question

Techie365-5616 avatar image
0 Votes"
Techie365-5616 asked RichMatheisen-8856 answered

Printer mapping script to add printers based on AD groups

hello! I am looking for help with a powershell or vbs script that's simple and can add printers filtered by group.

what we've done is created an AD group for each printer and corresponding default printer. for example: AD group called DefaultPrinter - HRPrinter, and Printer - HRPrinter

then we simply add remove those groups to the user in AD to get them the right set of printers and default.

we have a lot of printers and complex settings, doing it through GPO will likely bog down and login times and so on. Hoping to overcome that hurdle by using a script of some kind instead we can add to user accounts as a login script

Also does anyone have an opinion on powershell vs vbs in terms of speed? there are like 50+ printers

what we are looking for is a simple script that can be tied to those AD groups and perform various actions:
for example, members of AD group Printer - HRPrinter get \\printserver\hrprinter and members of DefaultPrinter - HRPrinter get the \\printserver\hrprinter as their default

we would repeat for say marketing, legal, sales and so on. if sales wanted the HR printer, we would simply add the user to the Printer -HRPrinter group and this script would take care of the rest.

Anyone have ideas on a simple script to do this?

windows-server-powershellwindows-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

IanXue-MSFT avatar image
0 Votes"
IanXue-MSFT answered

Hi,

The links below could be helpful

https://social.technet.microsoft.com/Forums/azure/en-US/08ac34d8-d604-4d0e-b1b9-1a66b41030b0/get-list-of-printers-published-in-active-directory?forum=winserverpowershell
https://www.reddit.com/r/PowerShell/comments/6h3a93/how_to_list_off_the_default_printer_for_each_user/

Best Regards,
Ian Xue
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Techie365-5616 avatar image
0 Votes"
Techie365-5616 answered

that didn't help, we need a script that doesn't slow down login and can essentially look at AD groups to either assign printer, assign and set as default or remove a printer if not a member of the specific printer gropu

so for example of the 100+ printers there are two groups for each in AD as an example

HP400 printer
HP400 Default Printer

if you are member of the default printer group, it will map and set printer as default.
If you are member of the "Hp400 printer" group, it only will ad as a printer and not mess with defaults.

if you are not a member of HP400 printer but had it previously, next time you login it should remove it.

right now we use KIXSTART to do first two conditions (add printer or add printer and set as default). need to figure out how to remove printer if user is not member of the correct AD group

also kixstart has lot of overhead with script so login is slow while it processes. trying to use powershell to make this go faster

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RichMatheisen-8856 avatar image
0 Votes"
RichMatheisen-8856 answered

I have only one machine and no AD to work with so I don't know if this will work, but it should get you started.

 $ConsoleUser = Get-WMIObject -class Win32_ComputerSystem | Select-Object username
 $AllowedPrinters = Get-ADUser -Filter {Name -eq $ConsoleUser} -Properties memberOf | # verify that "Name" is the right property to use in filter!
                         ForEach-Object{
                             $grpname = (Get-ADGroup $_).name
                             $printername = ""
                             if ($grpname -like "Printer - *" -or $grpname -like "DefaultPrinter - *"){
                                 $printername = $grpname.substring($grpname.lastindexof(" "))
                             }
                         }
 # get all networked printers -- I think this returns only the printers for the current user and not ALL printers!
 $InstalledNetPrinterNames = Get-WMIObject Win32_Printer | Where-Object {$_.Name -like "*\\*"} |
                                 ForEach-Object{
                                     ($_.Name -split "\")[3]
                                 }
 # remove printers that are installed but shouldn't be
 $InstalledNetPrinterNames |
     ForEach-Object{
         if ($AllowedPrinters -notcontains $_){ 
             Remove-Printer $_
         }
     }
 # add printers that are allowed but not yet installed
 $AllowedPrinters |
     ForEach-Object{
         if ($InstalledNetPrinterNames -notcontains $_){
             # Add the network printer name ($_) here
         }
     }
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.