Stop & Disable Print Spooler
This is an interactive task for stopping & disabling the print spooler service on domain-joined Windows servers.
This should be done to protect servers from the PrintNightmare RCE vulnerability.
The task will integrate with Osirium PAM to get both the Active Directory & Windows server details.
Playbook Files
Running this Playbook
- Click download playbook
- Import the downloaded file via the Playbooks page on PPA
- Build the playbook from the Edit & Build tab
- Run the playbook from the Preview & Deploy tab
Integrations
- PPA User Interface
- PAM Active Directories & Devices
- Windows Server Services
What the Task Does
Once started, this task allows the operator to:
- Pick a PAM Appliance (if more than one exists in PPA)
- Choose an Active Directory domain to get servers from
- Select one or servers to operate against
PPA will then scan each server on the selected domain & do the following:
- Stop the spooler service if it is running
- Disable the spooler service
A summary will be displayed at the end to show which servers had the service running.
Powershell Remoting (WinRM)
This task uses Powershell Remoting over WinRM to connect to the Windows Server.
See this Microsoft article for more information on how to securely enable WinRM.
Connection Settings
By default this playbook will:
- Use SSL when connecting to the Windows server
- Validate the Windows server certificate
You can change these settings on lines 9 & 10 of the playbook:
use_ssl: true
validate_cert: true
Get PPA for free!
Start automating your estate with a free 30 day trial today. No signup required!
Get PPA ExpressDocumentation
Installation Guide
See how easy it is to get started with our installation guide
Playbooks
View our task writing reference guide
Plugins
See how to integrate with different systems using our plugins reference guide.