I have a 2012r2 print server and I just need to add a print permission to all existing queues, without overwriting the existing permissions.
- get-printer *|Foreach-Object {set-printer $_.name -PermissionSDDL $security.Perm …
-
- CategoryInfo : NotSpecified: (MSFT_Printer (N…= “”, Type = 0):ROOT/StandardCimv2/MSFT_Printer) [Set-P
rinter], CimException - FullyQualifiedErrorId : HRESULT 0x800706be,Set-Printer
- get-printer *|Foreach-Object {set-printer $_.name -PermissionSDDL $security.Perm …
-
- CategoryInfo : NotSpecified: (MSFT_Printer:ROOT/StandardCimv2/MSFT_Printer) [Set-Printer], CimException
- FullyQualifiedErrorId : HRESULT 0x800706ba,Set-Printer
I found a handfull of suggestions on various online forums, but have yet to get this done.
I tried:
$security = get-printer “printer with changes” -full
get-printer * | Foreach-Object {set-printer $_.name -PermissionSDDL $security.PermissionSDDL}
and got a lot of errors, sounded like the spooler service was crashing (it was up when I checked), here’s the error:
set-printer : An error occurred while performing the specified operation. See the error details for more information.
At line:1 char:31
set-printer : The spooler service is not reachable. Ensure the spooler service is running.
At line:1 char:31
I then tried a suggestion to prevent this function from crashing the spooler service when there is a large number of queues:
I wrapped the script into a PS-Job so I could leverage a Start-Sleep and wait for each queue to process.
$security = get-printer insertprinterqueuehere -computer insertprintserverhere -full
$printServerTarget = “inserttargetprinterserverhere”
$printerQueueList = get-printer * -computer $printServerTarget
Foreach ($printerQueue in $printerQueueList)
{
set-printer $printerQueue.Name -computer $printServerTarget -PermissionSDDL $security.PermissionSDDL -AsJob
While (Get-Job -IncludeChildJob -State “Running”)
{
Start-sleep 5
}
Get-Job | Remove-Job
}
It ran for an exceptionally long time, and I didn’t see any permissions being modified while it ran, however when it was done I discovered that it over-wrote the unique permissions on 1000+ queues. ARGH!
I then tried this:
(Get-Printer ‘TEMP’ -Full).PermissionSDDL | Out-File ‘C:\permissions.txt’
Then I use something like this to pull my saved Security settings into a variable. $perms = Get-Content ‘C:\permissions.txt’
Then to push it to particular printer you can do the following
Set-Printer ‘NEWPRINTER’ -PermissionSDDL $perms
This actually worked also, however it over-wrote the permissions on the destination printer. This isn’t going to work, I have 1000+ queues with non-uniform permissions and I just need to add a group to every queue and specify a certain permission.
Can anyone help?