Using PowerShell to Batch Password Protect Adobe PDF Files in a Directory

As a follow up to my previous post:

Attempting to use itextsharp.dll throws the error: "Could not load file or assembly 'BouncyCastle.Crypto, Version=1.8.6.0, Culture=neutral, PublicKeyToken=0e99375e54769942'..."

http://terenceluk.blogspot.com/2021/02/attempting-to-use-itextsharpdll-throws.html

… the script provided in the blog post did not match the requirements I needed so I’ve gone ahead to modify it and created two versions:

1. Uses an Excel spreadsheet with predefined passwords to password protect PDF documents and fills in the name of the file
2. Uses an Excel spreadsheet to fill in PDF file names and the randomly generated password used to password protect it

The following are the two PowerShell scripts:

Using PowerShell to Password Protect Adobe PDF Files (requires only passwords)

The following describes how to use PowerShell to password protect Adobe PDF files with a reference spreadsheet with only the passwords defined. The PowerShell script’s logic is as follows:

1. Opens up a spreadsheet with two columns:
   1. Source Name < blank
   2. Password < password specified
2. Looks into a directory and begins password protecting the documents with the passwords in the spreadsheet AND fills in the source name column with the file name
3. Saves the PDF into another directory

1. Begin by creating a spreadsheet with two columns leaving the Source Name blank with the Password column filled in:

    a) Source Name

    b) Password

2. Proceed by creating a .ps1 file from the following code (also attached as PasswordProtectPDF.ps1):

Add-Type -Path "C:\itextsharp.5.5.13.2\lib\BouncyCastle.Crypto.dll"

[System.Reflection.Assembly]::LoadFrom("itextsharp.dll")

function PSUsing {

param (

[System.IDisposable] $excelSheetNumbernputObject = $(throw "The parameter -inputObject is required."),

[ScriptBlock] $scriptBlock = $(throw "The parameter -scriptBlock is required.")

)

Try {

&$scriptBlock

}

Finally {

if ($excelSheetNumbernputObject.psbase -eq $null) {

$excelSheetNumbernputObject.Dispose()

} else {

$excelSheetNumbernputObject.psbase.Dispose()

}

}

}

$sourcePath = "C:\PDF\"

$destinationPath = "C:\PDF\WithPassword\"

$excelReferenceSheet = "c:\ScriptsNew\PDFList.xlsx"

$xlCellTypeLastCell = 11

$startRow,$col=2,1

$excelSheetNumber=1

# OPEN EXCEL FILE WITH PASSWORDS

$excel=new-object -com excel.application

$excel.DisplayAlerts = $false

$excel.Visible = $false

$workbook=$excel.workbooks.open($excelReferenceSheet)

$worksheet=$workbook.Sheets.Item($excelSheetNumber)

$rowIncrement=0;

# BEGIN TRAVERSING THROUGH SOURCE FOLDER

$files = Get-ChildItem "C:\PDF\\*" -file

foreach ($f in $files){

# WRITE SOURCE FILE NAME INTO SPREADSHEET

#Write-Output $f.name

$worksheet.Cells.Item($startRow + $rowIncrement,$col) = $f.name

#RETRIEVE PASSWORD FROM EXCEL

$password=$worksheet.Cells.Item($startRow + $rowIncrement,$col+1).Value2

#Write-Output $password

$rowIncrement++

$fullSourcePathAndFileName = $sourcePath + $f.name

$destinationPathAndFileName = $destinationPath + $f.name

# PASSWORD PROTECT PDF

New-Object PSObject -Property @{Source=$sourcePath + $sourceFileName;Destination=$destinationFileName;Password=$password}

$file = New-Object System.IO.FileInfo $fullSourcePathAndFileName

$fileWithPassword = New-Object System.IO.FileInfo $destinationPathAndFileName

PSUsing ( $fileStreamIn = $file.OpenRead() ) {

PSUsing ( $fileStreamOut = New-Object System.IO.FileStream($fileWithPassword.FullName,[System.IO.FileMode]::Create,[System.IO.FileAccess]::Write,[System.IO.FileShare]::None) ) {

PSUsing ( $reader = New-Object iTextSharp.text.pdf.PdfReader $fileStreamIn ) {

[iTextSharp.text.pdf.PdfEncryptor]::Encrypt($reader, $fileStreamOut, $true, $password, $password, [iTextSharp.text.pdf.PdfWriter]::ALLOW_PRINTING)

}

}

}

}

$workbook.SaveAs($excelReferenceSheet)

$excel.Close

$excel.Quit()

[System.GC]::Collect()

[System.GC]::WaitForPendingFinalizers()

[System.Runtime.Interopservices.Marshal]::ReleaseComObject($worksheet)

[System.Runtime.Interopservices.Marshal]::ReleaseComObject($excel)

Remove-Variable -Name excel

3. Open the ps1 script and edit the 3 paths as highlighted in red above:

$sourcePath = "C:\PDF\" <-- Directory containing the source PDFs

$destinationPath = "C:\PDF\WithPassword\" <-- Directory containing the source PDFs

$excelReferenceSheet = "c:\ScriptsNew\PDFList.xlsx" <-- Directory where the spreadsheet that the script will reference for the PDF file name and password

$files = Get-ChildItem "C:\PDF\\*" -file <-- Update the C:\PDF to the directory containing the source PDFs

4. Download the following .nupkg packages:

iTextSharp 5.5.13.2
https://www.nuget.org/packages/iTextSharp/

BouncyCastle 1.8.6.1
https://www.nuget.org/packages/BouncyCastle/1.8.6.1

Rename the .nupkg extension to .zip, extract them to a folder and then copy the itextsharp.dll and BouncyCastle.Crypto.dll files

5. Create the directory where the password protected PDF files will be stored.

6. Proceed to execute the PowerShell script to password protect PDFs.

7. New PDFs should be created in the destination directory upon successfully executing the PowerShell script.

8. The spreadsheet referenced for configuring the passwords will have the Source Name column filled in with the file names of the password protected PDFs:

Using PowerShell to Password Protect Adobe PDF Files (auto generate passwords)

The following describes how to use PowerShell to password protect Adobe PDF files with a reference spreadsheet with only the passwords defined. The PowerShell script’s logic is as follows:

1. Opens up a spreadsheet with two columns:
   1. Source Name < blank
   2. Password < password specified
2. Looks into a directory and begins password protecting the documents with the passwords in the spreadsheet AND fills in the source name column with the file name
3. Saves the PDF into another directory

1. Begin by creating a spreadsheet with two columns leaving the Source Name and Password columns blank:

    a) Source Name

    b) Password

2. Proceed by creating a .ps1 file from the following code (also attached as PasswordProtectPDF.ps1):

Add-Type -Path "C:\itextsharp.5.5.13.2\lib\BouncyCastle.Crypto.dll"

Add-Type -AssemblyName System.Web

[System.Reflection.Assembly]::LoadFrom("itextsharp.dll")

function PSUsing {

param (

[System.IDisposable] $excelSheetNumbernputObject = $(throw "The parameter -inputObject is required."),

[ScriptBlock] $scriptBlock = $(throw "The parameter -scriptBlock is required.")

)

Try {

&$scriptBlock

}

Finally {

if ($excelSheetNumbernputObject.psbase -eq $null) {

$excelSheetNumbernputObject.Dispose()

} else {

$excelSheetNumbernputObject.psbase.Dispose()

}

}

}

$sourcePath = "C:\PDF\"

$destinationPath = "C:\PDF\WithPassword\"

$excelReferenceSheet = "C:\Scripts-GeneratePassword\PDFList.xlsx"

$xlCellTypeLastCell = 11

$startRow,$col=2,1

$excelSheetNumber=1

$passwordLength = 15

$numberOfSpecialCharacters = 4

# OPEN EXCEL FILE TO FILL OUT PDF FILENAME AND PASSWORDS

$excel=new-object -com excel.application

$excel.DisplayAlerts = $false

$excel.Visible = $false

$workbook=$excel.workbooks.open($excelReferenceSheet)

$worksheet=$workbook.Sheets.Item($excelSheetNumber)

$rowIncrement=0;

# BEGIN TRAVERSING THROUGH SOURCE FOLDER

$files = Get-ChildItem "C:\PDF\\*" -file

foreach ($f in $files){

# WRITE SOURCE FILE NAME INTO SPREADSHEET

#Write-Output $f.name

$worksheet.Cells.Item($startRow + $rowIncrement,$col) = $f.name

#GENERATE RANDOM PASSWORD AND FILL OUT SPREADSHEET

$password = [System.Web.Security.Membership]::GeneratePassword($passwordLength,$numberOfSpecialCharacters)

$worksheet.Cells.Item($startRow + $rowIncrement,$col+1).Value2 = $password

#Write-Output $password

$rowIncrement++

$fullSourcePathAndFileName = $sourcePath + $f.name

$destinationPathAndFileName = $destinationPath + $f.name

# PASSWORD PROTECT PDF

New-Object PSObject -Property @{Source=$sourcePath + $sourceFileName;Destination=$destinationFileName;Password=$password}

$file = New-Object System.IO.FileInfo $fullSourcePathAndFileName

$fileWithPassword = New-Object System.IO.FileInfo $destinationPathAndFileName

PSUsing ( $fileStreamIn = $file.OpenRead() ) {

PSUsing ( $fileStreamOut = New-Object System.IO.FileStream($fileWithPassword.FullName,[System.IO.FileMode]::Create,[System.IO.FileAccess]::Write,[System.IO.FileShare]::None) ) {

PSUsing ( $reader = New-Object iTextSharp.text.pdf.PdfReader $fileStreamIn ) {

[iTextSharp.text.pdf.PdfEncryptor]::Encrypt($reader, $fileStreamOut, $true, $password, $password, [iTextSharp.text.pdf.PdfWriter]::ALLOW_PRINTING)

}

}

}

}

$workbook.SaveAs($excelReferenceSheet)

$excel.Close

$excel.Quit()

[System.GC]::Collect()

[System.GC]::WaitForPendingFinalizers()

[System.Runtime.Interopservices.Marshal]::ReleaseComObject($worksheet)

[System.Runtime.Interopservices.Marshal]::ReleaseComObject($excel)

Remove-Variable -Name excel

3. Open the ps1 script and edit the 3 paths as highlighted in red above:

$sourcePath = "C:\PDF\" <-- Directory containing the source PDFs

$destinationPath = "C:\PDF\WithPassword\" <-- Directory containing the source PDFs

$excelReferenceSheet = "c:\ScriptsNew\PDFList.xlsx" <-- Directory where the spreadsheet that the script will reference for the PDF file name and password

$passwordLength = 15 <-- The length of the randomly generated password

$numberOfSpecialCharacters = 4 <-- The amount of non-numerical special characters in the password (e.g. !, -, $, &, @, #, %, etc)

$files = Get-ChildItem "C:\PDF\\*" -file <-- Update the C:\PDF to the directory containing the source PDFs

4. Download the following .nupkg packages:

iTextSharp 5.5.13.2

https://www.nuget.org/packages/iTextSharp/

BouncyCastle 1.8.6.1

https://www.nuget.org/packages/BouncyCastle/1.8.6.1

Rename the .nupkg extension to .zip, extract them to a folder and then copy the itextsharp.dll and BouncyCastle.Crypto.dll files

5. Create the directory where the password protected PDF files will be stored.

6. Proceed to execute the PowerShell script to password protect PDFs.

7. New PDFs should be created in the destination directory upon successfully executing the PowerShell script.

8. The spreadsheet referenced for configuring the passwords will have the Source Name column filled in with the file names and corresponding passwords of the password protected PDFs:

Attempting to use itextsharp.dll throws the error: "Could not load file or assembly 'BouncyCastle.Crypto, Version=1.8.6.0, Culture=neutral, PublicKeyToken=0e99375e54769942'..."

Problem

Those who are looking for a PowerShell script to batch password protect PDF documents will quickly come across the following post as returned by Google:

Password Protect PDF document using windows Powershell script
https://efcomputer.net.au/blog/password-protect-pdf-document/

The author provides the following PowerShell script that uses the itextsharp.dll:

[System.Reflection.Assembly]::LoadFrom("itextsharp.dll")

function PSUsing {

param (

[System.IDisposable] $inputObject = $(throw "The parameter -inputObject is required."),

[ScriptBlock] $scriptBlock = $(throw "The parameter -scriptBlock is required.")

)

Try {

&$scriptBlock

}

Finally {

if ($inputObject.psbase -eq $null) {

$inputObject.Dispose()

} else {

$inputObject.psbase.Dispose()

}

}

}

$xlCellTypeLastCell = 11

$startRow,$col=2,1

$excel=new-object -com excel.application

$wb=$excel.workbooks.open("c:\temp\PDFList.xlsx")

for ($i=1; $i -le $wb.sheets.count; $i++)

{

$j=0;

$sh=$wb.Sheets.Item($i)

$endRow=$sh.UsedRange.SpecialCells($xlCellTypeLastCell).Row

$rangeAddress=$sh.Cells.Item($startRow+1,$col).Address() + ":" +$sh.Cells.Item($endRow+1,$col).Address()

$sh.Range($rangeAddress).Value2 | foreach {

$contract=$sh.Cells.Item($startRow + $j,$col).Value2

$filesource = $sh.Cells.Item($startRow + $j,$col+1).Value2

$filedest = $sh.Cells.Item($startRow + $j,$col+2).Value2

$dob=$sh.Cells.Item($startRow + $j,$col+3).Value2

New-Object PSObject -Property @{Contract=$contract;Dob=$dob}

$file = New-Object System.IO.FileInfo $filesource

$fileWithPassword = New-Object System.IO.FileInfo $filedest

$password = $dob

PSUsing ( $fileStreamIn = $file.OpenRead() ) {

PSUsing ( $fileStreamOut = New-Object System.IO.FileStream($fileWithPassword.FullName,[System.IO.FileMode]::Create,[System.IO.FileAccess]::Write,[System.IO.FileShare]::None) ) {

PSUsing ( $reader = New-Object iTextSharp.text.pdf.PdfReader $fileStreamIn ) {

[iTextSharp.text.pdf.PdfEncryptor]::Encrypt($reader, $fileStreamOut, $true, $password, $password, [iTextSharp.text.pdf.PdfWriter]::ALLOW_PRINTING)

}

}

}

$j++

}

}

$excel.Workbooks.Close()

At the time of this writing in Feb 2021, clicking on the link provided by the author brings us https://sourceforge.net/projects/itextsharp/files/ which no longer provides a download to the file.

Googling the for “itextsharp” returns a link to iTextSharp 5.5.13.2 located here https://www.nuget.org/packages/iTextSharp/ with the description that version 7 has replaced it but still available to be downloaded (along with security patches in the future):

With the package extracted, we proceed replicate the spreadsheet as shown in the post:

Then while placing the itextsharp.dll file into the same directory as the PowerShell script, we execute it but receive the following error:

New-Object : Could not load file or assembly 'BouncyCastle.Crypto, Version=1.8.6.0, Culture=neutral, PublicKeyToken=0e99375e54769942' or one of its

dependencies. The system cannot find the file specified.

At C:\itextsharp.5.5.13.2\lib\PasswordProtectPDF.ps1:46 char:22

+ ... ( $reader = New-Object iTextSharp.text.pdf.PdfReader $fileStreamIn ) ...

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : NotSpecified: (:) [New-Object], FileNotFoundException

+ FullyQualifiedErrorId : System.IO.FileNotFoundException,Microsoft.PowerShell.Commands.NewObjectCommand

Solution

The reason why the error above is presented is because the BouncyCastle.Crypto assembly is also needed for the PowerShell script. In addition to downloading:

iTextSharp 5.5.13.2
https://www.nuget.org/packages/iTextSharp/

We should also download the following BouncyCastle:

BouncyCastle 1.8.6.1
https://www.nuget.org/packages/BouncyCastle/1.8.6.1

**Note that the latest version 1.8.9 at the time of this writing does not work.

With the two packages downloaded, rename the extension .nupkg to .zip and unpack them into folders.

Place the following files into same directory:

1. BouncyCastle.Crypto.dll
2. itextsharp.dll
3. PasswordProtectPDF.ps1 (this is the script provided by the author above)

Before executing the PowerShell script, make sure the following line is added to the beginning so that the BouncyCastle.Crypto.dll is loaded:

Add-Type -Path "C:\itextsharp.5.5.13.2\lib\BouncyCastle.Crypto.dll"

Proceeding to run the PowerShell script will now complete successfully:

If you prefer not to work in the ISE environment then the line can either be added directly into the PS1, or run the Add-Type -Path "C:\itextsharp.5.5.13.2\lib\BouncyCastle.Crypto.dll" separately:

The PDFs with the a password configured should now be present in the destination folder:

I found that the script the author provided didn’t really match the formatting I wanted for the PowerShell output and spreadsheet (my use case had nothing to do with contract numbers and date of birth) so I’ll be making modifications to it and writing another blog post for it.

Enabling Adobe Acrobat Reader DC to trust the Windows Certificate Store / Certificates (Local Computer)

I recently had a client who used my previous post:

Digitally signing Adobe Acrobat PDF documents with Microsoft Certificate Authority Certificates
http://terenceluk.blogspot.com/2013/09/digitally-signing-adobe-acrobat-pdf.html

… to allow users to sign Adobe PDF documents with user certificates generated by an internal trusted Microsoft Certificate Authority.  During the time when I wrote the blog post above, I was unable to find a way to enable the version of Adobe Acrobat or Adobe Reader to trust the Windows Certificate Store (Certificates (Local Computer) so I provided a not as efficient workaround that isn’t very efficient.  Having to revisit this issue again recently with the client, it looks like Adobe Reader DC now provides enabling the application to trust the Windows Certificate Store / Certificates (Local Computer).  The following is where this setting is located:

Edit > Preferences:

Signatures > Verification – Control how and when signatures are verified > More…

In the Signature Verification Preferences window, locate the Windows Integration section where the Trust ALL root certificates in the Windows Certificate Store for: Validating Signatures is found:

Enable the following 2 configuration settings:

• Validating Signatures
• Validating Certified Documents

Adobe Acrobat Reader DC should now trust all of the root and intermediate certificate authorities found in the Windows Certificate Store / Certificates (Local Computer)

------------------------------------------------------------------------------------------------------------------------------------------------------------

Note that the version of Adobe Acrobat Reader DC the above screenshots were taken is:

2015 Release | Version 2015.020.20042

Installing / Enabling Adobe Flash on Windows Server 2012 R2

I’ve been asked several times last year about how to install / enable Adobe Flash on a Windows Server 2012 R2 server and while I’m not a supporter of installing any Adobe products on servers, there are situations where it’s handy to have.  The following steps demonstrates how to get it installed / enabled:

If you ever attempt to access a web page such as the VMware Horizon View Administration webpage with Internet Explorer on a WIndows Server 2012 R2 server, you’ll be presented with the following:

View Administrator requires Adobe Flash 10.1 or higher. Click below to download.

Attempting to run an installer downloaded from the Adobe site will display the following message:

Adobe Flash Player 16.0 Installer

The installation encountered errors:

Your Microsoft Internet Explorer browser includes the latest version of the Adobe Flash Player built-in. Windows Update will inform you when new versions of the Flash Player are available.

To install / enable Adobe Flash, launch the Server Manager and click on Add roles and features:

Click through the wizard until you reach the Features options and scroll down to the User Interfaces and Infrastructure item:

Expand the User Interfaces and Infrastructure item and enable the Desktop Experience option:

Proceed with the install:

Once the component has been installed and server rebooted, Adobe Flash should now be enabled for Internet Explorer:

If for whatever reason it isn’t enabled, click on the IE options icon on the top right corner, then open Manage add-ons:

From within the Toolbars and Extensions menu, you should see a Shockwave Flash Object item displayed. If it is disabled, proceed to enabling it:

Viewing Adobe PDFs within Internet Explorer 11 throws the error: “There is a problem with Adobe Acrobat/Reader. If it is running, please exit and try again. (0:104)”

Problem

I was recently involved with an Internet Explorer upgrade for a client with VMware Horizon VIew virtual desktops accelerated with SanDisk’s ioVDI solution where we noticed that after upgrading from Internet Explorer 9 to 11, we were no longer able to open PDFs from within the browser as the following error is presented:

There is a problem with Adobe Acrobat/Reader. If it is running, please exit and try again. (0:104)

Solution

Through the week long troubleshooting process, we were able to identify three possible solutions to the problem.

Solution #1 – Configure Internet Explorer to launch the Adobe PDF in a new seperate window

This was one of the easiest solutions we found through the forums but it was not practical for the environment because we had web applications that required PDFs to be launched from within the Internet Explorer 11 window.

Solution #2 – Configure IE 11 Tab Process Growth to 1 and disable Adobe Protected Mode

The environment we worked in had an application that required the Tab Process Growth for IE 11 to be set to the value of 0. 

User Configuration – Policies – Administrative Templates – Windows Components – Internet Explorer

Set tab process growth

What we noticed was that if we set the value to 1 via the GPO:

… or via the registry:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

REG_DWORD named TabProcGrowth

------------------------------------------------------------------------------------------------------------------------------------------

**Note that if the above registry key does not work, try the following alternate location that also appears to work:

HKEY_CURRENT_USER\Software\Polices\Microsoft\Internet Explorer\Main

------------------------------------------------------------------------------------------------------------------------------------------

… and disable Protected Mode for Adobe Acrobat Reader DC 2015 as demonstrated in my previous post:

Disabling “Enable Protected Mode at startup” and “Enable Enhanced Security” for Adobe Acrobat Reader DC 2015
http://terenceluk.blogspot.com/2016/01/disabling-enable-protected-mode-at.html

… then the error will no longer be presented.

Solution #3 – Disable redirectusertemp for SanDisk ioVDI

The two solutions above would not have met our requirements for the organization and we were left wondering why our virtual desktops exhibited this problem but not our physical desktops.  Through further investigation and a bit of luck, we noticed errors being thrown in the Adobe Acrobat Reader DC 2015 referencing the directory:

C:\Windows\Temp\iotdx-disposable

As demonstrated in one of my previous posts:

VMware Horizon View virtual desktops experience temporary drive space issues with SanDisk Fusion-io ioVDI integration
http://terenceluk.blogspot.com/2015/08/vmware-horizon-view-virtual-desktops.html

I recently noticed that an environment with SanDisk ioVDI redirecting Windows files to a disposable disk could case issues if the drive fills up.  In this situation, the drive did not fill up but Adobe appears to have problems writing to it.  What we noticed was that this issue could be fixed if we iottool command on the VDI and disable the user temp folder from redirecting.

The command to execute would be as follows:

iottool redirectusertmp disable

Once executed, restart the system.

------------------------------------------------------------------------------------------------------------------------------------------

This issue took quite a bit of time and resources and I hope this post will help others who may come across this issue.

Disabling “Enable Protected Mode at startup” and “Enable Enhanced Security” for Adobe Acrobat Reader DC 2015

I recently had to troubleshoot an issue with PDFs failing to launch within an Internet Explorer window which lead to a resolution that required two security features in Adobe Acrobat Reader DC 2015 to be disabled and thought that I’d write this post to demonstrate the process so I could reference it when I write the post describing that issue.  Note that I am not recommending to disable these features as it renders the reader much less secure so please carefully evaluate other alternatives if they exist.

The reader I’ll be modifying will be the Adobe Acrobat Reader DC 2015 Release | Version 2015.009.20079

The two features we’ll be disabling are:

Enable Protected Mode at startup

… and:

Enable Enhanced Security

… listed in the Security (Enhanced) category:

To disable the Enable Protected Mode at startup configuration, navigate to the following registry key:

HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\Privledged

… then modify the bProtectedMode REG_DWORD value to 0 to disable and 1 to enable:

To disable the Enable Enhanced Security configuration, navigate to the following registry key:

HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\TrustManager

… then modify the bEnhancedSecurityStandalone REG_DWORD value to 0 to disable and 1 to enable:

Perform the same change to bEnhancedSecurityInBrowser if you want the same change for PDFs launched in browsers.

To automate these configuration changes, you can either use a GPO that launches a batch file containing REG ADD:

reg add "HKCU\Software\Adobe\Acrobat Reader\DC\Privileged" /v "bProtectedMode" /t REG_DWORD /d 0 /f

reg add "HKCU\Software\Adobe\Acrobat Reader\DC\TrustManager" /v "bEnhancedSecurityStandalone" /t REG_DWORD /d 0 /f

reg add "HKCU\Software\Adobe\Acrobat Reader\DC\TrustManager" /v "bEnhancedSecurityInBrowser" /t REG_DWORD /d 0 /f

… or use Group Policy Preferences to add/update the key.

Adobe Reader prints PDFs very small on the top left hand corner or prints an error

I ran into an interesting issue the other day where a client told me that printing PDFs with Adobe Reader would either print extremely small on the top left hand corner (1” x 2” or 1” x 1.5”) of a page or print the following error on the actual printout:

ERROR: invalidfont

OFFENDING COMMAND: show

STACK:

(                   )

What I discovered was that these issues appear to be related to the Adobe Reader being unable to send the format of the text or the font of the text to the printer.  The workaround that appears to fix this issue is to adjust the Advanced settings in the print menu as such:

After adjusting these settings, the printer should be able to correctly print out the document.