In the above topic (installing and configuring Printer) , you learned that the Windows printer model is best leveraged when a logical printer is created to support a physical device either directly attached to the computer or attached to the network and when that logical printer is shared to printer clients. That logical printer on the print server becomes a central point of con-figuration and management. The drivers that you install on the printer are downloaded automatically by Windows clients, and the settings you configure for the printer are distributed as the settings for each of the printer’s clients.
This Topic takes this virtualization of printers as logical devices to the next level. After examining printer properties, including printer security, you will learn how to create printer pools to provide faster turnaround for client print jobs. You will also learn how to make better use of your printers by creating more than one logical printer for a device to configure, manage, or monitor print jobs or printer usage more effectively. Finally, you will learn how to manage Active Directory printer objects and Internet printing.
Managing Printer Properties
Printers and print jobs are managed from their properties dialog boxes. These properties dialog boxes can be accessed from the Printers And Faxes folder. Right-click a printer and select Properties to configure a printer. Double-click a printer and, in the print queue, right-click a print job and choose Properties to configure a print job. The initial properties of a print job are inherited from the properties of the printer itself. But a print job’s default properties can be modified independently of the printer’s.
Controlling Printer Security
Windows Server 2003 allows you to control printer usage and administration by assigning permissions through the Security tab of the printer’s Properties dialog box. You can assign permissions to control who can use a printer and who can administer the printer or documents processed by the printer. A typical printer Security tab of a printer’s Properties dialog box is shown in Below Figure.
You can use a printer’s access control list (ACL) to restrict usage of a printer and to delegate administration of a printer to users who are not otherwise administrators. Windows Server 2003 provides three levels of printer permissions: Print, Manage Printers, and Manage Documents.
By default, the Print permission is assigned to the Everyone group. Choosing this permission allows all users to send documents to the printer. To restrict printer usage, remove this permission and assign Allow Print permission to other groups or individual users. Alternatively, you can deny Print permission to groups or users. As with file system ACLs, denied permissions override allowed permissions. Also, like file system ACLs, it is best practice to restrict access by assigning allow permissions to a more restricted group of users rather than granting permissions to a broader group and then having to manage access by assigning additional deny permissions.
The Manage Documents permission provides the ability to cancel, pause, resume, or restart a print job. The Creator Owner group is allowed Manage Documents permission. Because a permission assigned to Creator Owner is inherited by the user that creates an object, this permission enables a user to cancel, pause, resume, or restart a print job that he or she has created. The Administrators, Print Operators and Server Operators groups are also allowed the Manage Documents permission, which means they can cancel, pause, resume, or restart any document in the print queue. Those three groups are also assigned the Allow Manage Printers permission, which enables them to modify printer settings and configuration, including the ACL itself.
Assigning Forms to Paper Trays
If a print device has multiple trays that regularly hold different paper sizes, you can assign a form to a specific tray. A form defines a paper size. When users print a document of a particular paper size, Windows Server 2003 automatically routes the print job to the paper tray that holds the correct form. Examples of forms include Legal, Letter, A4, Envelope, and Executive.
To assign a form to a paper tray, select the Device Settings tab of the printer’s Proper-ties dialog box, as shown in Below Figure. The number of trays shown in the Form To Tray Assignment section obviously depends on the type of printer you have installed, and the number of trays it supports. Further down the Device Settings tree are settings to indicate the installation state of printer options, such as additional paper trays, paper handling units, fonts, and printer memory.
Print Job Defaults
The General tab of the printer’s Properties dialog box includes a Printing Preferences button, and the Advanced tab includes a Printing Defaults button. Both of these buttons display a dialog box that lets you control the manner in which jobs are printed by the logical printer, including page orientation (portrait or landscape), double-sided
printing (if supported), paper source, resolution, and other document settings. These dialog boxes are identical to each other, and are also identical to the dialog box a user receives when clicking Properties in a Print dialog box.
Why are there three print job Properties dialog boxes? The Printing Defaults dialog box configures default settings for all users of the logical printer. If the printer is shared, its printing defaults become the default properties for all printers connected from clients to the shared printer. The Printing Preferences dialog box configures the user-specific, personal preferences for a printer. Any settings in the Printing Preferences dialog box override printing defaults. The Properties dialog box that can be accessed by clicking Properties in a Print dialog box configures the properties for the specific job that is printed. Those properties will override both printing defaults and printing preferences. This triad of print job property sets allows administrators to configure a printer centrally, by setting printing defaults on the shared logical printer, and allows flexibility and decentralized configuration by users or on a document-by-document basis.
Printer Schedule
The Advanced tab of a printer’s Properties dialog box, as shown in Below Figure, allows you to configure numerous additional settings that drive the behavior of the logical printer, its print processor and spool. Among the more useful and interesting setting is printer’s schedule.
The logical printer’s schedule determines when a job is released from the spool, or queue, and sent to the printer itself. A user with Allow Print permission can send a job to the printer at any time, but the job will be held until the printer’s schedule allows it to be directed to the printer’s port. Such a configuration is not appropriate for normal, day-to-day printers. However a schedule is invaluable for situations in which users are printing large jobs, and you want those jobs to print after hours, or during periods of low use. By configuring a printer’s schedule to be available during night hours, users can send the job to the printer during the day, the printer will complete the jobs over-night, and the users can pick up those printing jobs the next morning.
A printer pool is one logical printer that supports multiple physical printers, either attached to the server, attached to the network, or a combination thereof. When you create a printer pool, users’ documents are sent to the first available printer—the logical printer representing the pool automatically checks for an available port.
Printer pooling is configured from the Ports tab of the printer’s Properties dialog box. To set up printer pooling, select the Enable Printer Pooling check box, and then select or add the ports containing print devices that will be part of the pool. Below Figure shows a printer pool connected to three network-attached printers.
Configuring Multiple Logical Printers for a Single Printer
Although a printer pool is a single logical printer that supports multiple ports, or printers, the reverse structure is more common and more powerful: multiple logical printers supporting a single port, or printer. By creating more than one logical printer directing jobs to the same physical printer, you can configure different properties, printing defaults, security settings, auditing, and monitoring for each logical printer.
For example, you might want to allow executives at MCSEWEB Ltd. to print jobs immediately, bypassing documents that are being printed by other users. To do so, you can create a second logical printer directing to the same port (the same physical printer) as the other users, but with a higher priority.
Use the Add Printer Wizard to generate an additional logical printer. To achieve a multiple logical printer-single port structure, additional printers use the same port as an existing logical printer. The printer name and share name are unique. After the new printer has been added, open its properties and configure the drivers, ACL, printing defaults, and other settings of the new logical printer.
To configure high priority for the new logical printer, click the Advanced tab and set the priority, in the range of 1 (lowest) to 99 (highest). Assuming that you assigned 99 to the executives’ logical printer, and 1 to the printer used by all users, documents sent to the executives’ printer will print before documents queued in the users’ printer. An executive’s document will not interrupt a user’s print job. However, when the printer is free, it will accept jobs from the higher-priority printer before accepting jobs from the lower-priority printer. To prevent users from printing to the executives’ printer, configure its ACL and remove the print permission assigned to the Everyone group, and instead allow only the executives’ security group print permission.
Windows Server 2003 Printer Integration with Active Directory
The print subsystem of Windows Server 2003 is tightly integrated with Active Directory, making it easy for users and administrators to search for and connect to printers throughout an enterprise. All required interaction between printers and Active Directory is configured, by default, to work without administrative intervention. You only need to make changes if the default behavior is not acceptable.
When a logical printer is added to a Windows Server 2003 print server, the printer is automatically published to Active Directory. The print server creates a print Queue object and populates its properties based on the driver and settings of the logical printer.
When any change occurs in the printer’s configuration, the Active Directory printer object is updated. All the configuration information is sent again to the Active Directory store even if some of it has remained unchanged.
If a print server disappears from the network, its printer object is removed from the Active Directory. The printer Pruner service confirms the existence of shared printers represented in Active Directory by contacting the shared printer every eight hours. A printer object will be pruned if the service is unable to contact the printer two times in a row. This might occur if a print server is taken offline. It will happen regularly if printers are shared on Windows 2000 or Windows XP workstations that are shut off over-night or on weekends. However, a print server will recreate the printer objects for its printers when the machine starts, or when the spooler service is restarted. So, again, administrative intervention is not required.
Publishing Windows Printers
Printers that are added by using the Add Printer Wizard are published by default. The Add Printer Wizard does not allow you to prevent the printer from being published to the Active Directory service when you install or add a printer.
If you want to re-publish a printer (for example, after updating its name or other properties), or if you do not want a shared printer published in Active Directory, open the printer’s Properties dialog box, click the Sharing tab, and select or clear the List In The Directory check box.
Logical printers that are shared on computers running Windows NT 4 or Windows NT 3.51 are not published automatically, but can be manually published using the Active Directory Users And Computers MMC console. Simply right-click the OU or other container in which you want to create the printer and choose New Printer.
Manually Configuring Printer Publishing Behavior
All the default system behaviors described above can be modified using local or group policy. Printer policies are located in the Computer Configuration node, under Administrative Templates. For a description of each of these policies, open the Properties dialog box for a specific policy and click the Explain tab.
Printer Location Tracking
Printer location tracking is a feature, disabled by default, that significantly eases a user’s search for a printer in a large enterprise by pre-populating the Location box of the Find Printers dialog box, so that the result set will automatically be filtered to list printers in geographic proximity to the user.
To prepare for printer location tracking, you must have one or more sites or one or more subnets. Site and subnet objects are created and maintained using the Active Directory Sites And Services MMC snap-in or console. You must also configure the Location tab of the site or subnet Properties dialog box using a naming convention that creates a hierarchy of locations, separated by slashes. For example, the location USA/ NYC/1802Americas/42/B might refer to a building at 1802 Avenue of the Americas in Manhattan, on the 42nd floor in Area B. A location may span more than one subnet, or more than one site.
You must then enable printer location tracking using the Pre-Populate Printer Search Location Text policy.
Active Directory is able to identify a computer’s site or subnet affiliation based on the computer’s IP address. When the Find Printers dialog box is invoked, the computer’s location, as defined in its corresponding site or subnet object, will be automatically placed in the Location box. A Browse button will also appear, enabling a user to browse the location hierarchy for printers in other locations.
This powerful feature simplifies printer administration and setup considerably. How-ever, it obviously requires careful planning on the back end to ensure that all subnets are defined, and that a reasonable, hierarchical location naming convention has been applied consistently. More information about this feature is available in the online Help and Support Center.
Internet Printing
Windows Server 2003 supports an additional set of functionality through the Internet Printing Protocol (IPP), which enables users to connect to printers and send print jobs over encapsulated Hypertext Transfer Protocol (HTTP). Internet printing also gives administrators the option to manage and configure printers using any variety of Inter-net browsers and platforms.
Setting Up Internet Printing
Internet printing is not installed or enabled by default in Windows Server 2003. You must install Internet Information Services (IIS). Internet printing is available for installation when you install IIS. To install Internet printing, perform the following steps:
1. Open Add/Remove Programs in Control Panel and click Add/Remove Windows Components.
2. Select Application Server and click Details.
3. Select Internet Information Services (IIS) and click Details.
4. Select Internet Printing.
Once IIS and Internet printing are installed, you can disable or enable the feature using the IIS snap-in or console. Expand the server’s node and click Web Service Extensions. In the details pane, select Internet Printing, and click Prohibit or Allow.
Internet printing creates a Printers virtual directory under the Default Web site. This virtual directory points to %Systemroot%\Web\Printers. The printer site is accessed using Microsoft Internet Explorer 4.01 and later by typing the address of the print server in the Address box followed by the Printers virtual directory name. For example, to access the Internet printing page for Server, type http://Server/printers/.
Using and Managing Internet Printers
You can connect to http://printserver/printers to view all printers on the print server. After locating the desired printer and clicking it, a Web page for that printer is displayed.
As a shortcut, if you know the exact name of the printer to which you want to connect, type the address of the printer using the following format:
http://printserver/printersharename/
Once the printer’s Web page is displayed, you can connect to or manage the printer, assuming you have been allowed appropriate security permissions. When you click Connect on the printer’s Web page, the server generates a .cab file that contains the appropriate printer driver files and downloads the .cab file to the client computer. The printer that is installed is displayed in the Printers folder on the client. The printer can then be used and managed from the Printers And Faxes folder like any other printer. Using a Web browser to manage printers has several advantages:
■It allows you to administer printers from any computer running a Web browser, regardless of whether the computer is running Windows Server 2003 or has the correct printer drivers installed.
■It allows you to customize the interface. For example, you can create your own Web page containing a floor plan with the locations of the printers and the links to the printers.
■It provides a summary page listing the status of all printers on a print server.
■Internet printing can report real-time print device data, such as whether the print device is in power-saving mode, if the printer driver makes such information avail-able. This information is not available from the Printers And Faxes window.
No comments:
Post a Comment