Active Directory considerably simplifies work with shared network resources in comparison with the traditional method of browsing domains. If a resource has been published in Active Directory, users can easily locate it (see, for example, the Search | For Printers command in the Start menu) and connect to it (see Fig. 8.2). Furthermore, to simplify the process of locating resources, you might want to publish all of them in one OU.
Fig. 8.2: Search for all printers in the enterprise (forest)
Publishing a folder or a printer in Active Directory means, in other words, creating a new directory object — Shared Folder or Printer, respectively.
Shared folders in Active Directory have a feature that helps users to search for information according to its characteristics. Select a published folder from the Active Directory Users and Computers snap-in's tree pane, open its Properties window, and click Keywords. You can add words that are logically related to the folder's contents to the list. Then, if a user begins a search for shared folders in the Find window, he or she can specify keywords and find resources based on their contents rather than their names.
Printers (more precisely — printer devices) connected to Windows 2000/XP/.NET computers can be published only from a printer's Properties window (the List in the Directory flag on the Sharing tab). In other cases, you can use the Pubprn.vbs script.
By default, the local printer on a domain client computer is not published during its installation if you do not share it at once. If a printer is installed as shared, it is immediately published in Active Directory in the computer's container (see "Users, Groups, and Computers as Containers Mode" in Chapter 7). You can clear the List in the Directory flag at any moment, and the printer object will be deleted from Active Directory.
When publishing a folder, you must be cautious, because the system will not verify the entered folder name, and, as a result, you may run into an error in the future, but only when you open the folder or map to it.
If the RDN and NetBIOS names of a Windows 2000 domain are different, you will get the error — "The system cannot find the file specified" — when publishing a printer (see the Microsoft Knowledge Base article Q255496). To resolve the problem, you must install the latest Windows 2000 Service Pack (at least, SP 1).
You can configure the process of publishing and pruning printers in the domain by using group policies (see the Computer Configuration | Administrative Templates | Printers node in the Group Policy Object Editor snap-in).
Both in Windows 2000 and Windows .NET domain, it is possible to enable Location Tracking, a feature that allows users to find printers accordingly to their physical locations. (See a remark in the "Active Directory Sites and Services snap-in" section of the previous chapter.)
You can execute the system Pubprn.vbs script without parameters and get the help information. The following command, for example, publishes the HP6MP printer connected to the WKS10 computer in the Staff OU of the net.dom domain:
pubprn \\wks10\hp6mp "LDAP://OU=Staff,DC=net,DC=dom"
The system verifies the printer name and the existence of the object that is specified by the LDAP name. If the printer has been published successfully, you will see a message displaying the LDAP name of the printer in Active Directory.
Search operations are the preferred way for locating shared network resources in AD-based domains. A user can find the necessary printer or shared folder easily and perform any operation available while browsing through the domain tree.
The scope of the search can vary from a specific container (OU) in a domain to the entire forest. (The Entire Directory option is equivalent to searching Global Catalog.) In addition, users can specify various search criteria such as printer speed, resolution, and so on. Fig. 8.2 contains an example of how to find all printers in the forest. As you can see in the Server Name column, the printers come from various domains. A user can point to an applicable printer and select the necessary operation from the context menu.
Users can carry out the following actions on the found shared folder: open, search the folder, map a network drive, and others.