[German]I'm posting an issue here in the blog that a reader pointed out to me. The security update KB5035849 released on March 12, 2024 for Windows 10 Enterprise 2019 LTSC and Windows Server 2019 causes printing problems in certain cases. Under Windows Terminal Server, users can no longer print locally to their redirected printers. According to my research, other administrators have also encountered this problem.
Advertising
Windows Server 2019 Update KB5035849
Cumulative update KB5035849 is only available for Windows 10 2019 Enterprise LTSC and IoT Enterprise LTSC (the remaining variants were removed from the security update supply on May 11, 2021) and Windows Server 2019. This security update makes a number of corrections (including to Active Directory and Windows domains) (see my blog post Patchday: Windows 10-Updates (March 12, 2024)). I came across the update here in the blog in connection with an error (see Windows 10/Server 2019: Update KB5035849 fails with error 0xd0000034).
Issues with redirected printers
It appears that the aforementioned March 12, 2024 update to Windows Server 2019 is causing issues with redirected printers in certain environments.
A reader report on the problem
A blog reader contacted me directly by email on April 5, 2024 to inform me about a problem (thanks for that) that occurs in his Windows Terminal Server environment. He wrote to me that "with the March 24 update for servers there is a problem that redirected printers from local to a terminal server can no longer print". The redirected printer is displayed, but a "handle" error occurs during the print job.
The above text does not specify which server is involved and the update KB number is also missing. However, the reader wrote: "There is already a follow-up update, but this does not help." He mentioned the update KB5035849, which is the March 2024 security update. My guess is that the reader is referring to the special updates that Microsoft had to release in March to close the LSASS memory leak (see Windows Server: Fix for (Kerberos) LSASS memory leak through March 2024 updates).
The reader wrote to me that he had carried out the measures mentioned in the support article Windows Server printer redirection isn't working without success. This support article has the revision date Dec. 26, 2023, but refers to Windows Server 2012 R2.
Advertising
Further confirmations on the internet
With the above information, I did a quick search on the Internet overnight and came across the Microsoft Answers forum post Printer Redirection not working on my remote server dated March 22, 2024. The person concerned writes that he operates a broker server "Windows Server 2019" and two RDS servers "Windows Server 2019".
Since installing the latest Windows Server 2019 updates (March 2024), users are experiencing issues with printer redirection in their Remote Desktop Services (RDS) environment. Users can access desktops and applications normally, but printing from their redirected printers fails. Error messages include "The handle is invalid" or connection errors.
The administrator has tried restarting the servers, checking the redirection settings and even uninstalling the updates, but the problem persists. When he accesses his remote admin in admin mode (mstsc /admin), the redirection printer works fine.
There are some administrators in this forum thread who confirm the errors. The comment by a Microsoft employee that the problem was fixed by the out-of-band update for the memory leak is simply wrong. There is currently no solution or new insight in this thread.
A second Microsoft Answers forum post Does anyone have problems printing from RDP after March 12, 2024 KB5035849 update? from March 26, 2024 also falls into the same category. The person concerned writes that he cannot print via RDP after installing KB5035849 from March 12, 2024. He has tried to undo the installation but still has the same problem.
The only fix the affected person found: Rolling back the Server 2019 to a backup before the patchday and blocking the update installation. The affected person writes that the out-of-band update KB5037425 does not help with the above problem. Question in the round: Is anyone else affected? Is there a fix or workaround?
A workaround from my readers
Addendum: My German blog reader confirmed the issue and made some proposals in comments. Michel Py wrote:
A redirected printer means that the local printer driver on the RDS server should be installed dynamically on RDP login. Has the admin tried if it works better with the entry:
RestrictDriverInstallationToAdministrators=0
See Microsoft's support article KB5005652—Manage new Point and Print default driver installation behavior (CVE-2021-34481)
Another Michael has answered, that the specific printer driver is not really necessary. The remote desktop print driver is actually responsible for this printing issue. And this is exactly what is causing problems. He did not have this problem with a specific printer driver (the Microsoft universal driver can be deactivated via GPO). With the printer-specific drivers, however, he had all sorts of other problems (settings not accepted, etc.).
So he looked for a workaround and found it in the form of the DLL swap. Michael wrote within this German comment (I've translated all comments here) that he has this issue since January 2024. He found the following dll swapping workaround:
I am aware of the issue and have had it since the January update. The cause for me is the file mxdwdrv.dll in the folder:
c:\\windows\\system32\\\spool\\drivers\\x64\\3.
If I replace this with the same file from another server (no RDS), everything works again.
The "broken" file is 840KB in size, the working file is 880KB. The problem reappeared with the March update and I had to replace the file again.
No restart is necessary, neither server nor services. At most a log out and log in again.
Both servers (RDS, as well as the other server from which I have the file) are patched. I have the suspicion it is related to some fix for the PrinterNightmare. Why only RDS is affected, I do not know.
Maybe the observation and the workaround from Michael can help to solve the issue. I've forwarded it on X to @MicrosoftHelps – but they told me first to contact the Microsoft support listed here, and after I wrote, that I don't have the issue, they shall forward the article link to their product group for investigation, they came back with the request "to create a Feedback hub entry to "improve Windows" – same bullshit as every time. I then told them to take the link to my blog post here and forward it to the product group or leave it – that's the Microsoft way to thread it's customers.
Similar articles:
Microsoft Security Update Summary (March 12, 2024)
Patchday: Windows 10-Updates (March 12, 2024)
Patchday: Windows 11/Server 2022-Updates (March 12, 2024)
Windows Server 2012 / R2 and Windows 7 (March 12, 2024)
Windows 10/Server 2019: Update KB5035849 fails with error 0xd0000034
Windows Server: March 2024 update causes LSASS memory leak on DCs
Windows Server: Fix for (Kerberos) LSASS memory leak through March 2024 updates
Hi guenni,
Thanks for sharing this. We have several server 2019 RD environments. Just one of them had the problem (a farm with 7 Session Hosts).
Replacing the DLL fixed the issue. I cant figure out why the other environments do not report the problem.
regarding the mxdwdrv.dll file – I can extract a copy of that file found in the ntprint.inf_amd64_******.cab file from the \Windows\System32\spool\drivers\x64\PCC\ folder.
the version of the mxdwdrv.dll file I have on my Win10 LTSC 2019 (v1809) machine is 0.3.17763.1492 – not sure if this is the specific version that either works or it doesn't on affected Server 2019 systems
oops, it's not version 0.3.17763.1492, it's actually 0.3.17763.4492 of the mxdwdrv.dll file (I could not edit my previous comment in time due to an internet connection problem on my end)
The Windows Updates from the April patchday do not fix the issue!
The mxdwdrv.dll modification date after the update is still 15.02.2024
Replacing the mxdwdrv.dll with the old version and restarting the spooler fixes the issue
I had this issue way earlier (i think november 2023) with 2016 servers. And after every update i need to replace the dll. And here is the funny thing, I got 3 RDS Hosts with same configuration, just 2 having these problems. And i copy the file from the healthy one. Interestingly in my case, the healthy one got CAPS LETTERS, no new file update date or anything like that. the last edit date is actually from februrary. But indeed the file size of 880 was right, the unhealthy ones werent 840… and the file version is also different.
And handle invalid will only be presented if trying to print with old classic notepad, even word wont give you this specific error message.
Maybe replacing the cab file that includes this dll will fix this issue permanently. I will try this and after next windows update, will give you an update on this maybe..
The DLL trick worked like a champ. Thanks.