Video Tutorial How To Deploy Printers To Specific Users Through Active Directory Group Policy Object

Home / Active Directory / Video Tutorial How To Deploy Printers To Specific Users Through Active Directory Group Policy Object
Video Tutorial How To Deploy Printers To Specific Users Through Active Directory Group Policy Object

In this tutorial we are going to use Active Directory Security Groups and Group Policy Objects to deploy printers to specific users based on their group membership. At the end of this tutorial we will have two new security groups and two new group policy objects. Members of the first security group will get PRINTER1 installed and set as default, while members of the second group with get PRINTER1 and PRINTER2 installed with PRINTER2 being the default.

Step by step instructions follow the video.

We have these two printers installed on a computer called PRNTSRV and shared on the network. I have called these printers PRINTER1 and PRINTER2 for this tutorial.

deploy-printers-active-directory-group-policy-objects-GPO-001

Let’s begin by creating our first security group. Open up Active Directory Users And Computers and add our first group.

deploy-printers-active-directory-group-policy-objects-GPO-003

Now add a description to the security group.

deploy-printers-active-directory-group-policy-objects-GPO-004

And click on the members tab and add one or more members to the group

deploy-printers-active-directory-group-policy-objects-GPO-005

Now let’s create our second security group.

deploy-printers-active-directory-group-policy-objects-GPO-006

Enter a description for the security group.

deploy-printers-active-directory-group-policy-objects-GPO-007

And now go ahead and add one or more members to this second security group.

deploy-printers-active-directory-group-policy-objects-GPO-008

Now let’s go over to the Group Policy Editor and open up the Group Policy Objects folder for our domain.

deploy-printers-active-directory-group-policy-objects-GPO-009

Here we will add our first GPO for PRINTER1.

deploy-printers-active-directory-group-policy-objects-GPO-010

Pick a name for the GPO and click OK.

deploy-printers-active-directory-group-policy-objects-GPO-012

Right-click on the GPO and choose edit to bring up the Group Policy Management Editor. Then drill down into User Configuration > Preferences > Control Panel Settings > Printers. Right-click in the window and select New > Shared Printer.

deploy-printers-active-directory-group-policy-objects-GPO-016

We will leave the action as Update and enter the path to the printer, (or click the button to browse the directory for your printer). Here we can check the box to set this printer as default as well.

deploy-printers-active-directory-group-policy-objects-GPO-017

Go up to the Common tab and check the box for Item-level targeting. Then click the Targeting button.

deploy-printers-active-directory-group-policy-objects-GPO-019

Now we will click the New Item drop-down and select Security Group.

deploy-printers-active-directory-group-policy-objects-GPO-020

Type the name of the first group we created earlier and click Check Names and then OK.

deploy-printers-active-directory-group-policy-objects-GPO-021

Now we can see our domain name and group name as well as the SID of the group. Click OK.

deploy-printers-active-directory-group-policy-objects-GPO-022

Now we will click Apply and OK to complete the setup of the PRINTER1 GPO.

deploy-printers-active-directory-group-policy-objects-GPO-023

Open up the editor for the printer2 GPO and drill down to the printers folder again.

deploy-printers-active-directory-group-policy-objects-GPO-024

We are going to do the same thing for the first printer that we did last time, only this time we are not going to set it as the default printer and we are going to target our PRINTER2 Security Group.

deploy-printers-active-directory-group-policy-objects-GPO-025

Common Tab – Targeting

deploy-printers-active-directory-group-policy-objects-GPO-026

New Item – Security Group

deploy-printers-active-directory-group-policy-objects-GPO-027

Enter our second group name and click check names.

deploy-printers-active-directory-group-policy-objects-GPO-028

Here is our domain\group and the SID of the group. Repeat this to add a second printer to the GPO, this time setting PRINTER2 as the default.

deploy-printers-active-directory-group-policy-objects-GPO-029

Now let’s right-click on the domain and select Link an Existing GPO. We will do this twice to link both the printer1 GPO and the printer2 GPO into the domain.

deploy-printers-active-directory-group-policy-objects-GPO-033

Link the second GPO.

deploy-printers-active-directory-group-policy-objects-GPO-034

Now we can go to our workstations. On workstation1, (where my user account is logged in), we can open up a command prompt and force a group policy update with the command gpupdate /force.

deploy-printers-active-directory-group-policy-objects-GPO-035

This will immediately deploy the printers from AD to the workstation and set the second printer as default, (because my account is a member of the printer2 group).

deploy-printers-active-directory-group-policy-objects-GPO-037

Jump over to workstation2, (where we are logged in as user1 on the domain), and do a gpupdate /force to setup the first printer and set it as default.

deploy-printers-active-directory-group-policy-objects-GPO-039

 

That’s it. We have configured our Active Directory Security Groups and Group Policy Objects to deploy item-level targeted printer installation.