Prevent some pc's to access a network printer via tcpip

We have a network printer (Hp4000) in a school and would like to prevent some machines (25 pc's) from being able to print to it or create a tcpip port pointing to it. The network is a workgroup, not a domain, consisting of Windows XP machines.  All pc's and the printer are on the same subnet and should remain that way. Users on the pc's have admin rights.

It doesn't have to be a fool proof solution, or unbreakable solution. We just to minimize chances of using that printer accidentally from these 25 pc's.

Suggestions ? Is it possible to redirect a specific ip address to a dummy ip address using a hosts file, or a similar approach ?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Is it on a server? or is it being shared thru another PC on the network?
ndidomenicoAuthor Commented:
The printer is shared thru another pc on the network. We would also like to prevent a pc from being able to create a tcpip printer port pointing to the ip address of the network card of the printer, and be able to install a printer driver and print to that printer. Or somehow, block that tcpip address for certain machines. Possible ?
☠ MASQ ☠Commented:
>>Users on the pc's have admin rights.

This is your biggest hurdle.  If the users have absolute control over their PC's the best you can do is make this difficult for them.

Why not simply restrict users to limited accounts where the specified printers cannot be added to or removed?
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

Well if your users are all bright enough to do that, they're way futher along than mine :)
anyway, having all your users as admins makes it difficult since anything you can do they can undo.  

Check out this article...

Yo may also be able to set it thru their firewall but again, as admins they can just turn off the fire wall.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
the other thing  to their a security tab in the printer properties?  

On the Security tab for the shared printer.
Deny Print rights to the Everyone group.
Create a new group which includes only those users who need Print priveliges.
Allow Print rights to that group.
With most networked printers you can set an access control list. If this list is empty, all IP addresses have print access. To limit access, put the IP address of those PCs that need to print in it. All others will then be excluded. Note that this requires the PCs to have fixed IP addresses, so you may need to set up allocation tables in the DHCP server.

I don't know if the LJ 4000 supports this but have a look through it's web interface and if it's there you should find it with the other network settings.
you can use this software for restricting,
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Printers and Scanners

From novice to tech pro — start learning today.