Solved

How can I disable a network printer by Account?

Posted on 2006-10-24
12
306 Views
Last Modified: 2010-04-13
I'd like to make four users (or Windows User Accounts) on my computer.

User1 is able to print to network printer A (printer IP address for example - 192.168.0.100)
User2 is able to print to network printer B (printer IP address for example - 192.168.0.200)
User3 is able to print to network printer C (printer IP address for example - 192.168.0.300)
User4 is unable to print.

What's the most efficient way of doing this?  I do not have any special networking software (Netware, etc.).  Can I use batch files?  Please show me the way for the points (i.e. if the solution is a batch file, show me the code...I practically need a dummies guide, just explanation more or less).  Thanks!
0
Comment
Question by:JOSHSKORN
  • 5
  • 4
  • 3
12 Comments
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17799741
If you check the properties of the printer there should be a security tab.  You can explicitly add user4 and give them the deny permissions.  You could also remove the everyone group and simply add the users (or group of users) that you want to allow to print.
0
 

Author Comment

by:JOSHSKORN
ID: 17800212
I need a batch file to do this.

I apologize by the way, this should've been placed in the Windows XP category.  I'll see about moving the thread.
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17800330
It just so happens I've done something like this before.  I used SubInACL (download: http://www.microsoft.com/downloads/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-93cf-ed6985e3927b&displaylang=en).  You can use this to grant and revoke priveleges to things like printers.  Here is the syntax:

subinacl /printer * /deny="domain\username"

This effectively prevents user4 from printing to the device.  This can be placed in a bactch file and run manually or from a computer startup script.  There are a ton of options for subinacl.  

Is this more like what you are looking for?


0
 

Author Comment

by:JOSHSKORN
ID: 17800350
I apologize, the actual question is misleading.  Not only do I need to deny user4, but I need to route user1, user2, and user3 to a specific printer only by its IP address.  Does this solution accomplish this?  Obviously the deny option does not, and would be suitable for user4.

Will this work in a Windows XP Environment?  That's what I was aiming for.  I posted this accidentally in the wrong area.
0
 
LVL 9

Expert Comment

by:SamuraiCrow
ID: 17800404
It should work the same for Windows XP.  There is a way to map different printers based on user IP address as well.  I'll see if I can dig up the batch file syntax.
0
 
LVL 6

Expert Comment

by:Dark_King
ID: 17802294
Defining a Logon script for a local logon requires the definition of a network share
called "netlogon" : create anywhere on the system a folder to contain the logon scripts
(example : scripts) and then share it using the name "netlogon" :

Inside this shared folder, create a BAT-file (typical using Notepad)
containing command-line instructions to be executed.

In User Management, define for the user(s) in the properties on the tab "Profile" the
BAT-file name as the "Logon Script"

If you have same printers you can install this and use “net use” to map right one.
NET USE [LPTx:] \\ComputerName\printer_share /PERSISTENT:NO
In batch file it could look like this

net use lpt2 /delete
net use lpt2 \\192.168.0.100\hp_printer1 /PERSISTENT:NO

If you share the printer with its driver files it while automatics install driver if it need
when user using it.

You can also use XP own install function “PrintUIEntry”
From CMD you can run this to get syntax
rundll32 printui.dll,PrintUIEntry /?

It work like this.
start /wait rundll32 printui.dll,PrintUIEntry /if /b <PrinterName> /f <inf file> /r <port> /m <description>

If you have a LaserJet 1300 it could look like this.

start /wait rundll32 printui.dll,PrintUIEntry /if /b "LaserJet 1300" /f G:\fix\drv\hp1300\PCL6\hp1300m6.inf /r "lpt2:" /m "hp LaserJet 1300 PCL 6"

To set different printer to a user you can use variable “USERNAME”

echo=off
if %username% == User1 goto p1
if %username% == User2 goto p2
goto :eof

:p1
net use lpt2 /delete
net use lpt2 \\192.168.0.100\hp_printer1 /PERSISTENT:NO
goto :eof
:p2
net use lpt2 /delete
net use lpt2 \\192.168.0.200\hp_printer2 /PERSISTENT:NO
goto :eof

You can use some if this to make a batch file that’s work for you.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 
LVL 6

Expert Comment

by:Dark_King
ID: 17802340
If you share the printer with username and password you can use

net use lpt2 \\192.168.0.100\hp_printer1 password /USER:username /PERSISTENT:NO
0
 
LVL 6

Expert Comment

by:Dark_King
ID: 17802409
You can also use script that comes with windows
prndrvr.vbs
Prncnfg.vbs
Prnjobs.vbs
Prnmngr.vbs
Prnport.vbs
Prnqctl.vbs

http://www.jsifaq.com/SF/Tips/Tip.aspx?id=10051
0
 

Author Comment

by:JOSHSKORN
ID: 17844183
I'm currently testing on 2 printers.  These printers are identical, HP 4600n models.  Unfortunately, a test print indiicated the IP addresses are identical but different on DNS servers.  I found this out while trying to implement Dark King's solution.  I tried to change the setting from automatically obtain the DNS Server setting, to specifically identify a DNS, using the DNS server address obtained from the other printer's test print.  No luck.

I'm currently trying to communicate with the technical department of the school I work at, trying to figure out more information about the topology of the network.  I'm not much of a networking guru, but I'm thinking this is routed through a switch.
0
 

Author Comment

by:JOSHSKORN
ID: 17844380
one thing I'm trying to do, is deny printing based on who logs into the computer.  I did try this line in a batch file with no success:

net use lpt2 /delete

I also went to the Printers and Faxes properties of my printer and saw that ltp2 was never in use.  Instead, it was IP_10.9.130.33.  I went ahead and modified the line to read

net use IP_10.9.130.33 /delete

Printing was still successful.  Again, trying to find a way to turn printing off with a batch file.  That is part of my original question.
0
 
LVL 6

Accepted Solution

by:
Dark_King earned 500 total points
ID: 17848094
“net use lpt2 /delete”
This only unmapped lpt2: you need to run “net use” to see with map port you using,
It cold be like this “net use \\192.168.0.100 /delete”

Only thing I now of to disable printing from a batch file is to uninstall every printer
You can do this but like I say it while uninstall all printer, you have to install again for user
that’s need printing.

Remember this while remove all print driver.

@Echo Off
   If Not %1'==/?' Goto Begin
   Echo Removes Windows NT's printers (Registry-settings and printer driver's files).
   Echo.
   Echo %~n0
  (Goto :EOF)
  :Begin
  (Echo [Version]
   Echo Signature = "$Windows NT$"
   Echo.
   Echo [DefaultInstall]
   Echo DelReg = DelReg
   Echo AddReg = AddReg
   Echo.
   Echo [DelReg]
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Printers"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3"
   Echo HKCU,"Printers\Connections"
   Echo HKCU,"Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts"
   Echo HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\LanMan Print Services\Servers"
   Echo HKLM,"SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port\Ports"
   Echo.
   Echo [AddReg]
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Printers","DefaultSpoolDirectory",,,
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Printers","DefaultSpoolDirectory",,"%%SystemRoot%%\System32\spool\PRINTERS"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2",,,
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2","Directory",,"2"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2","MajorVersion",%%REG_DWORD%%,2
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-2","MinorVersion",%%REG_DWORD%%,0
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3",,,
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3","Directory",,"2"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3","MajorVersion",%%REG_DWORD%%,2
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Environments\Windows NT x86\Drivers\Version-3","MinorVersion",%%REG_DWORD%%,0
   Echo HKCU,"Printers\Connections"
   Echo HKCU,"Software\Microsoft\Windows NT\CurrentVersion\PrinterPorts"
   Echo HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Print\Providers\LanMan Print Services\Servers"
   Echo HKLM,"SYSTEM\ControlSet001\Control\Print\Monitors\Standard TCP/IP Port\Ports"
   Echo HKLM,"SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port\Ports"
  Echo.
   Echo [Strings]
   Echo REG_SZ         = 0x00000000
   Echo REG_MULTI_SZ   = 0x00010000
   Echo REG_EXPAND_SZ  = 0x00020000
   Echo REG_BINARY     = 0x00000001
   Echo REG_DWORD      = 0x00010001)>%TEMP%.\$%~n0.inf
   If Not Exist %TEMP%.\$%~n0.inf (
     Echo Can not write to: %TEMP%.\$%~n0.inf
     Goto :EOF)
   Echo Remove all printers on %COMPUTERNAME%
   %SystemRoot%\system32\net.exe STOP SPOOLER
   %SystemRoot%\system32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 %TEMP%.\$%~n0.inf
   Del %TEMP%.\$%~n0.inf
   For %%F In (%SystemRoot%\system32\spool\drivers\w32x86) Do (
     %SystemRoot%\system32\attrib.exe -r -s -h %%F\*.* /S
     Del /Q /S %%F\*.*)
   %SystemRoot%\system32\net.exe START SPOOLER

But I still think using a Domain or AD with user rights is the best solution.
0
 

Author Comment

by:JOSHSKORN
ID: 17892752
Originally I'd proposed using AD to my boss but another instructor told me that this would be overkill.  From what I understand, AD is a campus-wide policy.  This printing system would be simply for one computer lab inside of a campus.  We have our own server.  The IT staff currently has remote access to our client computers and we'd like to be able to maintain that.

With each printer we want to route jobs to, there are a group of say 20 computers each.  There are 4 printers.  Would it be easier to have only two logins, one with an active printer and another with no printing?  The for the first login, an administrator would have to login and point computers in Groups A, B, C, or D to printers A, B, C or D.  How would this idea be approached, instead?  Using Domains/Subdomains? AD?
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now