 

So, Lanwench, you are suggesting to remove all printer drivers from the TS

as recommended in these articles:

 

http://support.microsoft.com/kb/260142/en-us

 

http://www.msterminalservices.org/articles/hunt-bad-printer-driver.html

 

I have to check with my Admin as I think that the drivers where installed on

the TS on purpose...

 

arno

 

PS:

 

These are the printer monitors:

 

BJ Language Monitor

Canon BJ Language Monitor PIXMA iP5000

CNAC4 Monitor

Local Port

LPR Port

LPR Port\Ports

Microsoft Document Imaging Writer Monitor

PJL Language Monitor

Standard TCP/IP Port

Standard TCP/IP Port\Ports

USB Monitor

 

 

 

These are the printers:

 

Amyuni Document Converter 2.50

Amyuni Document Converter 300

Apple Color LW 12/660 PS

Brother M-4318

Canon Bubble-Jet BJC-4550

Canon LBP5000

Canon PIXMA iP5000

DocuColor 240 PCL

DocuColor 240 PS

Epson LQ-1170 ESC/P 2

Epson LQ-1170 Scalable Font

Epson LQ-570+ ESC/P 2

Generic / Text Only

HP Color LaserJet 2500 PCL 6

HP Color LaserJet 4550 PS

HP Color LaserJet 4600 PCL 6

HP Color LaserJet 4600 PS

HP DeskJet 1600CM/PS

HP DeskJet 640C/642C/648C

HP DeskJet 840C/841C/842C/843C

HP DeskJet 950C/952C/959C

HP LaserJet 1100 (MS)

hp LaserJet 1320 PCL 6

HP LaserJet 2100 Series PS

HP LaserJet 2200 Series PCL

HP LaserJet 2200 Series PCL 6

HP LaserJet 2420 PCL 6

HP LaserJet 3300 Series PCL 6

HP LaserJet 4

HP LaserJet 4 Plus

HP LaserJet 4000 Series PCL

HP LaserJet 4000 Series PS

HP LaserJet 4350 PCL 6

HP LaserJet 4V

HP LaserJet 5

HP LaserJet 5L

HP LaserJet 5MP

HP LaserJet 5P

HP LaserJet 6P

HP LaserJet III

Kyocera Mita FS-1020D KX

Kyocera Mita KM-1530

LANIER 5635 PCL 6

Lexmark Optra E

Lexmark Optra E310 (MS)

Lexmark Optra Ep

Lexmark Optra Ep PS

Microsoft Office Document Image Writer Driver

NRG 4525/4508/4502 PCL 5e

NRG 4525/4508/4502 PCL 6

NRG 4525/4508/4502 PS

Tally T8024 PCL6

Xerox DocuPrint C55 PCL 5C

Xerox DocuPrint NC60

 Share
Go to topic listing
×
×
  • Create New...