Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

How can I disable a network printer by Account?

I'd like to make four users (or Windows User Accounts) on my computer.

User1 is able to print to network printer A (printer IP address for example - 192.168.0.100)
User2 is able to print to network printer B (printer IP address for example - 192.168.0.200)
User3 is able to print to network printer C (printer IP address for example - 192.168.0.300)
User4 is unable to print.

What's the most efficient way of doing this?  I do not have any special networking software (Netware, etc.).  Can I use batch files?  Please show me the way for the points (i.e. if the solution is a batch file, show me the code...I practically need a dummies guide, just explanation more or less).  Thanks!
0
JOSHSKORN
Asked:
JOSHSKORN
  • 5
  • 4
  • 3
1 Solution
 
SamuraiCrowCommented:
If you check the properties of the printer there should be a security tab.  You can explicitly add user4 and give them the deny permissions.  You could also remove the everyone group and simply add the users (or group of users) that you want to allow to print.
0
 
JOSHSKORNAuthor Commented:
I need a batch file to do this.

I apologize by the way, this should've been placed in the Windows XP category.  I'll see about moving the thread.
0
 
SamuraiCrowCommented:
It just so happens I've done something like this before.  I used SubInACL (download: http://www.microsoft.com/downloads/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en).  You can use this to grant and revoke priveleges to things like printers.  Here is the syntax:

subinacl /printer * /deny="domain\username"

This effectively prevents user4 from printing to the device.  This can be placed in a bactch file and run manually or from a computer startup script.  There are a ton of options for subinacl.  

Is this more like what you are looking for?


0
Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

 
JOSHSKORNAuthor Commented:
I apologize, the actual question is misleading.  Not only do I need to deny user4, but I need to route user1, user2, and user3 to a specific printer only by its IP address.  Does this solution accomplish this?  Obviously the deny option does not, and would be suitable for user4.

Will this work in a Windows XP Environment?  That's what I was aiming for.  I posted this accidentally in the wrong area.
0
 
SamuraiCrowCommented:
It should work the same for Windows XP.  There is a way to map different printers based on user IP address as well.  I'll see if I can dig up the batch file syntax.
0
 
Dark_KingCommented:
Defining a Logon script for a local logon requires the definition of a network share
called "netlogon" : create anywhere on the system a folder to contain the logon scripts
(example : scripts) and then share it using the name "netlogon" :

Inside this shared folder, create a BAT-file (typical using Notepad)
containing command-line instructions to be executed.

In User Management, define for the user(s) in the properties on the tab "Profile" the
BAT-file name as the "Logon Script"

If you have same printers you can install this and use “net use” to map right one.
NET USE [LPTx:] \\ComputerName\printer_share /PERSISTENT:NO
In batch file it could look like this

net use lpt2 /delete
net use lpt2 \\192.168.0.100\hp_printer1 /PERSISTENT:NO

If you share the printer with its driver files it while automatics install driver if it need
when user using it.

You can also use XP own install function “PrintUIEntry”
From CMD you can run this to get syntax
rundll32 printui.dll,PrintUIEntry /?

It work like this.
start /wait rundll32 printui.dll,PrintUIEntry /if /b <PrinterName> /f <inf file> /r <port> /m <description>

If you have a LaserJet 1300 it could look like this.

start /wait rundll32 printui.dll,PrintUIEntry /if /b "LaserJet 1300" /f G:\fix\drv\hp1300\PCL6\hp1300m6.inf /r "lpt2:" /m "hp LaserJet 1300 PCL 6"

To set different printer to a user you can use variable “USERNAME”

echo=off
if %username% == User1 goto p1
if %username% == User2 goto p2
goto :eof

:p1
net use lpt2 /delete
net use lpt2 \\192.168.0.100\hp_printer1 /PERSISTENT:NO
goto :eof
:p2
net use lpt2 /delete
net use lpt2 \\192.168.0.200\hp_printer2 /PERSISTENT:NO
goto :eof

You can use some if this to make a batch file that’s work for you.
0
 
Dark_KingCommented:
If you share the printer with username and password you can use

net use lpt2 \\192.168.0.100\hp_printer1 password /USER:username /PERSISTENT:NO
0
 
Dark_KingCommented:
You can also use script that comes with windows
prndrvr.vbs
Prncnfg.vbs
Prnjobs.vbs
Prnmngr.vbs
Prnport.vbs
Prnqctl.vbs

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=10051
0
 
JOSHSKORNAuthor Commented:
I'm currently testing on 2 printers.  These printers are identical, HP 4600n models.  Unfortunately, a test print indiicated the IP addresses are identical but different on DNS servers.  I found this out while trying to implement Dark King's solution.  I tried to change the setting from automatically obtain the DNS Server setting, to specifically identify a DNS, using the DNS server address obtained from the other printer's test print.  No luck.

I'm currently trying to communicate with the technical department of the school I work at, trying to figure out more information about the topology of the network.  I'm not much of a networking guru, but I'm thinking this is routed through a switch.
0
 
JOSHSKORNAuthor Commented:
one thing I'm trying to do, is deny printing based on who logs into the computer.  I did try this line in a batch file with no success:

net use lpt2 /delete

I also went to the Printers and Faxes properties of my printer and saw that ltp2 was never in use.  Instead, it was IP_10.9.130.33.  I went ahead and modified the line to read

net use IP_10.9.130.33 /delete

Printing was still successful.  Again, trying to find a way to turn printing off with a batch file.  That is part of my original question.
0
 
Dark_KingCommented:
“net use lpt2 /delete”
This only unmapped lpt2: you need to run “net use” to see with map port you using,
It cold be like this “net use \\192.168.0.100 /delete”

Only thing I now of to disable printing from a batch file is to uninstall every printer
You can do this but like I say it while uninstall all printer, you have to install again for user
that’s need printing.

Remember this while remove all print driver.

@Echo Off
   If Not %1'==/?' Goto Begin
   Echo Removes Windows NT's printers (Registry-settings and printer driver's files).
   Echo.
   Echo %~n0
  (Goto :EOF)
  :Begin
  (Echo [Version]
   Echo Signature = "$Windows NT$"
   Echo.
   Echo [DefaultInstall]
   Echo DelReg = DelReg
   Echo AddReg = AddReg
   Echo.
   Echo [DelReg]
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Printers"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3"
   Echo HKCU,"Printers\Connections"
   Echo HKCU,"Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts"
   Echo HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\LanMan Print Services\Servers"
   Echo HKLM,"SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port\Ports"
   Echo.
   Echo [AddReg]
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Printers","DefaultSpoolDirectory",,,
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Printers","DefaultSpoolDirectory",,"%%SystemRoot%%\System32\spool\PRINTERS"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2",,,
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2","Directory",,"2"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2","MajorVersion",%%REG_DWORD%%,2
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2","MinorVersion",%%REG_DWORD%%,0
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3",,,
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3","Directory",,"2"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3","MajorVersion",%%REG_DWORD%%,2
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3","MinorVersion",%%REG_DWORD%%,0
   Echo HKCU,"Printers\Connections"
   Echo HKCU,"Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts"
   Echo HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\LanMan Print Services\Servers"
   Echo HKLM,"SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port\Ports"
  Echo.
   Echo [Strings]
   Echo REG_SZ         = 0x00000000
   Echo REG_MULTI_SZ   = 0x00010000
   Echo REG_EXPAND_SZ  = 0x00020000
   Echo REG_BINARY     = 0x00000001
   Echo REG_DWORD      = 0x00010001)>%TEMP%.\$%~n0.inf
   If Not Exist %TEMP%.\$%~n0.inf (
     Echo Can not write to: %TEMP%.\$%~n0.inf
     Goto :EOF)
   Echo Remove all printers on %COMPUTERNAME%
   %SystemRoot%\system32\net.exe STOP SPOOLER
   %SystemRoot%\system32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 %TEMP%.\$%~n0.inf
   Del %TEMP%.\$%~n0.inf
   For %%F In (%SystemRoot%\system32\spool\drivers\w32x86) Do (
     %SystemRoot%\system32\attrib.exe -r -s -h %%F\*.* /S
     Del /Q /S %%F\*.*)
   %SystemRoot%\system32\net.exe START SPOOLER

But I still think using a Domain or AD with user rights is the best solution.
0
 
JOSHSKORNAuthor Commented:
Originally I'd proposed using AD to my boss but another instructor told me that this would be overkill.  From what I understand, AD is a campus-wide policy.  This printing system would be simply for one computer lab inside of a campus.  We have our own server.  The IT staff currently has remote access to our client computers and we'd like to be able to maintain that.

With each printer we want to route jobs to, there are a group of say 20 computers each.  There are 4 printers.  Would it be easier to have only two logins, one with an active printer and another with no printing?  The for the first login, an administrator would have to login and point computers in Groups A, B, C, or D to printers A, B, C or D.  How would this idea be approached, instead?  Using Domains/Subdomains? AD?
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now