Clay Moore’s Blog

Just another weblog

Deploying TCP/IP Printers with Group Policy Preferences

It was possible to deploy printers to clients using the print manager or group policy prior to GP Preferences, but it was only possible to deploy shared printers. Personally, I don’t like shared printers because of the single point of failure of the print server. That server reboots or the queue locks up and nobody can print. Besides, why burden a server with print processing when you have all these workstations scattered around with spare clock cycles that could do their own printing?

The real problem is deployment. Users cannot add local printers or create TCP/IP ports without granting them way too many rights. If you have HP printers, you can use the HP Universal Print driver and have the users search for and add printers, but that requires user intervention. A better way was introduced with Group Policy Preferences, and that is the ability to deploy TCP/IP printers to the computers directly.

But first, we need to install and share the printer on a server. This seems counter-productive since we are trying to get away from shared printers, but this share is used as a deployment point for the driver and printer settings and is not required for printing. Once the printer is installed you can even turn off the server and still print. I assume you know how to install and share a printer so I will only cover a couple of key points.

Create a TCP/IP Port

I prefer to use DNS FQDN for the printer port in case I ever need to change the IP address later. However, I have found that GP Preferences will create the workstation ports using the IP address instead of the FQDN – even if you enter the FQDN. If the IP address ever changes, the Update or Replace properties of the preference should change the IP address of the port deployed on the workstations, but I must admit that I have not tested this theory.

Once you create the port and install the printer, there is one other setting to check. Go to the Advanced tab of the Printer Properties and click on the Print Processor button at the bottom.

This will bring up the print processors available for use on this printer.

The workstation uses the shared printer for its initial settings, including the print processor. You must choose a print processor that is already installed on the workstations. In this example we have a couple of HP print processors from different versions of the HP Universal Print driver, an Office 2007 OneNote print processor and the standard WinPrint processor. Choosing the incorrect processor will prevent the printer from being installed and result in a Group Policy Printers error in the Application Log with Event ID 4098 that will say Group Policy object did not apply because it failed with error code ‘0x80070706 The print processor is unknown.’ If you get this error, just change the print processor on the server to something that is supported by the workstations.

Now that the shared reference printer is created, we can set up the deployed printer in GP Preferences.

TCP/IP printers can only be deployed to Computers, so create or open an existing GPO and expand Computer Configuration – Preferences – Control Panel Settings – Printers. Right-click and select New – TCP/IP Printer. That will open the New TCP/IP Printer Properties menu.

Although there are other actions available, we are only going to Create a printer. Initially the DNS Name: field will say IP Address: and have a box for entering the IP address in dotted decimal format, but I have checked the Use DNS name box and that changes the menu. Even though I entered a DNS name here, the port will still be created with the IP address. The Local Name is the name displayed in the Printers folder of the workstation and that is what the users will see. The Printer path is the path to the shared printer we created earlier and it must be available to install the printer. The Location and Comment fields are optional, but any additional information you can provide users is usually welcome – especially if they have to walk to the other side of the building to track down a print job sent to the wrong printer.

The Port Settings tab allows you to change options for the TCP/IP printer port, but I haven’t had to change anything here yet.

The Common tab is common to all GP Preferences objects but it has some special uses for printers.

The Remove this item option will change the Action we set earlier to Replace. This will uninstall the printer if the computer is moved to a different OU, but the Replace action means the printer (and perhaps driver) will be continually updated. The event log messages will get annoying depending on the number of printers in your GPO so I suggest you use this option only when absolutely necessary. To reduce event log messages further, you could choose the Apply once option, but in my testing I left everything else alone.

Now you need to determine the GPO scope and deploy the printers, just remember that TCP/IP printers can only be deployed to computers – not users.


February 4, 2009 Posted by | Group Policy Preferences, Printers | , | 11 Comments