Printer management with Active Directory (AD). I’ll break it down thoroughly, covering prerequisites, configuration, and deployment options.
1. Prerequisites
Before managing printers via Active Directory, ensure you have:
-
Windows Server: Domain Controller with Active Directory installed.
-
Print Server: Usually a Windows Server with the Print and Document Services role.
-
Printers: Network printers installed and reachable from the server.
-
Client Machines: Domain-joined computers running Windows.
-
Admin Rights: You need Domain Admin privileges to configure Group Policy and publish printers.
2. Install and Configure Print Server Role
-
Open Server Manager → Add Roles and Features.
-
Select Role-based or feature-based installation → choose your server.
-
Under Roles, select Print and Document Services → click Next.
-
Check Print Server (you can also select LPD Service or Internet Printing if needed).
-
Finish installation.
3. Add Printers to the Print Server
-
Open Print Management (
Server Manager → Tools → Print Management). -
Right-click Printers → Add Printer.
-
Choose one of the following:
-
Network Printer:
\\PrinterIPor\\PrinterName -
Local Printer: Choose port manually, typically for shared printers.
-
-
Install the appropriate printer driver (make sure it’s compatible with all client versions).
-
Give the printer a clear name (e.g.,
HR-LaserJetorAccounting-Color).
4. Publish Printers to Active Directory
-
In Print Management, right-click the printer → Properties → Sharing tab.
-
Check Share this printer.
-
Check List in the directory to publish it in Active Directory.
-
Click OK.
Now, the printer is visible in AD and can be deployed via Group Policy.
5. Set Permissions on Printers
-
In Printer Properties → Security tab:
-
Add users or groups (e.g.,
HR,Finance) -
Assign permissions like Print, Manage Documents, or Manage Printers
-
This centralizes printer permission control, so users only see and use printers they are allowed to.
6. Deploy Printers via Group Policy
Deploying printers through Group Policy ensures automatic installation for users.
Step 6a: Open Group Policy Management
-
On your Domain Controller:
Server Manager → Tools → Group Policy Management. -
Decide where you want to apply the policy (domain, OU, or specific group).
-
Right-click → Create a GPO in this domain, and Link it here.
-
Give it a descriptive name, e.g.,
Printer Deployment - HR.
Step 6b: Add Printers to GPO
There are two methods:
Option 1: User-based deployment
-
Edit the GPO → User Configuration → Policies → Windows Settings → Deployed Printers.
-
Right-click → Deploy Printer → choose the printer from AD.
-
Decide:
-
Set this printer as default (optional)
-
Remove when GPO no longer applies (recommended)
-
Option 2: Item-level targeting (location-based)
-
Edit the GPO → User Configuration → Preferences → Control Panel Settings → Printers.
-
Right-click → New → Shared Printer → enter
\\PrintServer\PrinterName. -
Click Common tab → Item-level targeting → Target users/computers:
-
Example: Deploy only to
HROU or computers inAccountingdepartment.
-
Step 6c: Test GPO
-
On a client machine, run:
-
Log out and back in → the printer should appear automatically.
7. Optional: Location-Based Printer Assignment
For offices with multiple sites:
-
Define IP ranges or AD Sites.
-
In Item-level targeting, select Organizational Unit, IP range, or AD Site.
-
This ensures users automatically get the closest printer.
8. Troubleshooting Tips
-
Ensure printer drivers are compatible with all client OS versions.
-
Check DNS resolution for network printers.
-
Use
Get-PrinterandGet-PrinterPortin PowerShell to verify configuration. -
Confirm the GPO is linked to the correct OU and applies to users/computers.
✅ Result:
-
Printers are centrally managed.
-
Users automatically get assigned printers based on OU, group membership, or location.
-
Permissions are controlled centrally via AD.
-
No manual installation is required on each workstation.
