Osirium Logo

Stop & Disable Print Spooler

Stop & Disable Print Spooler  Playbook IconStop & Disable Print Spooler  Playbook Icon

This is an interactive task for stopping & disabling the print spooler service on domain-joined Windows servers.

This should be done to protect servers from the PrintNightmare RCE vulnerability.

The task will integrate with Osirium PAM to get both the Active Directory & Windows server details.

Playbook Files

Requires PPA version 2.10.0 or newer

Running this Playbook

  • Click download playbook
  • Import the downloaded file via the Playbooks page on PPA
  • Build the playbook from the Edit & Build tab
  • Run the playbook from the Preview & Deploy tab
* Requires PPA v2.9.x or newer

Integrations

What the Task Does

Once started, this task allows the operator to:

  • Pick a PAM Appliance (if more than one exists in PPA)
  • Choose an Active Directory domain to get servers from
  • Select one or servers to operate against

PPA will then scan each server on the selected domain & do the following:

  • Stop the spooler service if it is running
  • Disable the spooler service

A summary will be displayed at the end to show which servers had the service running.

Powershell Remoting (WinRM)

This task uses Powershell Remoting over WinRM to connect to the Windows Server.

See this Microsoft article for more information on how to securely enable WinRM.

Connection Settings

By default this playbook will:

  • Use SSL when connecting to the Windows server
  • Validate the Windows server certificate

You can change these settings on lines 9 & 10 of the playbook:

  use_ssl: true
  validate_cert: true
Product Boot Screen

Get PPA for free!

Start automating your estate with a free 30 day trial today. No signup required!

Get PPA Express

Documentation


Theale Court
11-13 High Street, Theale
Reading, Berkshire, RG7 5AH
United Kingdom
+44 (0) 118 324 2444

Osirium Logo

Copyright 2020 Osirium Ltd.