Manage Internet Printing


Manage Internet Printing

If you install the Internet printing Role Service as shown in figure.


You can Manage printers by using a Web browser to visit the URL http://<PrintServer/printers. As shown in Figure the web Page lists the printers shared by a server and their current Status.
Click a printer to view more detailed information about that printer, incl. the current print queue, and to pause,resume, or cancel printing.
Connecting to a printer using a web Browser is convenient for guests, but you should use Group Policy settings to configure printers for client computers that you manage.
To connect directly to printer shared with internet printing, provide the URL in the format  http://inprn02/printers/<PrinterName>/.printer (e.g. http://inprn02/printers/INSOPRINTER/.printer)





Configure Security for Internet Printing in Server 2003

To configure print server security, either use IIS Manager or the IIS snap-in. To configure the authentication method for Internet printing, follow these steps:
  1. Start IIS Manager or start the IIS snap-in.
  2. Expand * server_name, where server_name is the name of the server.
  3. Expand Web Sites, expand Default Web Site, right-click Printers, and then click Properties.
  4. Click the Directory Security tab, and then click Edit under Authentication and access control.
  5. Click any of the following authentication methods that you want to use, and then click OK:
    • Enable anonymous access: When you use anonymous access, IIS automatically logs you on by using the anonymous user account (by default, this account is IUSR_computer_name). You do not have to enter a user name and password. To change the user account that is used for anonymous access, click Browse under Anonymous access.
    • Integrated Windows authentication: Windows Integrated authentication (formerly called NTLM, or Windows NT Challenge/Response authentication) can use both the Kerberos version 5 authentication protocols and NTLM authentication protocol. This authentication method provides enhanced security. However, this method is supported only in Microsoft Internet Explorer 2.0 or later, and it does not work over HTTP proxy connections.
    • Digest authentication for Windows domain servers: When you use Digest authentication, user credentials are sent across the network while security is maintained. Digest authentication is available only for Internet Explorer 5.0 and later and for Web servers that belong to a Windows 2000 domain.
    • Basic authentication (password is sent in clear text): When you use Basic authentication, you are prompted for your logon information, and your user name and password are sent across the network in clear text. This authentication method provides a low level of security because it is possible for someone who is equipped with network monitoring tools to intercept user names and passwords. However, this type of authentication is supported by most Web clients. Use this authentication method if you want the freedom to manage printers from any browser. If you turn on basic authentication, type the domain name that you want to use in the Default domain box.
    • Microsoft .NET Passport authentication: .NET Passport authentication provides single sign-in security that provides users with access to diverse services on the Internet. When you use this option, requests to IIS must contain valid .NET Passport credentials on either the query string or in the cookie. If IIS does not detect .NET Passport credentials, requests are redirected to the .NET Passport logon page.

      Note: When you select this option, all other authentication methods are unavailable (dimmed).
  6. You can also control access to Internet printers based on the requesting host instead of on user credentials. To grant or deny access to specific computers, groups of computers, or domains, click Edit under IP Address and Domain Name Restrictions.
  7. In the IP Address and Domain Name Restrictions dialog box that is displayed, complete one of the following procedures:
    • To grant access:
      1. Click Denied Access, and then click Add.
      2. In the Grant Access On dialog box, select the option that you want, and then click OK.

        The computer, group of computers, or domain that you selected is added to the Granted list.

        -or-
    • To deny access:
      1. Click Granted Access, and then click Add.
      2. In the Deny Access On dialog box that is displayed, specify the option that you want, and then click OK.

        The computer, group of computers, or domain that you specified is added to the Denied list.
    • Click OK.
  8. Click OK, and then quit IIS Manager or the IIS snap-in.

Comments

Post a Comment

Popular posts from this blog

Java Control Panel Icon "Application Not Found"

Image
Howto: Fix the "Application not found" error in the Java Control Panel icon. These same steps may be useful for other malfunctioning Windows Control Panel icons. In Windows 7, the Java Control Panel icon may be damaged / corrupted. Attempting to launch the icon results in "Explorer.exe : Application not found". Note the generic icon: When working properly, the circled icon should look like this: This problem appears to be an artifact from previous JRE installations and Sun's installation routines were flawed. Re-installing JRE (the Java Runtime Environment) does not resolve the problem. Immediate workaround: If needed, the Java Control Panel can be manually launched using this location: C:\Program Files (x86)\Java\JRE6\bin\Javacpl.exe As a side note, when launching, other-mouse-click the .exe and choose "Run as Administrator".  Running as Administrator resolves a bug where changes in the Control Panel (especially Auto-update changes) do not stic
Read more

Enterprise CA option is greyed out / unavailable

Image
Many times, when installing Active Directory Certificate Services they cannot choose to install Enterprise Certification Authority, because it’s unavailable as in following picture: Well, you need to fulfill basic requirements: Server machine has to be a member server (domain joined). You can run an Enterprise CA on the Standard, Enterprise, or Data Center Windows Edition. The difference is the number of ADCS features and components that can be enabled. To get full functionality, you need to run on Enterprise or Data Center Windows Server 2008 /12/R2/ Editions.  In order to install an Enterprise CA, you must be a member of either Enterprise Admins or Domain Admins in the forest root domain (either directly or through a group nesting). If issue still persists, there is probably a problem with getting correct credentials of your account. There are many thing that can cause it (network blockage, domain settings, server configuration, and other issues). In all ca
Read more

Unable to connect to Wireless profile being pushed using GPO

Image
Today , some laptop users started reporting as they are unable to connect to ‘Wireless profile’ after SCEP installation has taken place. I found, most of the laptop users were having this issue. I immediately uninstalled SCEP but that didn’t help , tried removing Wi-Fi profiles under the path ‘C :\ProgramData\Microsoft\Wlansvc\Profiles\Interfaces\ Interface’ but that didn’t help too. Error - When checking event viewer, the only error that showed up is as follows 5 times in a row.          “Error skipping EAP method DLL path name validation failed. Error: typeId=25, authorId=0,vendorId=0,vendorType=0”, This error indicates a registry or missing corrupt file issue. ‘ EAPHost is a Microsoft Windows Networking component that provides an Extensible Authentication Protocol (EAP) infrastructure for the authentication of following protocols such as   802.1X   and   Point-to-Point (PPP). Cause - Symantec didn’t uninstall properly caused this issue. Resolution – After chec
Read more