Guest arno Posted April 28, 2008 Posted April 28, 2008 Hello, I have a Win 2003 R2 SP3 Terminal Server, DC and Printserver is a Win2003 SBS. The Terminal Server stops working because of some problems with the spooler service. I would like to know if I can deactivate "Data Execution Prevention" by setting it from "only neccessary windows programs and services" to "all programs/services with exceptions" (sorry, translated from german). I am not sure what services/programs are monitored before and after the change. Also the result is not clear. Currently, our programs stop responding until I start the spooler service, however, what will happen after the change - bluescreens? I know that the cause of the problem may be one of the locally used and redirected printers in the TS sessions, however, I do not know which one causes the troubel. And we have many printers, as there are 4 subsidiaries with many printers connected to the TS. The events do not tell me which printer caused the trouble, it just says that the spooler service had to be stopped. Is there a way to restart the service automatically when it was stopped by the data execution prevention? regards arno
Guest Lanwench [MVP - Exchange] Posted April 28, 2008 Posted April 28, 2008 Re: Deactivate Data Execution Prevention arno <nospam@invalid.net> wrote: > Hello, > > I have a Win 2003 R2 SP3 Terminal Server, DC and Printserver is a > Win2003 SBS. > > The Terminal Server stops working because of some problems with the > spooler service. I would like to know if I can deactivate "Data > Execution Prevention" by setting it from "only neccessary windows > programs and services" to "all programs/services with exceptions" > (sorry, translated from german). I am not sure what services/programs > are monitored before and after the change. Also the result is not > clear. Currently, our programs stop responding until I start the > spooler service, however, what will happen after the change - > bluescreens? > I know that the cause of the problem may be one of the locally used > and redirected printers in the TS sessions, however, I do not know > which one causes the troubel. And we have many printers, as there are > 4 subsidiaries with many printers connected to the TS. The events do > not tell me which printer caused the trouble, it just says that the > spooler service had to be stopped. > > Is there a way to restart the service automatically when it was > stopped by the data execution prevention? > > regards > > arno DEP is not the problem and won't help you here - and you've got to attack the underlying cause, not the symptom. This is a bad printer driver, hands down. Never install print drivers for your users (for redirection) - this can lead to a very unstable terminal server. I'd uninstall all locally installed print drivers and start over - check out http://www.sessioncomputing.com/printing.htm and try posting in microsoft.public.windows.terminal_services for the most expert help. You have to be very careful with TS. You can check out third party products for universal (or nearly so) printer support - I'm a big fan of Tricerat's "Screwdriver" app. Works like a champ. Not inexpensive, but worth it.
Guest arno Posted April 28, 2008 Posted April 28, 2008 Re: Deactivate Data Execution Prevention Hello, > DEP is not the problem and won't help you here I would like to understand what DEP is doing. Would the spooler crash cause a bluescreen like it does with Win 2000? KB 875352 on DEP says that it "helps prevent malicious code from running on a system". So, I am in the lucky situation that my system does not get a BOD because it thinks that a virus is attacking? > This is a bad printer driver, hands down. Never install print drivers for > your users (for redirection) - this can lead to a very unstable terminal > server. > I'd uninstall all locally installed print drivers and start over I know. So I have to turn off printer driver redirection on the TS because the users must have their local printers for LOCAL use. > - check out http://www.sessioncomputing.com/printing.htm and try posting > in microsoft.public.windows.terminal_services for the most expert help. ok. > You can check out third party products for universal (or nearly so) > printer support - I'm a big fan of Tricerat's "Screwdriver" app. Works > like a champ. Not inexpensive, but worth it. I'll have a look. Can you post an approx. price for on TS? Thank you arno
Guest Lanwench [MVP - Exchange] Posted April 28, 2008 Posted April 28, 2008 Re: Deactivate Data Execution Prevention arno <nospam@invalid.net> wrote: > Hello, > >> DEP is not the problem and won't help you here > > I would like to understand what DEP is doing. Would the spooler crash > cause a bluescreen like it does with Win 2000? No. > KB 875352 on DEP says that it "helps prevent malicious code from > running on a system". So, I am in the lucky situation that my system > does not get a BOD because it thinks that a virus is attacking? Um - not sure what you mean. You wouldn't get a BSOD because a service stops. And DEP is not the thing stopping the service. > >> This is a bad printer driver, hands down. Never install print >> drivers for your users (for redirection) - this can lead to a very >> unstable terminal server. > I'd uninstall all locally installed >> print drivers and start over > > I know. So I have to turn off printer driver redirection on the TS > because the users must have their local printers for LOCAL use. No, that isn't the problem....redirection itself is not the problem. The problem is if you've installed any printer drivers for your users, on the TS box, to *aid* their printer redirection,when the built-in stuff didn't work. Never do that. > >> - check out http://www.sessioncomputing.com/printing.htm and try >> posting in microsoft.public.windows.terminal_services for the most >> expert help. > > ok. > >> You can check out third party products for universal (or nearly so) >> printer support - I'm a big fan of Tricerat's "Screwdriver" app. >> Works like a champ. Not inexpensive, but worth it. > > I'll have a look. Can you post an approx. price for on TS? I'd check out http://www.tricerat.com - I think it was about $1k per server plus annual maintenance. Well worth it. They're nice folks - easy to work with. > > Thank you > > arno
Guest arno Posted April 28, 2008 Posted April 28, 2008 Re: Deactivate Data Execution Prevention Hi again, >> KB 875352 on DEP says that it "helps prevent malicious code from >> running on a system". So, I am in the lucky situation that my system >> does not get a BOD because it thinks that a virus is attacking? > > Um - not sure what you mean. You wouldn't get a BSOD because a service > stops. And DEP is not the thing stopping the service. DEP is stopping the service, that's what the message says when I log on the console of the TS ("DEP, this program has been shut down for security reasons, name: spooler sub system application") > No, that isn't the problem....redirection itself is not the problem. The > problem is if you've installed any printer drivers for your users, on the > TS > box, to *aid* their printer redirection,when the built-in stuff didn't > work. > Never do that. It could be the new printer driver (for PDF, RTF, Excel output) that comes with one of the applications on the TS. We will disable all printer redirections (no redirected printer, no driver problem I hope) and see if we still have problems. This is the only "new" driver we know of. regards arno
Guest arno Posted June 4, 2008 Posted June 4, 2008 Re: Deactivate Data Execution Prevention > It could be the new printer driver (for PDF, RTF, Excel output) that comes > with one of the applications on the TS. We will disable all printer > redirections (no redirected printer, no driver problem I hope) and see if > we still have problems. This is the only "new" driver we know of. Disabling all printer redirections on the TS stopped the problem. And printing speed increased dramatically. On the TS we turned printer redirection on again but disabled the feature on all RDP clients except those that really need it. Additionally, we removed all local installations of the PDF-printer (same printer as on the TS but old and incompatible dirvers that came with the test version of the software). The problem did not occur again. So, Lanwench, you are suggesting to remove all printer drivers from the TS as recommended in these articles: http://support.microsoft.com/kb/260142/en-us http://www.msterminalservices.org/articles/hunt-bad-printer-driver.html I have to check with my Admin as I think that the drivers where installed on the TS on purpose... arno PS: These are the printer monitors: BJ Language Monitor Canon BJ Language Monitor PIXMA iP5000 CNAC4 Monitor Local Port LPR Port LPR Port\Ports Microsoft Document Imaging Writer Monitor PJL Language Monitor Standard TCP/IP Port Standard TCP/IP Port\Ports USB Monitor These are the printers: Amyuni Document Converter 2.50 Amyuni Document Converter 300 Apple Color LW 12/660 PS Brother M-4318 Canon Bubble-Jet BJC-4550 Canon LBP5000 Canon PIXMA iP5000 DocuColor 240 PCL DocuColor 240 PS Epson LQ-1170 ESC/P 2 Epson LQ-1170 Scalable Font Epson LQ-570+ ESC/P 2 Generic / Text Only HP Color LaserJet 2500 PCL 6 HP Color LaserJet 4550 PS HP Color LaserJet 4600 PCL 6 HP Color LaserJet 4600 PS HP DeskJet 1600CM/PS HP DeskJet 640C/642C/648C HP DeskJet 840C/841C/842C/843C HP DeskJet 950C/952C/959C HP LaserJet 1100 (MS) hp LaserJet 1320 PCL 6 HP LaserJet 2100 Series PS HP LaserJet 2200 Series PCL HP LaserJet 2200 Series PCL 6 HP LaserJet 2420 PCL 6 HP LaserJet 3300 Series PCL 6 HP LaserJet 4 HP LaserJet 4 Plus HP LaserJet 4000 Series PCL HP LaserJet 4000 Series PS HP LaserJet 4350 PCL 6 HP LaserJet 4V HP LaserJet 5 HP LaserJet 5L HP LaserJet 5MP HP LaserJet 5P HP LaserJet 6P HP LaserJet III Kyocera Mita FS-1020D KX Kyocera Mita KM-1530 LANIER 5635 PCL 6 Lexmark Optra E Lexmark Optra E310 (MS) Lexmark Optra Ep Lexmark Optra Ep PS Microsoft Office Document Image Writer Driver NRG 4525/4508/4502 PCL 5e NRG 4525/4508/4502 PCL 6 NRG 4525/4508/4502 PS Tally T8024 PCL6 Xerox DocuPrint C55 PCL 5C Xerox DocuPrint NC60
Recommended Posts