• Chapter 1. Installing and Configuring Windows Server 2003
  • software development Company Server 2003
  • Chapter 1. Installing and Configuring Windows Server 2003
  • New Features in Windows Server 2003
  • Best Practices
  • Moving Forward
  • Version Comparisons
  • Hardware Recommendations
  • Installation Checklist
  • Functional Overview of Windows Server 2003 Setup
  • Installing Windows Server 2003
  • Post Setup Configurations
  • Functional Description of the Windows Server 2003 Boot Process
  • Correcting Common Setup Problems
  • Chapter 2. Performing Upgrades and Automated Installations
  • New Features in Windows Server 2003
  • NT4 Upgrade Functional Overview
  • Upgrading an NT4 or Windows 2000 Server
  • Automating Windows Server 2003 Deployments
  • Moving Forward
  • Chapter 3. Adding Hardware
  • New Features in Windows Server 2003
  • Functional Description of Windows Server 2003 Architecture
  • Overview of Windows Server 2003 Plug and Play
  • Installing and Configuring Devices
  • Troubleshooting New Devices
  • Moving Forward
  • Chapter 4. Managing NetBIOS Name Resolution
  • New Features in Windows Server 2003
  • Moving Forward
  • Overview of Windows Server 2003 Networking
  • Name Resolution and Network Services
  • Network Diagnostic Utilities
  • Resolving NetBIOS Names Using Broadcasts
  • Resolving NetBIOS Names Using Lmhosts
  • Resolving NetBIOS Names Using WINS
  • Managing WINS
  • Disabling NetBIOS-over-TCP/IP Name Resolution
  • Chapter 5. Managing DNS
  • New Features in Windows Server 2003
  • Configuring a Caching-Only Server
  • Configuring a DNS Server to Use a Forwarder
  • Managing Dynamic DNS
  • Configuring Advanced DNS Server Parameters
  • Examining Zones with Nslookup
  • Command-Line Management of DNS
  • Configuring DHCP to Support DNS
  • Moving Forward
  • Overview of DNS Domain Structure
  • Functional Description of DNS Query Handling
  • Designing DNS Domains
  • Active Directory Integration
  • Configuring DNS Clients
  • Installing and Configuring DNS Servers
  • Configuring Secondary DNS Servers
  • Integrating DNS Zones into Active Directory
  • Chapter 6. Understanding Active Directory Services
  • New Features in Windows Server 2003
  • Active Directory Support Files
  • Active Directory Utilities
  • Bulk Imports and Exports
  • Moving Forward
  • Limitations of Classic NT Security
  • Directory Service Components
  • Brief History of Directory Services
  • X.500 Overview
  • LDAP Information Model
  • LDAP Namespace Structure
  • Active Directory Namespace Structure
  • Active Directory Schema
  • Chapter 7. Managing Active Directory Replication
  • New Features in Windows Server 2003
  • Replication Overview
  • Detailed Replication Transaction Descriptions
  • Designing Site Architectures
  • Configuring Inter-site Replication
  • Controlling Replication Parameters
  • Special Replication Operations
  • Troubleshooting Replication Problems
  • Moving Forward
  • Chapter 8. Designing Windows Server 2003 Domains
  • New Features in Windows Server 2003
  • Design Objectives
  • DNS and Active Directory Namespaces
  • Domain Design Strategies
  • Strategies for OU Design
  • Flexible Single Master Operations
  • Domain Controller Placement
  • Moving Forward
  • Chapter 9. Deploying Windows Server 2003 Domains
  • New Features in Windows Server 2003
  • Preparing for an NT Domain Upgrade
  • In-Place Upgrade of an NT4 Domain
  • In-Place Upgrade of a Windows 2000 Forest
  • Migrating from NT and Windows 2000 Domains to Windows Server 2003
  • Additional Domain Operations
  • Moving Forward
  • Chapter 10. Active Directory Maintenance
  • New Features in Windows Server 2003
  • Loss of a DNS Server
  • Loss of a Domain Controller
  • Loss of Key Replication Components
  • Backing Up the Directory
  • Performing Directory Maintenance
  • Moving Forward
  • Chapter 11. Understanding Network Access Security and Kerberos
  • New Features in Windows Server 2003
  • Windows Server 2003 Security Architecture
  • Security Components
  • Password Security
  • Authentication
  • Analysis of Kerberos Transactions
  • MITv5 Kerberos Interoperability
  • Security Auditing
  • Moving Forward
  • Chapter 12. Managing Group Policies
  • New Features in Windows Server 2003
  • Group Policy Operational Overview
  • Managing Individual Group Policy Types
  • Moving Forward
  • Chapter 13. Managing Active Directory Security
  • New Features in Windows Server 2003
  • Overview of Active Directory Security
  • Using Groups to Manage Active Directory Objects
  • Service Accounts
  • Using the Secondary Logon Service and RunAs
  • Using WMI for Active Directory Event Notification
  • Moving Forward
  • Chapter 14. Configuring Data Storage
  • New Features in Windows Server 2003
  • Functional Description of Windows Server 2003 Data Storage
  • Performing Disk Operations on IA32 Systems
  • Recovering Failed Fault Tolerant Disks
  • Working with GPT Disks
  • Moving Forward
  • Chapter 15. Managing File Systems
  • New Features in Windows Server 2003
  • Overview of Windows Server 2003 File Systems
  • NTFS Attributes
  • Link Tracking Service
  • Reparse Points
  • File System Recovery and Fault Tolerance
  • Quotas
  • File System Operations
  • Moving Forward
  • Chapter 16. Managing Shared Resources
  • New Features in Windows Server 2003
  • Functional Description of Windows Resource Sharing
  • Configuring File Sharing
  • Connecting to Shared Folders
  • Resource Sharing Using the Distributed File System (Dfs)
  • Printer Sharing
  • Configuring Windows Server 2003 Clients to Print
  • Managing Print Services
  • Moving Forward
  • Chapter 17. Managing File Encryption
  • New Features in Windows Server 2003
  • File Encryption Functional Description
  • Certificate Management
  • Encrypted File Recovery
  • Encrypting Server-Based Files
  • EFS File Transactions and WebDAV
  • Special EFS Guidelines
  • EFS Procedures
  • Moving Forward
  • Chapter 18. Managing a Public Key Infrastructure
  • New Features in Windows Server 2003
  • Moving Forward
  • PKI Goals
  • Cryptographic Elements in Windows Server 2003
  • Public/Private Key Services
  • Certificates
  • Certification Authorities
  • Certificate Enrollment
  • Key Archival and Recovery
  • Command-Line PKI Tools
  • Chapter 19. Managing the User Operating Environment
  • New Features in Windows Server 2003
  • Side-by-Side Assemblies
  • User State Migration
  • Managing Folder Redirection
  • Creating and Managing Home Directories
  • Managing Offline Files
  • Managing Servers via Remote Desktop
  • Moving Forward
  • Chapter 20. Managing Remote Access and Internet Routing
  • New Features in Windows Server 2003
  • Configuring a Network Bridge
  • Configuring Virtual Private Network Connections
  • Configuring Internet Authentication Services (IAS)
  • Moving Forward
  • Functional Description of WAN Device Support
  • PPP Authentication
  • NT4 RAS Servers and Active Directory Domains
  • Deploying Smart Cards for Remote Access
  • Installing and Configuring Modems
  • Configuring a Remote Access Server
  • Configuring a Demand-Dial Router
  • Configuring an Internet Gateway Using NAT
  • Chapter 21. Recovering from System Failures
  • New Features in Windows Server 2003
  • Functional Description Ntbackup
  • Backup and Restore Operations
  • Recovering from Blue Screen Stops
  • Using Emergency Management Services (EMS)
  • Using Safe Mode
  • Restoring Functionality with the Last Known Good Configuration
  • Recovery Console
  • Moving Forward
  • Who Should Read This Book
  • Who This Book Is Not For
  • Conventions
  • Acknowledgments
  • About the Author
  • About the Technical Reviewers
  • Index
  • Index A
  • Index B
  • Index C
  • Index D
  • Index E
  • Index F
  • Index G
  • Index H
  • Index I
  • Index J
  • Index K
  • Index L
  • Index M
  • Index N
  • Index O
  • Index P
  • Index Q
  • Index R
  • Index S
  • Index SYMBOL
  • Index T
  • Index U
  • Index V
  • Index W
  • Index X
  • Index Z
  • Preface
  • Previous Section Next Section

    Managing Print Services

    For all its complexity and snarl of protocols, a Windows Server 2003 print server has surprisingly few configurable components:

    • Print queues. The queues are listed in the Faxes and Printers window. You must open each one individually to see the jobs inside.

    • Print server properties. The server properties are accessed from the main menu of the Printers and Faxes window. You can also use this window to manage ports and drivers and configure notification and event logging.

    • Printer security. These settings permit you to control who can print to a printer, who can manage the printer itself, and who can manage jobs in the print queues.

    Managing Print Queues

    You can use the Printers and Faxes window to check the status of documents in the queue and manage both the printer as a whole and individual documents in the print queue. You must have at least Print Operator privileges in a domain or Power User privileges on a standalone machine to manage a print queue.

    When you double-click a printer icon, a window opens to display the jobs in the queue. Right-click a printer icon to see the available options. Most of them are self-explanatory. Here are a few items of note:

    • SET AS DEFAULT. This flags the associated printer as the default for all print jobs. Many applications make a standard Win32 API call for the default printer. If one is not selected, this API call fails.

    • USE PRINTER OFFLINE. This enables you to queue up jobs while the print device is unavailable. Otherwise, you will get errors about the inability to print to the device.

    • PAUSE PRINTING. This halts all despool activity but the spooler continues to accept new jobs.

    Right-click on a document in the print queue to see your options. Users with standard print privileges can see all queued jobs but can only pause and cancel their own jobs.

    If you cancel a job, the .spl and .shd files are deleted from the spool area. If you pause a job then resume it, it picks up at the next page. If you select Restart, the job begins from page 1.

    Open the Properties window for a document to see information about the print job (see Figure 16.36).

    Figure 16.36. Print job properties.

    graphics/16fig36.gif

    The General tab gives information about the job, including the number of pages, assigned data type, and the name of the print processor, which is always Winprint even though the print processor is now Localspl. If the job came from a Macintosh, the print processor will be Sfmpsprt. You can also see when the job was submitted and the job's owner.

    The Layout tab controls orientation. An Advanced button shows specialized options for the device. These options come from the minidriver coded by the vendor. Examples of printers with a rich feature set include the Xerox DocuCenter printers, which have options that enable you to do everything including build entire saddle-stitched books with separate covers.

    The Paper/Quality tab has options for selecting resolution, color matching, paper source, and so forth.

    Managing Print Server Properties

    You can configure parameters for the entire print server instead of individual printers by selecting PRINT | PRINT SERVER PROPERTIES from the PRINTERS AND FAXES menu. Use the Advanced tab to respond to user complaints about their jobs not being printed:

    • The Notify When Remote Documents Are Printed option gives the user a pop-up when the job has finished despooling. This does not mean that it has printed successfully. Only the print device knows that.

    • You may want to uncheck the Log Spooler Information Events option. It generally puts too much information in the Event log, hiding any real problems in a sea of successful print events.

    • The Beep On Errors Of Remote Documents and Show Informational Notifications for Local Printers options are rarely of any use because you need to be standing right there at the print server when a user sends a problem job. They are useful for troubleshooting, though, so don't forget they're there.

    The remaining notification items can normally be disabled except when troubleshooting.

    Printer Security

    Printer security is based on control of the printers themselves (the logical printers, not the physical devices), the documents in the print queues, and the ability to add documents to the queue. There are three basic rights required for this control:

    • Print. The right to submit a print job to the printer.

    • Manage Printers. The right to create and delete printers, pause and start the queues, and change printer properties.

    • Manage Documents. The right to delete and change the properties of jobs in the queue other than the jobs submitted by that person.

    Print jobs waiting in the queue are subject to NTFS permissions. The owner of the spooled files is the person who submitted the print job. The Manage Documents permission essentially gives the user the right to manage his own files in the \Windows\System32\Spool\Printers directory.

    The ACL for a printer can be viewed by opening the Printer window, selecting PRINTER | PROPERTIES from the menu, then selecting the Security tab. The standard rights are as follows:

    • Administrators. Full Control.

    • Creator/Owner. Manage Documents.

    • Everyone. Print.

    • Print Operators (Power Users on standalone machine). Full Control.

    • Server Operators. Full Control.

    If you want to restrict access to a printerfor example, you don't want the whole company to print to the $150K IRIS color poster printeryou can assign users and groups to the ACL and give them appropriate rights.

    The basic permissions for Fax are similar to the standard printer permissions. Additional permissions exposed by the Advanced view of the ACL Editor include permission to specify the fax priority and permission to view the fax archives.

    Print Policies

    Group policies make for a handy way to manage enterprise printing. There are nearly two dozen printer and fax policies that enable you to define who can print, what they can print, who is allowed to create and delete printers, and to define what a computer is supposed to do with any stored print jobs.

    Here are printing policies I find very helpful:

    • Custom Support URL in the Printers Folder's Left Pane. This policy has a very long name because it provides a very helpful service. The left pane of the Printers and Faxes window has a link called Get Help With Printing. This link normally points at the printer help at Microsoft's web site. You can specify your own internal web site using this group policy. This is a boon to the Help Desk.

    • Browse a Common Web Site to Find Printers. When you enable this policy and give it an URL, the system puts a little Browse The Intranet link in the Specify A Printer window of the Add Printer Wizard. This link goes to the URL you specify, which would typically be the Printers virtual folder at a print server. This is a great way to give users a simple way to find their printers and download drivers.

    • Default Active Directory Path When Searching For Printers. This is a nifty policy that focuses the Active Directory search in the Add Printer Wizard to a specified OU or domain rather than the entire Active Directory. It is not as nifty as it could be, however, because it does not affect the SEARCH FOR PRINTERS feature in the Start menu Search option.

    • Prevent Addition of Printers. Administrators who really are tired of dealing with printer issues can use this policy to take total control of printer creation. Enabling this policy removes the Add Printers options from the UI. Sophisticated users can still map to a printer with the NET USE command or the Add Hardware Wizard, but users with that kind of knowledge are rare. As an administrator, you can add new printers using scripts.

    Managing Printer Properties

    The Properties window for a printer in Printers and Faxes contains configuration parameters for the following:

    • Sharing

    • Port management

    • Security

    • Print device settings

    Print device settings are exposed by printer minidrivers and filters installed from the vendor's driver files. They expose parameters such as trays, collator, stapler, page size, and so on. The settings are too diverse to cover in this book. Here are the remaining settings.

    Sharing

    The Sharing tab exposes two features in addition to simply sharing the printer. Additional Drivers brings up a checkbox list of alternate clients that can download drivers when they connect to the shared printer. Some of these drivers are on the Windows Server 2003 CD under the \Printers folder. The rest you'll need to download from the vendor's web site.

    If you have the opposite situation, an NT4 print server with Windows Server 2003 or XP clients, you can install the updates drivers on the NT4 print server using the FIXPRNSV utility, located in the \Printers folder on the Windows Server 2003 CD.

    You can also publish the shared printer in Active Directory using the List in Directory option. Publishing the printer helps users to find print resources quickly using the Search utility.

    There are a few complexities associated with publishing printers in Active Directory. These complexities come from the capability of Active Directory to remove, or prune, published printers that no longer point at active printers. This might be because the print server has been decommissioned or the printer has been removed or the network connections are broken.

    The pruning agent runs at the domain controller every 8 hours. During its run, it attempts to contact each printer that has a published share in Active Directory. If it is unable to contact a printer for 3 consecutive retries, it deletes the PrintQueue object from Active Directory.

    A print server running Windows 2000 or Windows Server 2003 will republish its shared printers when it comes back online. If you publish printers from downlevel clients, you will need to republish them when the server becomes available.

    You can change the pruning parameters using a set of group policies. The policies are located in Computer Configuration | Administrative Templates | Printers. Here is a list of the policies:

    • Directory Pruning Interval. This tells the domain controller how often to check the status of printers with PrintQueue objects in Active Directory. By default, this interval is set to 8 hours.

    • Directory Pruning Retry. This tells the domain controller how many times to try the connection before declaring it dead. This is 2 retries, by default.

    • Directory Pruning Priority. This tells the system what priority to give the Printer Pruner. By default, this is normal priority.

    • Check Published State. This tells print servers to constantly republish their shares printers in Active Directory rather than waiting for a restart of the print server. Only set this policy if you are having significant network instabilities that cause your published printer shares to disappear. This would have to be pretty severe to cause a 24-hour disruption.

    Ports

    The Ports tab of the printer Properties window lists the port that has been assigned to the printer along with the other available ports and their printer assignments. If you want to change the port assigned to the print device, or change the properties of the port itself, do it from here.

    This is the place to go if you have changed the IP address on a network printer interface and you want to change the address assigned to the Tcpmon port monitor.

    If you have a user workgroup that produces a lot of paper reportsfor some reason, the Accounting department comes to mindyou can improve overall print throughput by installing multiple print devices that all despool from the same printer. This is called printer pooling. You won't speed up any individual print job with printer pooling, but it keeps jobs from piling up in the queue.

    If you use printer pooling, make sure all the print devices you plan on putting in the pool will work with the printer driver associated with the printer. They do not need to be the exact same make/model, but they do need to recognize the same printer control codes. For example, don't mix Postscript Level 2 and 3 printers in a pool with a Postscript 3 driver.

    Advanced Settings

    The Advanced tab in the Properties window contain a variety of selections. Table 16.2 lists the options, their functions, and gives examples and cautions when selecting the options.

    Table 16.2. Advanced Printer Options

    Option

    Function

    Examples and Cautions

    Available From

    Assign the hours that the printer will despool to its print device. Print jobs submitted at other times are queued.

    If your organization has a color printer that employees can use after hours, you can create a printer and set the Available From option so that jobs print at night.

    Priority

    If you have multiple printers that despool to the same print device, Spooler will ordinarily alternate between the two queues. If you want jobs in one queue to print in front of jobs in another queue, set the Priority value higher.

    You may have a large-format printer owned by the Art department but sometimes used by Technical Documentation. If the graphic designers grouse that they have to wait for the technical writersI speak from experience on this subjectyou can create a separate printer for the graphic designers with a higher priority.

    Driver

    If you get a new driver for a printer, or you change the print device associated with a printer, use this button to load the new driver. If the printer is shared, users who connect to it automatically download the new drivers.

    If you change drivers, the installation script may change the name of the printer. If this happens, the connected print clients can no longer use the shared printer even though the share name has not changed. Before installing a driver into an existing printer, copy the printer name to the Clipboard in case you need to reapply it.

    Spool Print Documents ... / Start Printing Immediately

    This tells Spooler to accept the incoming print job, render the byte stream as it comes, and despool it to the print device simultaneously.

    This option speeds up printing large documents. If the job fails to print for some reason and Spooler is notified of this by the print monitor, the job is permitted to complete spooling, and then it is set to the print device again.

    Print Directly to Printer

    This tells Spooler to bypass local storage of the job. The job is rendered on-the-fly and sent directly to the print device.

    If the printer is shared, this option is ignored.

    Hold Mismatched Documents

    This tells Spooler to make sure the printer setup matches the document setup.

    If the printer uses a raster driver but the incoming print job is Postscript, this option holds the job. A job cannot be moved to another queue, so the only alternative is to cancel the job and print it again to the correct printer.

    Print Spooled Documents First

    Spooler favors spooled jobs over incoming jobs. If two jobs spool at once, Spooler favors the larger job. This option is used in conjunction with the Start Printing Immediately option.

    Under normal circumstances, Spooler chooses the next job to print based solely on the assigned priority. This means a high-priority, 500-page job that might take an hour to print would get attention while a little 1-page job that has already spooled sits and waits. With this option, the spooled job prints first.

    Keep Printed Documents

    This option holds the spool file after the document prints.

    Sometimes it is important that a document print right the first time. For example, accounting packages print reports as part of the end-of-month and end-of-year closings. It is difficult to go back and print the report again if the job fails to complete. You can quickly run out of disk space if you leave it enabled for long.

    Enable Advanced Features

    With this option deselected, the Advanced options are not available.

    If you experience compatibility problems when users take advantage of Advanced features exposed to the UI for their printer, you can deselect this option to disable certain of these features. The miniport driver must make explicit calls to this flag, however, so it might not resolve your problem.

    Separator Pages

    When many people use the same network printer, it can be difficult to sort through the jobs in the output tray. Separator pages (sometimes called burst pages as a holdover from the old green bar tractor paper days) identify the start of each print job with a page that can be seen easily by riffling through the paper stack.

    There are four default separator pages. The files are stored in the \Windows\System32 folder. They are as follows:

    • Pscript.sep. Puts a dual-mode printer in Postscript mode but does not print a separator page.

    • Sysprint.sep. Prints a separator page on a Postscript printer.

    • Sysprtj.sep. Same as Sysprint.sep with the addition of special fonts that support Japanese language modules.

    • Pcl.sep. Puts a dual-mode printer in PCL mode, and then prints the username, date, and job number of the print job.

    The following is a sample separator file:

    \
    \H1B\L%-12345X@PJL ENTER LANGUAGE=PCL
    \H1B\L&l1T\0
    \M\B\S\N\U
    \U\LJob : \I
    \U\LDate: \D
    \U\LTime: \T
    \E
    

    Table 16.3 lists the escape codes and their functions. If you want to switch a printer from Postscript to PCL without printing a separator page, for example, use the following separator file:

    \
    \H1B\L%-12345X@PJL ENTER LANGUAGE=PCL\0
    

    Table 16.3. Separator File Escape Codes and Their Functions

    Escape Code

    Function

    \N

    Username of the submitter.

    \I

    Job number.

    \D\T

    Date and time.

    \Lxxxx

    This is an echo option. Prints the characters (xxxx) until another escape code is encountered. Use this to fill a line with characters to make the burst page distinctive.

    \Fpathname

    Prints contents of the specified file, starting on an empty line, without any processing. Use for printing custom informational messages.

    \Hnn

    Sets a printer-specific control sequence, where nn is a hexadecimal ASCII code. Refer to the printer manual for applicable codes.

    \Wnn

    Sets the width of the separator page. The default width is 80; the maximum width is 256. Any printable characters beyond this width are truncated.

    \B\S

    Prints text in single-width block characters.

    \E

    Page eject. Use to start a new separator page or to end the separator page file. If you get an extra blank separator page when you print, remove this code from your separator page file.

    \n

    Skips n number of lines (from zero through nine).

    \B\M

    Prints text in double-width block characters.

    \U

    Turns off block character printing.

    Printing from DOS

    A DOS application running inside an NT Virtual DOS Machine (NTVDM) is as oblivious to innovations such as Graphic Device Interface (GDI) and Windows Driver Model (WDM) and font libraries as a washboard maker is to Maytags. The DOS application expects to push bytes down an LPT port or bits down a COM port and nothing else is going to make it happy.

    One of the functions of the NTVDM driver is to convert DOS hardware function calls into equivalent Win32 API calls. This works fine for well-behaved DOS applications that play by the rules. Many don't. The most common problems involve DOS applications that try to punch bytes directly to the printer port, either for reasons of control or performance. Those jobs will refuse to print.

    Some DOS applications slam a print file closed without sending an <EOF> byte. The print processor thinks the application is still printing. There are several symptoms of this problem:

    • Print job doesn't run until the application is closed.

    • Last page of a print job stays in the printer, requiring a page feed to clear it.

    • DOS jobs get mangled together with pages from different reports and documents mixed up in the same hopper. This is caused by applications that do calculations between pages of the report that are long enough to cause the LPT timer to time out and accept jobs from another source.

    If you get these symptoms, try setting the default data type to FF Appended. If you are printing to a NetWare server, don't expect the CAPTURE command to solve the problem. The CAPTURE command is not supported on NT.

    If you are trying to print to a nonstandard port, such as a network print device or an Infrared (IR) printer, or you are trying to print from DOS to a printer connected to a network print server, there is no LPT port to keep the DOS application happy. You must give it an LPT port using the NET USE command. This is true even if the machine itself is acting as the despool server for the printer.

    Assume, for example, that you have a server running Windows Server 2003 that hosts a printer for a network print device such as an HP JetDirect card. The port for this device does not use LPT1 or LPT2; it uses a special port designed to print to the network device. If you want to print from a DOS application on this server, you must share the printer and redirect a printer port to the shared printer. If you do not want to share the printer, you won't be printing from DOS. The syntax for the printer port redirection is as follows:

    net use lpt1: \\server_name\printer_share
    

    The share name can be longer than eight characters. The DOS application prints to LPT1, just like it would on a DOS machine. You can use any LPT port number between one and nine, but most older DOS applications don't recognize anything above three. You don't need to put the colon on the port number. (I do it just to be consistent.)

    Troubleshooting Printing Failures

    When troubleshooting printing problems, start with the physical layer. Is the printer turned on? Is it plugged in? Is it connected to the computer? Does the serial printer have the right cable pinouts? I'm sure you know the drill. There are more subtle factors that can affect local printing after you've eliminated the common faults:

    • Bidirectional printing enabled. The printer monitor for both PCL and Postscript printers expects to get status information back from the printer, which requires a bidirectional printer connection. An older parallel cable without a pinout for two-way communications will cause the system to either refuse to create the printer or print jobs will hang in the queue. Check CMOS for the printer port configuration. Often an EPP/ECP port is set to another configuration that does not support two-way communications.

    • Job in the wrong queue. If you have a job in the queue that was supposed to be sent to another queue, you cannot drag and drop it to another printer. You must cancel the job and print it again to the correct printer. This is because the print job has already been rendered using the driver associated with the first queue. Moving it to another queue would mean it could possibly be incorrectly formatted for the target printer. It would be great to have an administrator's bypass on this so that jobs intended for the same type print device could be moved, but that's not in the product.

    • Jobs print partial pages or odd characters. If the printed output includes control characters, Postscript code, lacks graphics characters that were in the document, or otherwise does not seem correct based on the screen display, look for a problem with the default data type. Open the Properties window for the printer, select the Advanced tab, click Print Processor, and select a different default data type. If you have UNIX clients who constantly complain that their jobs are getting fouled up in the print queue, for example, create a new printer for them and change the default data type for that printer to TEXT.

    • Slow or erratic printing performance. If a user is printing locally and the jobs print very slowly, or performance gets erratic, you may need more memory or a faster processor or both. If the user demands fast printing but doesn't want to pay for hardware upgrades, try installing a separate print server to free the desktop from rendering the job.

    • Inadequate rights to spool directory. If you set up a printer for a user and it worked fine, but now the user cannot get it to work, look at the NTFS permissions on the \Windows\System32\Spool directory. They might be restricting the user's access.

    • PnP error. If the driver was installed automatically by PnP, check Device Manager to see if there is an error. The serial port might be sharing an IRQ with an add-on device. The parallel port might lack bidirectional capability or use a non-standard IOBase address. You do not ordinarily get IRQ problems with parallel ports, but watch out for add-on devices and security dongles that keep the port from working with a printer. If you have a second parallel port on a legacy machine, make sure that IRQ5 is enabled for legacy devices in BIOS and that this is the IRQ assigned by Device Manager.

    • Verify proper driver. Windows Server 2003 uses Windows 2000 drivers with a preference for user-mode rather than kernel-mode drivers. Check the vendor's web site for the most current driver.

    Command-Line Print Administration

    Microsoft included several VBScript-based printer management utilities in Windows Server 2003. These scripts first made their appearance in the Windows 2000 Resource Kit. They use Windows Management Instrumentation (WMI) to display and manage printers, print jobs, and printer components such as ports, queues, and configuration.

    Most of these scripts require you to have administrator, or at least printer admin, rights on the target server. Also, many of these tools require you to specify the printer name on the command line. This is a good reason to keep the names as short as possible.

    There are six scripts; they correspond roughly to the tabs in the printer Properties window:

    • PrnPort. This script enumerates, creates, configures, and deletes printer ports at a designated server. This is the functionality you would get in the Ports tab of the printer properties. Here is a sample listing:

      C:\>prnport -l -s s1.company.com
      Server name s1.company.com
      Port name IP_10.1.1.81
      Host address 192.168.0.81
      Protocol RAW
      Port number 9100
      SNMP Disabled
      Number of ports enumerated 1
      
    • PrnMngr. This script adds and deletes printers and can be used to set a particular printer as the default. This is the functionality you would get from the Add Printer Wizard at the main Printers and Faxes window. Here is a sample listing:

      C:\>prnmngr -l -s s1.company.com
      Server name s1.company.com
      Printer name testprn
      Share name DeskJet648c
      Driver name HP DeskJet 640C/642C/648C
      Port name IP_10.1.1.81
      Comment Standard letterhead paper
      Location Bldg C, Floor 3, Cubicle 33C
      Print processor WinPrint
      Data type RAW
      Parameters
      Attributes 8776
      Priority 1
      Default priority 0
      Status OK
      Average pages per minute 0
      
    • PrnQctl. This script can be used to view, stop, start, and manage the jobs in a print queue. You can also use PrnQctl to print a test page. This is the functionality you would get when you double-click the printer icon in the Printers and Faxes window and open the queue viewer.

    • PrnCnfg. This script lists the configuration information for a printer that is normally displayed in the Advanced tab of the printer properties. Here is a sample listing:

      C:\>prncnfg -s s1.company.com -p testprn -g
      Server name s1.company.com
      Printer name HP DeskJet 640C/642C/648C
      Share name DeskJet648c
      Driver name HP DeskJet 640C/642C/648C
      Port name IP_10.1.1.51
      Comment Standard letterhead paper
      Location Bldg C, Floor 3, Cubicle 33C
      Separator file
      Print processor WinPrint
      Data type RAW
      Parameters
      Priority 1
      Default priority 0
      Printer always available
      Attributes local shared published do_complete_first
      
    • PrnJobs. This script enumerates the jobs at a printer and gives the option of pausing a particular job, canceling it, or resuming it. This is the functionality you would get by right-clicking a job in the queue viewer. Here is an example listing:

      C:\>prnjobs -s s1 -p testprn -l
      Job id 14
      Printer testprn
      Document Test Page
      Data type NT EMF 1.008
      Driver name HP DeskJet 640C/642C/648C
      Description newprn, 14
      Elaspsed time 00:00:00
      Machine name \\S1.company.com
      Job status
      Notify Administrator
      Owner Administrator
      Pages printed 0
      Parameters
      Size 75952
      Status UNKNOWN
      Status mask 0
      Time submitted 12/16/2001 11:57:58
      Total pages 1
      Number of print jobs enumerated 1
      
    • PrnDrvr. This script lists information about the print drivers that are loaded on a particular server. This helps to determine if the drivers are up-to-date. There is no UI window that gives information corresponding to this utility. Here is a sample listing:

      C:\>prndrvr -s s1 -l
      Server name s1
      Driver name HP DeskJet 640C/642C/648C,3,Windows NT x86
      Version 3
      Environment Windows NT x86
      Monitor name
      Driver path C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.DLL
      Data file C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFDJ640.GPD
      Config file C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRVUI.DLL
      Help file C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIDRV.HLP
      Dependent files
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPVDJ50.INI
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPVUD50.DLL
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPVUI50.DLL
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFIMG50.DLL
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPV600AL.DLL
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFDJ6xx.GPD
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFDJ69x.GPD
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFDJ200.HLP
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPFNAM50.GPD
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\UNIRES.DLL
       C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\STDNAMES.GPD
      Number of printer drivers enumerated 1
      

    An additional utility, PrintMig, is available in the Resource Kit. This is a standard executable that simplifies backup and restore of printer configurations out of the Registry. You can also use this utility to quickly and easily transport printer configurations to another server. This comes in handy in a business recovery scenario when your main print server goes down and you need to get the printers up on another server quickly. Figure 16.37 shows an example window that lists the printer elements installed on a server.

    Figure 16.37. Printer Migration utility showing printer elements that can be backed up and restored elsewhere.

    graphics/16fig37.gif

    Printer Location Tracking

    Each printer object in Active Directory has a Location attribute. Users who are searching for printers can limit the scope of their search based on the location information.

    Sites form the search boundaries, so location tracking cannot be used if you have only one site. The location tracking option is in the Search utility.

    When you select a site from the search list, the system automatically appends a forward slash (/) to the site name. To make location tracking work, then, you need to preface each location attribute with the site name, followed by a forward slash, followed by more specific location information such as building, floor, cubicle, and so forth.

      Previous Section Next Section