5 Windows 2000 Server Domain Controllers with AD in native mode. Previously,
AD printing wasn't an issue, but I only had a few printers (20 or so), and
they were installed on one of the DCs. Most file and printing was hosted by
NetWare. No replication problems, no Group Policy problems...life is good.
The few AD printers I had appeared in AD in a minute or so after creation,
and worked as designed, for what little use they got.
But now I'm migrating all services to AD, and I created a new server just
for printing. Windows Server 2003 R2 SP2 (joined domain as a member server)
running an IBM HS20 blade with 4GBs of RAM and a 60GB RAID volume. I love
the Print Management console and was looking forward to moving 200 or so
NetWare printers into AD - when I showed my network admin how great it was,
so was she.
Here's the rub. After a few days of running, if I create a new printer on
that server it won't appear in AD. Previous ones don't disappear, it's just
that newly installed ones won't appear. Unless you reboot the server. The
only way a workstation can connect to the printer is to do an Add Printer
and type in the printer name. It connects and can be printed to just fine.
But you can't browse for it in any way. I can't find it in ADUC, either.
Ditto for changes made to existing printers. They don't "advertise" in AD,
but if you install the printer on the local workstation, the changes
(driver, description, etc.) are evident.
I have REPLMON running watching all my DCs, with no errors present. No
errors in Event Viewer on the server hosting the printer. And like I said,
if I reboot the server (not just logout, or restart the printer spooling
service), the printers populate in AD just fine, and people can search for
them by browsing the directory. Obviously rebooting it once it goes into
production isn't feasible. And it wasn't necessary when I installed printers
on one of my Window 2000 DCs.
Any help would be greatly appreciated. I certainly would hope I don't have
to make the print server a DC...
Thanks,
Bruce Lautenschlager
Bethesda Healthcare System
Check the eventlog when you add a new printer. I assume you have the policy
set to publish printers by default set to enabled.
When the spooler starts, the spooler will perform an ldap query for the
printer if it has the published bit set. When the spooler does not find it
in the AD, the spooler will republish.
I never liked making DC print servers. I think it is not recommended
somewhere.
--
Alan Morris
Windows Printing Team
Search the Microsoft Knowledge Base here:
http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:OjNiK2At...@TK2MSFTNGP06.phx.gbl...
Okay, so I enabled "Show informational notifications for local printers"
since "Show information notifications for network printers" was already
enabled, and also I assume since the printers are really viewed as local
printers using standard TCP/IP ports - that should be enabled anyway if for
nothing else than informational reasons.
But will that do anything besides put more entries in System Event Viewer?
Or are you saying that I have to restart the Print Spooler service in order
to publish the printers more effectively in AD?
Thanks much for the prompt reply,
Bruce
"Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
news:O3B60gCt...@TK2MSFTNGP03.phx.gbl...
Bruce
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:%23nVZehD...@TK2MSFTNGP05.phx.gbl...
Log spooler information events.
There should be an event 36 when publishing the printers.
--
Alan Morris
Windows Printing Team
Search the Microsoft Knowledge Base here:
http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:%23pRYrpD...@TK2MSFTNGP06.phx.gbl...
I have System Events showing the printer is created (Event ID 9) and long
periods of time (30-45 minutes) where no other events are logged, but server
operation is normal. Once I reboot, I get the Event ID 36 for the printer
that generated the Event ID 9 earlier and the printer is published.
Thanks,
Bruce
"Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
news:O5V4zsPt...@TK2MSFTNGP03.phx.gbl...
If I reboot, it'll publish it in AD. And if I create printers within a short
time after rebooting, it will publish them very quickly.
It's like it "goes to sleep" after a few days....
Thanks,
Bruce
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:%23Q3ObLQ...@TK2MSFTNGP05.phx.gbl...
Any help appreciated.
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:e48WBe5z...@TK2MSFTNGP05.phx.gbl...
gpedit.msc
Computer Configuration
Administrative Templates
Printers
Check Published state
The spooler will verify the printers are published and if not "should"
publish them.
Please let me know if this addresses the issue. I forwarded the info to the
group who tests the Service Packs
--
Alan Morris
Windows Printing Team
Search the Microsoft Knowledge Base here:
http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:uOt86m6z...@TK2MSFTNGP04.phx.gbl...
Locally for that server, it's Not Configured. I suppose I should change that
to Enabled with a 30 minute interval?
Should I change that locally or on the domain? Since it's Not Configured, I
would think locally would work, and I already hate that a handful of my
users are publishing local printers in AD...
Bruce
"Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
news:OaCHM8G0...@TK2MSFTNGP03.phx.gbl...
--
Alan Morris
Windows Printing Team
Search the Microsoft Knowledge Base here:
http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:esrVuKH0...@TK2MSFTNGP04.phx.gbl...
Thanks - I'll change it as soon as I return from vacation next week and post
results.
Bruce
"Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
news:%23jZxaPv...@TK2MSFTNGP04.phx.gbl...
Thanks for your help. All seems to be well now that I edited that setting.
Bruce
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:u92NMAJ1...@TK2MSFTNGP04.phx.gbl...
It would still be nice to find why the AD objects are getting removed.
--
Alan Morris
Windows Printing Team
Search the Microsoft Knowledge Base here:
http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bruce Lautenschlager" <brucel....@pobox.com> wrote in message
news:OFRcNkr2...@TK2MSFTNGP04.phx.gbl...
Additionally I receive this strange error, which may be somehow
related:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the
server host/cluster-node-01.domain.loc. The target name used was
cluster-print. This indicates that the password used to encrypt the
kerberos service ticket is different than that on the target server.
Commonly, this is due to identically named machine accounts in the
target realm (domain.loc), and the client realm. Please contact your
system administrator.
Did not try to enable the GP setting described above. May be will try
later today.
On 10 Rugp, 02:14, "Alan Morris [MSFT]" <ala...@online.microsoft.com>
wrote:
> Thanks
>
> It would still be nice to find why the AD objects are getting removed.
>
> --
> Alan Morris
> Windows Printing Team
> Search the Microsoft Knowledge Base here:http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in message
>
> news:OFRcNkr2...@TK2MSFTNGP04.phx.gbl...
>
>
>
> > Alan -
>
> > Thanks for your help. All seems to be well now that I edited that setting.
>
> > Bruce
>
> > "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in message
> >news:u92NMAJ1...@TK2MSFTNGP04.phx.gbl...
> >> Alan -
>
> >> Thanks - I'll change it as soon as I return from vacation next week and
> >> post results.
>
> >> Bruce
>
> >> "Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
> >>news:%23jZxaPv...@TK2MSFTNGP04.phx.gbl...
> >>> Yes on the print server.
>
> >>> --
> >>> Alan Morris
> >>> Windows Printing Team
> >>> Search the Microsoft Knowledge Base here:
> >>>http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
>
> >>> This posting is provided "AS IS" with no warranties, and confers no
> >>> rights.
>
> >>> "Bruce Lautenschlager" <brucel.spam...@pobox.com> wrote in message
> >>>news:esrVuKH0...@TK2MSFTNGP04.phx.gbl...
> >>>> Hey - now we're talking...
>
> >>>> Locally for that server, it'sNotConfigured. I suppose I should change
> >>>> that
> >>>> to Enabled with a 30 minute interval?
>
> >>>> Should I change that locally or on the domain? Since it'sNot
> >>>> Configured, I
> >>>> would think locally would work, and I already hate that a handful of my
> >>>> users are publishing local printers in AD...
>
> >>>> Bruce
>
> >>>> "Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
> >>>>news:OaCHM8G0...@TK2MSFTNGP03.phx.gbl...
> >>>>> The spooler checks if the printers are in the AD only at init time or
> >>>>> if
> >>>>> defined by policy. Unpublish and publish should do the trick but
> >>>>> since it
> >>>>> isnotset the policy to verify and publish periodically.
>
> >>>>> gpedit.msc
>
> >>>>> Computer Configuration
> >>>>> Administrative Templates
> >>>>> Printers
> >>>>> Check Published state
>
> >>>>> The spooler will verify the printers are published and ifnot"should"
> >>>>> publish them.
>
> >>>>> Please let me know if this addresses the issue. I forwarded the info
> >>>>> to
> >>>> the
> >>>>> group who tests the Service Packs
>
> >>>>> --
> >>>>> Alan Morris
> >>>>> Windows Printing Team
> >>>>> Search the Microsoft Knowledge Base here:
> >>>>>http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
>
> >>>>> This posting is provided "AS IS" with no warranties, and confers no
> >>>> rights.
>
> >>>>> "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in message
> >>>>>news:uOt86m6z...@TK2MSFTNGP04.phx.gbl...
> >>>>> >I should add, restarting the spooler servicedoesthe same thing as
> >>>>> >rebooting...
>
> >>>>> > Any help appreciated.
>
> >>>>> > "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in message
> >>>>> >news:e48WBe5z...@TK2MSFTNGP05.phx.gbl...
> >>>>> >> Bump - any suggestions? I've got my admin creating printers, Event
> >>>>> >> ID 9
> >>>>> >> showsup, but no Event ID 36 showing it's published to AD?
>
> >>>>> >> If I reboot, it'll publish it in AD. And if I create printers
> >>>>> >> within a
> >>>>> >> short time after rebooting, it will publish them very quickly.
>
> >>>>> >> It's like it "goes to sleep" after a few days....
>
> >>>>> >> Thanks,
> >>>>> >> Bruce
>
> >>>>> >> "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in message
> >>>>> >>news:%23Q3ObLQ...@TK2MSFTNGP05.phx.gbl...
> >>>>> >>> That was already setup (by default), and you are correct about
> >>>>> >>> looking
> >>>>> >>> for Event ID 36, and there is the problem.
>
> >>>>> >>> I have System Events showing theprinteris created (Event ID 9)
> >>>>> >>> and
> >>>>> >>> long periods of time (30-45 minutes) where no other events are
> >>>>> >>> logged,
> >>>>> >>> but server operation is normal. Once I reboot, I get the Event ID
> >>>>> >>> 36
> >>>> for
> >>>>> >>> theprinterthat generated the Event ID 9 earlier and theprinter
> >>>>> >>> is
> >>>>> >>> published.
>
> >>>>> >>> Thanks,
> >>>>> >>> Bruce
>
> >>>>> >>> "Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in
> >>>>> >>> message
> >>>>> >>>news:O5V4zsPt...@TK2MSFTNGP03.phx.gbl...
> >>>>> >>>>I shouldnothave stated notifications. the correct verbage is
>
> >>>>> >>>> Log spooler information events.
>
> >>>>> >>>> There should be an event 36 when publishing the printers.
> >>>>> >>>> --
> >>>>> >>>> Alan Morris
> >>>>> >>>> Windows Printing Team
> >>>>> >>>> Search the Microsoft Knowledge Base here:
> >>>>> >>>>http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
>
> >>>>> >>>> This posting is provided "AS IS" with no warranties, and confers
> >>>>> >>>> no
> >>>>> >>>> rights.
>
> >>>>> >>>> "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in
> >>>>> >>>> message
> >>>>> >>>>news:%23pRYrpD...@TK2MSFTNGP06.phx.gbl...
> >>>>> >>>>> Oops - one more thing - when I look at the Sharing tab of each
> >>>>printer
> >>>>> >>>>> after creation, the " List in thedirectory" is already
> >>>>> >>>>> checked...
>
> >>>>> >>>>> Bruce
>
> >>>>> >>>>> "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in
> >>>>> >>>>> message
> >>>>> >>>>>news:%23nVZehD...@TK2MSFTNGP05.phx.gbl...
> >>>>> >>>>>> If you're referring to the Group Policy setting "Automatically
> >>>>> >>>>>> publish new printers inActiveDirectory" that is currently set
> >>>>> >>>>>> to
> >>>>> >>>>>> "Notconfigured", but I assumed that since I told it during the
> >>>>> >>>>>> creation of theprinterthat I wanted it shared it would
> >>>>> >>>>>> publish it
> >>>>> >>>>>> in AD (and obviously itdoesat some point).
>
> >>>>> >>>>>> Okay, so I enabled "Showinformational notifications for local
> >>>>> >>>>>> printers" since "Showinformation notifications for network
> >>>> printers"
> >>>>> >>>>>> was already enabled, and also I assume since the printers are
> >>>> really
> >>>>> >>>>>> viewed as local printers using standard TCP/IP ports - that
> >>>>> >>>>>> should
> >>>> be
> >>>>> >>>>>> enabled anyway if for nothing else than informational reasons.
>
> >>>>> >>>>>> But will that do anything besides put more entries in System
> >>>>> >>>>>> Event
> >>>>> >>>>>> Viewer? Or are you saying that I have to restart the Print
> >>>>> >>>>>> Spooler
> >>>>> >>>>>> service in order to publish the printers more effectively in
> >>>>> >>>>>> AD?
>
> >>>>> >>>>>> Thanks much for the prompt reply,
> >>>>> >>>>>> Bruce
>
> >>>>> >>>>>> "Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in
> >>>>> >>>>>> message
> >>>>> >>>>>>news:O3B60gCt...@TK2MSFTNGP03.phx.gbl...
> >>>>> >>>>>>> It'snotthe reboot, it the spooler restart that is causes the
> >>>>> >>>>>>> printers to be published. Enableprinterinformational
> >>>>> >>>>>>> notifications Printers Folder, File, Server Properties,
> >>>>> >>>>>>> Advanced
>
> >>>>> >>>>>>> Check the eventlog when you add a newprinter. I assume you
> >>>>> >>>>>>> have
> >>>>> >>>>>>> the policy set to publish printers by default set to enabled.
>
> >>>>> >>>>>>> When the spooler starts, the spooler will perform an ldap
> >>>>> >>>>>>> query
> >>>> for
> >>>>> >>>>>>> theprinterif it has the published bit set. When the spooler
> >>>>does
> >>>>> >>>>>>>notfind it in the AD, the spooler will republish.
>
> >>>>> >>>>>>> I never liked making DC print servers. I think it isnot
> >>>>> >>>>>>> recommended somewhere.
>
> >>>>> >>>>>>> --
> >>>>> >>>>>>> Alan Morris
> >>>>> >>>>>>> Windows Printing Team
> >>>>> >>>>>>> Search the Microsoft Knowledge Base here:
> >>>>> >>>>>>>http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
>
> >>>>> >>>>>>> This posting is provided "AS IS" with no warranties, and
> >>>>> >>>>>>> confers
> >>>> no
> >>>>> >>>>>>> rights.
>
> >>>>> >>>>>>> "Bruce Lautenschlager" <brucel.spaml...@pobox.com> wrote in
> >>>>> >>>>>>>>printeron that server it won't appear in AD. Previous ones
> >>>>> >>>>>>>> don't
> >>>>> >>>>>>>> disappear, it's just that newly installed ones won't appear.
> >>>> Unless
> >>>>> >>>>>>>> you reboot the server. The only way a workstation can connect
> >>>>> >>>>>>>> to
> >>>>> >>>>>>>> theprinteris to do an AddPrinterand type in theprinter
> >>>>> >>>>>>>> name.
> >>>>> >>>>>>>> It connects and can be printed to just
>
> ...
>
> skaityti daugiau »- Sl pti cituojam tekst -
>
> - Rodyti cituojam tekst -
--
Alan Morris
Windows Printing Team
Search the Microsoft Knowledge Base here:
http://support.microsoft.com/default.aspx?scid=fh;[ln];kbhowto
This posting is provided "AS IS" with no warranties, and confers no rights.
<ele...@gmail.com> wrote in message
news:1186732294.4...@g12g2000prg.googlegroups.com...
FWIW, still working normally now, thanks to you.
Bruce
"Alan Morris [MSFT]" <ala...@online.microsoft.com> wrote in message
news:OAZNQst2...@TK2MSFTNGP04.phx.gbl...
I have a printer server that is exhibiting the same behavior. I have set the
local policy for "Check Published State" to one hour. Once I rebooted the
system, numerous printqueue objects were created for the printers that were
missing.
It has now been several weeks, and I just noted that a new printer I created
is not appearing in Active Directory. I've used dsquery * to locate all the
printqueue objects that are children of the printer, and no object exists for
the printer I created.
When I select "Remove from Directory" and "List in Directory" for this
printer, I get no error events, only EventID 9 (object was set) events. I'm
thinking that the spooler isn't creating the objects in the first place,
rather than that they are created and then removed.
Any suggestions for resolving this (other than cycle the spooler service
routinely)?
--Geoff