?
Solved

Cross Forest Printing

Posted on 2013-05-27
11
Medium Priority
?
1,366 Views
Last Modified: 2013-05-29
Hello

I'm setting up a print server for Company A.  Company A requires its (migrated) users to print via the print server in Company B. Do I add the printers on the print server in Company A to point to the relevant print queue on the print server on Company B?

Any ideas anyone ?

Thank you
0
Comment
Question by:nico-
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 5
11 Comments
 
LVL 6

Expert Comment

by:Inderjeetjaggi
ID: 39199048
Hi Nico,

Trust between 2 forest should resolve your issue. Below is more details about same.

 Printing to printer on a different domain
http://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/thread/7409f43a-1118-4c0b-8144-2995d8562f30

http://community.spiceworks.com/topic/98440-sharing-printers-across-domains
0
 
LVL 7

Expert Comment

by:eerwalters
ID: 39199303
If you don't want to setup a trust, you can enable LPR on Company A's print server and LPD on Company B's print server.  Then you create print queues on Company A's print server to point to existing print queues on Company B's print server.  This eliminates all issues with authentication/having to have a trust between domains.

  If you are interested in this path, just let me know the OS version of both print servers and I can give you specific instructions.
0
 

Author Comment

by:nico-
ID: 39199381
Thanks eerwalters

There's a Forest Trust setup, but they want the printing path to be

printer client Company A -> Print Queue on Print Server Company A -> Print queue on Print Server Company B -> Print Device Company B

User in Company A will receive the printer from Group Policy Preferences from Company A GPO.

Easier ways of doing it, but this is the way they want it to happen.

OS : Windows 2008 R2 Company A -
        Windows 2003 or 2008 R2 Company B
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 

Author Comment

by:nico-
ID: 39199386
Eerwalters

I suppose the ultimate question is what is the method of creating print queue's on Company A's servers to point to existing print queues on Company B's print servers when there *is* a trust in existence ?

Thanks for your help
0
 
LVL 7

Expert Comment

by:eerwalters
ID: 39199472
The creation process for print queues on workstations and how you choose to deploy the printers does not not change in either environment with LPR setup between the print servers.
  The only thing that changes is that the output from the print queues on Company A can send to the print queues on Company B without having to have any trust.  If you have a trust, it does not effect the LPR/LPD transfer of print jobs.
  I'll create the instructions this afternoon and post them.
0
 
LVL 7

Accepted Solution

by:
eerwalters earned 2000 total points
ID: 39200079
There will be 5 basic steps to resolve the issue
    1- Enable LPD print service on the Windows 2008 print server at Company B
    2- Enable LPD (Print Services for Unix) on the Windows 2003 print server at Company B
    3- Install LPR port monitor on the Windows 2008 print server at Company A
    4- Make LPR to not be RFC 1179 compliant on the Company A print server
    5- Create new printers on the Windows 2008 print server at Company A



Step 1 - Enable LPD Service on the Windows 2008 print server at Company B
  If Server Manager loads after logging in, jump to item b, otherwise...
    a- GoTo Start and type servermanager.msc in the search box and hit Enter
    b- Highlight "Roles" in the left pane
    c- Click on "Add Role Services" on the right (This is assuming that the Print Server Role is already installed)
    d- Enable the LPD Service
    e- Click on Next
    f- Click Install
    g- Click Close
    h- GoTo Start
    i- Type services.msc in the search box and hit Enter
    j- Start the LPD Service if it is not started
    k- Close the Services window


Step 2 - Enable Print Services for Unix (LPD) on the Windows 2003 print server at Company B
    a- GoTo Start | Run  
         Type appwiz.cpl in the Open: box and hit Enter
    b- Click on "Add/Remove Windows Components" in the left pane
    c- Highlight "Other Network File and Print Services"
         Click on the "Details" button
    d- Enable the "Print Service for Unix" component
    e- Click OK
    f- Click on Next
    g- Click on Finish
    h- GoTo Start | Run
         Type services.msc in the Open: box and hit Enter
    i- Start the "TCP/IP Print Server" service if it is not started
    j- Close the Services window


Step 3 - Install LPR port monitor on the Windows 2008 print server at Company A
  If Server Manager loads after logging in, jump to item b, otherwise...
    a- GoTo Start and type servermanager.msc in the search box and hit Enter
    b- Highlight "Features" in the left pane
    c- Click on Add Features on the right
    d- Enable the LPR Port Monitor
    e- Click on Next
    f- Click Install
    g- Click Close


Step 4 - Making LPR to not be RFC 1179 compliant on the Company A print server
              (See the Notes area for why we do this step)
     
 Disclaimer:  Using regedit.exe can be very destructive to your PC.  If you are not comfortable using regedit, please seek assistance from someone who is.

    On the Company A print server
         1- Open RegEdit
         2- GoTo HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\LPDSVC\lpr
         3- Create a new DWord (32-bit) named "UseNonRFCSourcePorts"  (without the quotes)
         4- Modify the value of the new RegKey to be "1" (without the quotes)
         5- Close RegEdit

 Your RegEdit entry after item 4 should look like the pic below (which reflects the results of items 2 thru 4):


UseNonRFCSourcePorts

Step 5 - Install a printer on the Company A print server to point to a Company B printer
    a- GoTo Start | Devices and Printers
    b- Add a Printer (Choose Add a local or network printer as an Administrator, if prompted)
    c- Add a Local Printer
    d- Select Create a new Port
    e- Select LPR Port from the drop down menu
    f- Click Next
    g- In the top field (Name or address of server providing LPD), enter TCP/IP address of the Company B print server that holds the desired printer
    h- In the bottom field (Name of printer or print queue on that server), enter the name of the desired Windows printer at Company B
    i- Click OK
    j- Continue onward with a normal Windows printer setup by picking the desired print driver and naming the printer until finished
    k- Open the newly created printer's properties
    l- GoTo the Ports tab
    m- Uncheck Enable Bidirectional support if it's enabled
    n- Click Apply
    o- GoTo the General tab and send a test print


Notes:
    1- This will allow the Company A print server to send to a print server at Company B as you have specified but will do so regardless of whether or not a trust exists between the 2 forests.
    2- We made the LPR at Company A to not be RFC 1179 compliant so it will send jobs as fast as they are received.  Had we not done that, there would be a delay if more than 11 print jobs were sent within a 2 minute timeframe.  We can now send thousands of jobs per minute and not have any delays.
    3- You can choose to deploy the new printers at Company A as you do any other printers at Company A.  We just changed the output side of the print queue to point to the Company B print server, so everything else should be defined as you already handle printer deployments.
    4- Installing the LPD Service on the Company B print servers only adds another way to get a print job into a print queue on that server.  It does not change anything else about the printers in their environment.
0
 

Author Comment

by:nico-
ID: 39201102
Hello

My mistake.  Company A PS to Company B Print Device.  Good solution though and good to know. Thanks! Points imminent
0
 

Author Closing Comment

by:nico-
ID: 39201106
Very quick to respond and details. Thanks for the other chap who replied.  Not quite what I was after.
0
 
LVL 7

Expert Comment

by:eerwalters
ID: 39201779
You can still use the solution to point directly to a printer at Company B, just:
 Remove
     Steps 1 and 2

 Replace
    Step 5g = Use the TCP/IP address of the printer
    Step 5h = Use "raw" without the quotes.

(This is assuming that the printer supports LPR and that it is not disabled. Most do support it and are enabled by default.)

Only port 515 would need to be open between the Company A print server and the desired printer at Company B.
0
 

Author Comment

by:nico-
ID: 39203970
Thanks

Would LPD/LPR still be used over the standard new printer creation in the windows 2008 server ? i thought that was more a UNIX solution or a workaround?  Performance is the benefit to using this approach rather than the standard MS approach?
0
 
LVL 7

Expert Comment

by:eerwalters
ID: 39204301
The only thing that we are varying in this scenario is the outbound connectivity from the print queue to the printer.  The inbound connectivity to the print queue from the workstations is still the same.  

 Using LPR per the instructions above does provide a less chatty protocol for talking with the printer than the default settings for the Standard Port Monitor in Windows. LPR is also very fast. However, you can disable the SNMP monitoring in a standard windows setup to make it less chatty too.

 LPR/LPD is a UNIX standard that has been around for years and so it is compatible with just about everything that you want to have talk to each other for printing purposes.  I personally prefer to use LPR on the inbound side of the print queue too and make the print queues be binary pass-through queues.  That turns them into traffic cops for just directing print jobs to their destinations and does not touch the contents of the print job. That setup also eliminates the driver lockup issues that normal Windows servers experience.  That's an entirely different solution than what we have been referring.

 Back to your issue.  The solution that I suggested will work for printing to the Company B print servers (regardless of whether there is a trust or not) or directly to the Company B printers (with the instruction modifications). However, there is no reason that you can't use the standard Windows setup (Standard TCP/IP printing) to the Company B printers if they will allow the Company A print server to connect to them.
    (...meaning vs printing thru the Company B print servers as they would have to allow the Company A print server to connect directly to the printers for LPR too)

  I personally would prefer handing off print jobs from one print server to the other as it:
  1- only requires 1 firewall rule between the print servers for Company A to print to every printer at Company B
  2- makes your troubleshooting easier as once it's handed off, it's the responsibility of Company B to insure that the print job is delivered to the printer
  3- is easier to isolate any problems caused by print jobs from Company A (if I were responsible for Company B printing)
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Printers have changed substantially in the last 30 or so years, not just in technical capabilities but in cost and usage as well.  Printers were originally used for interfacing with the operator, not necessarily for printing copy or pictures. In …
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question