Saturday, July 1, 2017

Deploy Printers With Group Policy - Windows 2012 R2

Steps (21 total)
1. Planning

Start by planning out your site. Take a piece of paper and list all your printers that will need to be deployed and who will need them.
Create group names for the printer groups by floor or side of building / purpose.
In this example I will only be deploying one printer but you can get the feel of what to do and just repeat the steps for other printers and groups.

2. Install Printer On LAN
Setup and Install your printer on the LAN if you have not already done so. Record the IP address you assigned (preferably static) and the model number so we can download the drivers.

3. Install Print and Document Service
Login to the server that will host the printers and install the Print and Document Service by using Add Roles and Features from Server Manager. Check the box next to Print and Document Service and hit next

4. Print Features
Be sure that Print Server is checked and if you are going to need Mac / Unix printing support then check the box for LPD. I have never really used the Scan Server bit but feel free to explore.

5. Open Print Management
Once the install is finished go to Server Manager and choose tools then Print Management

6. Print Management Overview
Print Management control panel overview:
Start by expanding Print Servers and you should see the local server listed that you just installed Print Services on. You can also add other print servers in your environment as long as they have Print and Document Services installed. Just right click and Add Server to control everything from one place.

Under the print server then computer name you will find the Drivers management function. This is where you will control drivers and update them as new ones are released.

Forms is where you control the default forms assigned to the printers in your environment. This is a powerful feature and helps with deployment of forms and maintains a consistent standard across everyone that uses this print server. Explore this one in depth I will make you look like a champ to the end users.

Ports is all the ports TCP/IP, LPT, COM and File that are available to the local machine. As you add printers to the server and share them out you will get a TCP/IP port listed with the IP address of the printer. This is the same as right clicking the printer and choosing Properties then the Port tab.

Printers is the same as Devices and Printers from Control Panel

7. Download 32bit and 64bit drivers
Open your browser and search/download both the 32bit and 64bit drivers for the specific printer you are setting up. Try not to get the bundle but rather choose the basic driver for just printing. Get the driver for the version of Windows loaded on the Print Server. In this instance I am using 2012 R2 which is a Windows 8 kernel, so I got both the Windows 8 64bit and 32bit drivers

8. Extract Drivers
Lots of times the drivers will come as .exe or some installer file that immediately wants to install the driver. I prefer to extract these files before hand and manually add the drivers. You can use the installer if it is a straight extraction but if it tries to install then I would cancel and use WinRAR to extract the .exe.

9. Load the drivers

Back in Print Management right click on Drivers and choose Add Drivers
Check both 32 and 64 bit boxes.

10. Driver Selection
On the Driver Selection screen hit Have Disk and browse to the extracted drivers. Start with the 64 bit drivers on a 64bit local OS. Otherwise start with the 32 bit(Rare).

Once you find the .inf file for the 64bit drivers then you will hit ok and it should prompt you for the 32 bit driver file on the next Install Print drivers (x86) screen.
Browse to the 32 bit driver extract and hit ok.
It is rare but you might also be prompted for the 32 bit ntprint.inf file. You have a few choices to get this file. One is to find a 32bit machine in your environment and copy the file from the system32 folder or you can download a copy from the internet.

ntprint.inf link

11. Add and Share The Printer

Now we have the drivers in place we can add the printer and share it out. This is the same as you have always done so don't get it complicated.
Right click on the Printers folder under Print Servers and choose Add Printer
Choose the option for Add a TCP/IP or web services printer by IP or hostname and hit next
Key in the printer IP address on the LAN and hit next to let it autodetect.
On the next screen it should have the printer name - Change this to something very simple but descriptive of either the printer function or printer type. Something Like HP-ColorLaser or LabelPrinter-Front. This is what the end user will know it best by so make it easy for them.
Check the box for Share this Printer and change the Share Name to the same as the Printer Name. Please set the location and the comment so people can get this info.

12. Finish Installing Printer
Check the box next to Print Test Page and hit Finish.
Check that the test page printed correctly, remedy any printer issues at this time

13. List Printer In Active Directory

In the printers section of Print Management you should now have a new printer listed with queue status = Ready.
We are now going to list the printer in AD and get it ready for GPO deployment.
Right click on the Printer and you will see a nice list of options. (see screen shot)
Choose the option to List In Directory - it is just a switch so it does not look like it does anything until you right click again and it should now read Remove from Directory

14. Deploy with GPO

Now the fun stuff begins we can deploy this to workstations via Group Policy so everyone gets the printers they need wherever they happen to be.
Right click on the printer and choose the option for Deploy with Group Policy

15. Deploy with GPO - Create Object
Click the browse option and you will be presented with all your Group Policy Objects and templates. Do yourself a big favor and create new GPO objects for each group or grouping of printers. This makes it way easier to find and update later than having to dig through all the GPO's looking for printers.
After clicking browse you will choose the option next to the drop down for create new Group Policy Object.
Name the object something specific like Printers-Site1 or Printers-Floor2
Hit Ok and you will be returned to the Deploy Group Policy Screen and you should see the GPO name is now updated to the new GPO object you just created.

16. Deploy with GPO - Per Machine

I always try to deploy printers on a per machine basis so that everyone that uses that machine gets the same printers. The only time I ever deploy per user is for accounting or shipping where they had to have access to the check printer or the label printer. I would create a new GPO object for just the per user deployments and let the others be on a per machine basis. This also helps with login loading times as it does not have to enumerate all the printers each time for the users.

Check the box next The Computers that this GPO applies to (per Machine) and Hit ADD.
You will then see the printer name and GPO / connection type listed. Hit OK at the bottom when you are happy with the results.

17. Create the Printer Security Group In AD

Open AD users and computers and locate your groups folder so we can create a new printer security group.
Create a new Universal security group called Printers-Floor1 or Printers-Site1 to match the name of the GPO you created in the previous step.
Add the computers that you want to have this printer installed into the group at this time. Feel free to nest another computer security group if you have one already created.

18. Scope GP Object

Open Group Policy and drill down to Group Policy Objects and click on the new Printer-Floor1 object you created. On the right pane you will see Security Filtering. Remove the Authenticated Users and Add the new Security Group Printers-Floor1 you created in the previous step.

19. Link GPO Object to your Computers OU

In Group Policy Managment drill down to your Computer OU and right click then choose Link an Existing GPO. Find the Printer Object and hit ok.
You should now see the object linked to the OU.

20. Restart the workstations

Printers only seem to load on startup so you will need to reboot the assigned workstations to get the GPO to apply correctly. I would also take this time to delete any old printers from the end users workstations. I had a ton of old printers pointing to another print server and ended up creating a login script that removed any old connections and then my current printers would apply correctly. You do not have to worry about this on a fresh printer install.

21. Windows XP and 2003
If you need to push printers out to XP machines then follow the deploy doc to add the Pushprinterconnections.exe logon script to the XP machines.

No comments:

Post a Comment