Key Takeaways
- The policy controls LPT (printer) port redirection in Remote Desktop.
- Remote Desktop allows LPT port redirection by default.
- Enabling the policy blocks redirection to local LPT ports.
- Disabling the policy always allows LPT port redirection.
- If the policy is not configured, Group Policy does not control this setting.
Hey, let’s discuss about Controlling LPT Port Redirection in Remote Desktop using Intune. This policy controls whether data can be redirected to local LPT (printer) ports during a Remote Desktop session. By default, Remote Desktop allows users to redirect data from the remote system to local LPT port devices.
Table of Contents
Table of Contents
Controlling LPT Port Redirection in Remote Desktop using Intune
If you enable this policy, users will not be able to redirect server data to their local LPT ports, helping to improve security. If you disable it, LPT port redirection is always allowed. When the policy is not configured, the setting is not controlled by Group Policy
- Manage Extra Files Downloaded when Connecting to a Shared Printer using Intune Policy
- How to Prevent Mapping of Client Printers in Remote Desktop Services Sessions using Intune
- Enable Disable Prevent Adding New Printers Policy using Intune
How to Start Policy Creation
First sign in to the Microsoft Intune admin center. Go to Devices and select Configuration profiles. Then click Create profile to open the profile creation window. Select platform and profile type, then click Create to begin configuring your new policy.
| Platform | Profile Type |
|---|---|
| Windows 10 and later | Settings Catalog |
Basic Tab for Name and Description
On the Basics page, you give the profile a clear name and description, so it is easy to identify later. In the Name box, the policy name(LPT port redirection) and description(To allow or block LPT port redirection). Then click Next to continue.
Configure LPT Port Policy
On the Configuration settings page, the Settings picker is used to search for the required policy. In the search bar, policy name(LPT port) is entered. Select the category as Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource
Redirection and setting as Do not allow LPT port redirection.
After closing the Settings Picker, you will see it on the Configuration Settings page. Here we have only two settings: Enable or Disable. By default, it will be set to enabled. If you continue with enable the option, click Next to continue.
Disable LPT port Redirection Policy
If we Disable this policy, you can block the by toggling the switch from right to left. Then, you can click the Next button to continue.
Scope Tags
A Scope Tag in Intune is used to control visibility and access to Intune resources based on administrative roles. Scope tags are not mandatory. You can add the scope tag using the Select scope tags button.
Assignments Tab for Selecting Group
To assign the policy to specific groups, you can use the Assignment Tab. Here I click, +Add groups option under Included groups. I choose a group from the list of groups and click on the Select button. Again, I click on the Next button to continue.
Review + Create Tab
Before completing the policy creation, you can review each tab to avoid misconfiguration or policy failure. After verifying all the details, click on the Create Button. After creating the policy, you will get a success message.
Monitoring Status
The Monitoring Status page shows whether the policy has succeeded or not. To quickly configure the policy and take advantage of the policy sync the assigned device on Company Portal. Open the Intune Portal. Go to Devices > Configuration > Search for the Policy. Here, the policy shows as successful.
How to Remove Assigned Group from this Policy
If you want to remove the Assigned group from the policy, it is possible from the Intune Portal. To do this, open the Policy on Intune Portal and edit the Assignments tab and the Remove Policy.
To get more detailed information, you can refer to our previous post – Learn How to Delete or Remove App Assignment from Intune using by Step-by-Step Guide.
How to Delete LPT Port Policy from Intune
You can easily delete the Policy from the Intune Portal. From the Configuration section, you can delete the policy. It will completely remove it from the client devices.
For detailed information, you can refer to our previous post – How to Delete Allow Clipboard History Policy in Intune Step by Step Guide.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community and WhatsApp Channel to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.