I'm running a provisioned XenApp 6.5 Farm and recently updated the HP Universal Print Driver (UPD) on the Print Server to the newest Version because we needed the support for some newer Printer Models.
But after the HP UPD Update the Users weren't able to map HP Printers (with the updated HP UPD) from the Print Server. They would always receive an "Access Denied" Error when trying to map a Printer.
I hadn't updated my provisioned XenApp Image with the new HP Drivers but wanted to to let the Users install the new Drivers until I could update my XenApp Image. But I had disabled the Point and Print Restrictions via GPO and wondered why Users still couldn't install Print Drivers.
While disabling Point and Print Restrictions alone works perfectly on Windows 7 Systems but for Windows Server 2008 R2 disabling Point and Print alone is not enough. You also have to disable the following Security Policy on your XenApp Servers:
And here is the GPO I'm currently using to allow Users to install Print Drivers on my XenApp Servers. Instead of disabling the Point and Print Restrictions completely you can of course also set it to enabled and adjust it accordingly. You can find more information on TechNet.