The Ask the Performance Team has published a WMI Code Creator tool that allows queries your local WMI repository on your computer. This too can be useful if you want to find the WMI values to use with a WQL query filter for your Group Policy Objects (GPO). The tool itself does not actually create a WQL query for WMI…

This weeks setting of the week is a double header but they are really simple but so commonly used that they really have to be mentioned. The first setting is found under User Configuration > Policies > Administrative Templates > Control Panel > Personalization > Prevent changing desktop background. As the name suggest this setting prevents users from changing the…

Advanced Group Policy Management (AGPM) allows organisation to implement change control and versioning to their Active Directory Group Policies. This allows multiple people to edit Group Policy Object (GPO) with their changes going live the instant the change is made. Any changes to a GPO needs to be check-in, deployed then approved before ever making it to production. This product…

One of the great new feature with Group Policy Preferences is the ability to map printers based on a various number of criteria such as group membership, AD Site or even IP Address range. This allows for some powerful options such as being able to map all the printers physically near a user based on the computer IP address. This of course assumes that the networking team allocates the same subnets to certain computers near each other (e.g. a building or floor) but I have found this is often the case.

One of the problems that occur when you map printers with Group Policy Preferences is that if the user has a roaming profile configured and they then logon to a computer that is located in another area they will automatically get all the printers from the previous area they were in and the new area. These printer mapping can build up over time as users logon to computers in different areas they can soon amass a large number of printer mappings that can make their computer run slow especially during logon.

Normal Group Policies are applied via IP address (AD Site) are not a problem as the new computer they are logging on to has no idea of what the previous setting were or the policy falls out of scope so the setting revert back to their original values. But as the printer mapping (and all preference settings) for a user are stored in their profile then this printer mapping will follow them if they are setup with a roaming profile.

Question? So how do you map all the printers in one location but not have them follow you to another location if you are using a roaming profile?

Answer? Is a two step solution which I will go through below. There is also an optional third step that address the problem maintaining default printer mappings once a user gets back to their normal location.

Step 1. The first part is just to create a simple printer mapping that maps the printer targeted by the IP address of the users current computer.

Figure1. Create New Shared Printer

Figure 2. Target setting to only be mapped for computers between 10.1.1.0 to 10.1.1.255

Figure 3. Resulting printer mapping

The images above shows the printer “\\server\printer1” being mapped for the users that logon to a computer that is in the 10.1.1.0/24 subnet. It is important to note that we are talking about the IP address range of the computer that you want to map the printer on not the IP address range of the printer server or the printer itself.

Step 2. The second step is to delete the printer mapping if the IP address of the printer does not fall within the IP address range that you want the printer to be mapped. To do this we start by copying the existing printer mapping that we made in step 1. This avoids making any typo’s in either the printer queue name of the IP addresses.

Figure 4. Copying the existing printer mapping made in step 1.

Figure 5. Paste the setting into an unused part of the pane

Figure 6. Both printer mapping entries

Now we make the changes to the second printer mapping to change the action type and the targeting so that it will remove the printer mapping if the user logs onto a computer that is not in the subnet that we want the printer to be mapped.

Figure 7. Open the properties of the second printer

Figure 8. Change the Action to “Delete”

Figure 9. Go back to the targeting and change it to an “Is Not” between “10.1.1.0” and “10.1.1.255”

Figure 10. New target rule

Figure 11. Two printer entries to map and then clean up the printer queues for a user based on their location.

Step 3. Maintaining Default Printer Mappings

You have now configured dynamic printer mapping for your user based on location of the user. However this solution does have one problem, user normally like to set a default printer and if a user was to logon to a workstation in another location then return to their normal desk their default printer will have been reset. To get around this problem we have to change the targeting on the Delete printer option so it does NOT delete if the printer is configured as the default printer. To do this we need to look at the registry location that the default printer is saved and test to see if the printer we are deleting is the default printer and if so then do nothing.

So let take a look go back to the targeting setting for the Delete printer action and add another test that will check to see if the printer is the default printer.

Figure 12. Add a new Item of type “Registry Match”

Figure 13. Configured Registry Match Setting

Change the Match Type to “Match value data” and the Value data match type to “Substring match” as the value we are looking for will contain other information as well that we don’t care about. Make sure the Hive is set to “HKEY_CURRENT_USER” and the Key Path is set to “Software\Microsoft\Windows NT\CurrentVersion\Windows”. The Value name “Device” is where in the registry the default printer information is saved”. We then set the Substring to “\\server\printer1” which is the UNC path to the printer queue. The substring value should be set to the same value as in the Path for the printer mapping and delete under the main properties for the setting.

There, now you know how to use Group Policy Preferences to map and remove printer queues for users based on their physical location to the printer even if you have user configured with a roaming profile. The default printer mapping will still follow the user no matter where they logon to however as we are limiting this to only one printer this will not have a large affect on the users logon speed nor will it result in the collection of printer mappings from multiple areas.

Technorati Tags: Group Policy Preferences,Printer,Roaming Profiles,Tutorial,How to

Microsoft has just released a new TechNet Subscription discount code for any IT Pro that wants to evaluate and test Microsoft software. This is a great way to get your hands on and test Microsoft software for a business to make sure its the right solution for your needs. If you are a Group Policy Administrator this is a great…

The setting of the week this time highlights the one and ONLY power management policy that has been around since Windows 2000. The “Prompt for password on resume from hibernate / suspend” can be found under User Configuration > Administrative Templates > System > Power Management. Until Windows Vista came along this was the only power management setting that could…

Logon Scripts!!! I hear you yelling at me about why I am doing a tutorial about logon scripts when Group Policy Preferences is supposed to allow me to stop using my logon scripts. Well in a utopian world there would be no logon scripts to maintain however there are still some situations that you might have to execute a program…

As I have previously mentioned there has been a lot of press lately where some hackers took advantage of some holes in IE and Adobe Reader to hack Google’s systems in China. As a result Microsoft have burnt the midnight oil and rushed out an Out of Cycle patch for Internet Explorer to resolve this issues even thought this issues…