Leveraging Active Directory

Previous page
Table of content
Next page

Active Directory is a robust directory service. We've already leveraged it for user authentication, but Active Directory can also be used to locate printers in a central directory.

We can tell Active Directory about the various SMB printers we haveboth Windows and Sambaand be able to enjoy an easily searchable method of connecting right to them. Once we connect, downloading the drivers is already happening automatically, as shown in the last section.

In this section, we're specifically concerned with getting all the printers we know into Active Directory, as well as having both Windows and Linux clients search Active Directory to find the printers in the most expeditious manner possible.

Here's the bad news, though: There's no great way (that we know of) to allow for Linux clients to perform an easy-breezy search of Active Directory to find printers. Maybe someday, but not today. However, at least we can give our Windows clients the ability to search Active Directory and easily pick the printer they want to, even if it lives on a Samba server.

Publishing Printers into Active Directory

The mechanism we'll use to get printers as records in Active Directory is called publishing . When we publish a printer, we simply make it available in Active Directory to search. It's a snap to publish a printer once you have the queues set up. In our previous examples, we set up three queues:

  • WinPrinter1 This was created on windc1.ad.corp.com . It uses normal print drivers and offers automatic downloading of drivers.

  • Linprinter1 This was created on adsambafp1.ad.corp.com . This queue is ready and willing to accept Postscript input and give it to CUPS, which takes care of rendering pages in the printer's native language via Ghostscript and ultimately feeds those pages to the printer.

  • LinPrinter1Raw This was also created on adsambafp1.ad.corp.com . This queue expects clients to use regular Windows printer drivers, and it will pass the data on in raw form to CUPS, which will spit it back up to the printer. Like WinPrinter1, this queue supports automatic downloading of native Windows printer drivers.

Here, we have one queue that lives on a Windows server and two that live on a Samba server. The goal is to have all three be searchable in Active Directory.

Automatically Publishing Printers in Active Directory

When we added WinPrinter1 to windc1.ad.corp.com , Windows 2003 went the extra mile for us and published the printer in Active Directory. We didn't need to tell it to, it just did. We can see this by right-clicking over the printer's icon and clicking the "Sharing" tab, as shown in Figure 5.15.

image from book
Figure 5.15: The "Sharing" tab determines if the printer should be listed in Active Directory.

Unchecking the "List in the directory" check box (and clicking "OK") will make the printer not show up when Active Directory searches are performed. However, this does not prevent the browse, browse, browse method using Network Neighborhood.

Manually Publishing Printers in Active Directory

Using the properties of the printer dialog is one way to add printers so that they are searchable within Active Directory. Another way is to manually publish printers in Active Directory.

To publish printers manually in Active Directory:

  1. Select Start image from book Programs image from book Administrative Tools and then select "Active Directory Users and Computers."

  2. Pick a location in Active Directory where you want to publish the printer. This can be just about anywhere inside Active Directory, and in most cases location isn't really that important. One option is to create an OU that just contains published printers, but that's at your option. Once decided, right-click the OU and select New image from book Printer. The "New Object - Printer" dialog appears.

  3. In the "New Object - Printer" dialog, enter the queue name. For instance, if you want to publish LinPrinter1 from ADSAMBAFP1, enter the SMB name , \\adsambafp1\linprinter1 as seen in Figure 5.16.

  4. Click "OK," and it will validate that the queue exists. Then it will put it into Active Directory.

image from book
Figure 5.16: You can add any SMB printer to Active Directory to make it searchable.

Once performed, Active Directory will represent the printer with an icon within the OU you specify. If you're feeling particularly frisky, you can set certain attributes about these printers in Active Directory, such as the location, if it's color -capable, if it can print dual sided, and more. All you need to do is to select the properties of the entry. The resulting screen can be seen in Figure 5.17.

image from book
Figure 5.17: You can select and enter attributes that can help users search for specific printers.

This way you can make it easy to search Active Directory for particular printers with particular attributes.

At this point you should repeat these steps for the other queue you created: LinPrinterRaw. That way, if someone on a Windows client wants to print to the printer using the native Windows drivers, they can easily search for it in Active Directory and have the drivers automatically download.

Note 

It should be noted that the "Location" field has a super-secret special super power to help Active Directory clients locate printers. I simply don't have room to go into it all here, but I've written it up in detail. To read the article, come to my website at www.moskowitz-inc.com/writing/articles.html and look for "October 2002: (Feature): Printer Magic." You'll find it in no time.

Searching for Printers in Active Directory

Searching for Printers in Active Directory should be easy as punch. And it is, for both Windows and Linux clients.

The good news is that it's easy to find and start using printers when the client is Windows. The bad news is that there's no easy-breezy way to start using printers from our Linux clients after we find them in Active Directory.

Finding Printers in Active Directory with Windows Clients

To find printers in Active Directory from your Windows machines:

  1. Log in as any domain user. AD\salesperson1 is a reasonable choice.

  2. Open the "Printers and Faxes" applet in Control Panel and select "Add a printer" to launch the "Add Printer Wizard."

  3. At the "Local or Network Printer" screen, select "A network printer, or a printer attached to another computer." Then click "Next."

  4. At the "Specify a Printer" screen, select "Find a printer in the directory" and click "Next." The "Find Printers" dialog appears.

  5. At the "Find Printers" dialog, you can specify "Find Now" to select all printers or click the "Features" tab to select printers with specific features you want to display, such as only those which print in color. Once done, click "Find Now" as seen in Figure 5.18.

  6. Double-click the printer you want to add, and the wizard will continue as normal.

image from book
Figure 5.18: Just find the printer you want, double-click it, and go!

Finding Printers in Active Directory Using Linux Clients

On the Linux side, no GUI tools currently exist for this purpose. But we have verified that one can find the relevant information the hard way, by making an LDAP query from the Linux command line. And that means a friendly GUI for that purpose is very possible. So with any luck, an enterprising Linux coder will soon create a GUI to search for printers in Active Directory and add queues for them on a Fedora Linux client.

Here's the command we used to successfully list published printers from the command line of adldaplincl1.ad.corp.com , which is already configured to communicate with the LDAP server on windc1.ad.corp.com : 

 ldapsearch -x -D "cn=dirsearch,cn=Users,dc=ad,dc=corp,dc=com" -w p@ssw0rd objectClass=printQueue

This command binds to the Active Directory LDAP server using the usual credentials from Chapter 3 and, using the filter objectclass=printQueue , prints information about all published printers. There's quite a bit of information there, but the most interesting fields are uNCName (for printers shared via SMB) and url (for printers shared via IPP). For instance, this command: 

 ldapsearch -x -D "cn=dirsearch,cn=Users,dc=ad,dc=corp,dc=com" -w p@ssw0rd objectClass=printQueue  grep -i uNCName

Outputs the following in our tests: 

 uNCName: \WinDC1.ad.corp.com\WinPrinter1 uNCName: \ADSAMBAFP1\LinPrinter1Raw uNCName: \ADSAMBAFP1\LinPrinter1

Armed with this information, we suspect it won't be long before someone decides to add a friendly GUI for this purpose to Fedora Linux.


Previous page
Table of content
Next page
Windows and Linux Integration. Hands-on Solutions for a Mixed Environment
Windows And Linux Integration Hands-on Solutions for a Mixed Environment - 2005 publication.
ISBN: B003JFRFG0
EAN: N/A
Year: 2005
Pages: 71
BUY ON AMAZON
PostgreSQL(c) The comprehensive guide to building, programming, and administering PostgreSQL databases
Programming Microsoft ASP.NET 3.5
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Special Edition Using Crystal Reports 10
PMP Practice Questions Exam Cram 2
Junos Cookbook (Cookbooks (OReilly))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy