A More Automated addprinterconnection() Approach - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Basic Scripting » A More Automated addprinterconnection() Approach

Page 1 of 3

1

Topic Options

#159006 - 2006-03-14 05:05 PM A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	Greetings, Is there a way to have a kixtart script: 1. Traverse through ALL installed printers on a print server, determine its security permissions, and store its info in a array? 2. Compare those printer security permissions to a user utilizing the ingroup() function? Ultimately, if a user matches any of the security permissions of each printer, it will be dealt with accordingly. Of course this would all occur in some sort of for or while loop to traverse each printer. 3. Finally, utilize the addprinterconnection() function to finally add a user's printers. Of course this would all be done dynamically. The benefits of this: 1. If we need to add a printer, we don't need to edit any kixtart scripts (Requires less training). 2. It's easier. 3. I'll sleep better at nights 4. It will probably cut my code in half (We're talking over 1000 lines). Thanks in advance!!! Hoopes
Top

#159007 - 2006-03-14 05:14 PM Re: A More Automated addprinterconnection() Approach
Radimus Radimus Moderator Registered: 2000-01-06 Posts: 5187 Loc: Tampa, FL	make a global group, example "PrinterA" assign users to that group in your script: if ingroup('PrinterA') $nul=addprinterconnection('\\server\printera') endif _________________________ How to ask questions the smart way <-----------> Before you ask
Top

#159008 - 2006-03-14 05:24 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Use a standardized naming convention for the DGGs and enum them into an array. Using the newest AScan() search for a partial match on the groupname prefix. Create an INI that maps the relationship between groupname and printername/sharename. Loop through the AScan() positives and pull the printername/sharename from the INI. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159009 - 2006-03-14 05:27 PM Re: A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	Unfortunately, that is what I'm already doing. what I'm hoping is to be a little more dynamic because you are still staically specifying the group and statically specifying the printer. Hopefully this is a little clearer than before: 1. Query ALL of the @USERID's groups that it belongs to 2. Query ALL of the installed printers on the print server and determine their permissions 3. Compare the @USERID's permissions to every installed printer. 4. If the printer's perms match the @USERID's perms addprinterconnection($CURRENTPRINTERINLOOP) So basically, I don't want to hardcide usernames or printer name in the script. Is that something that is possible? Thanks again! Hoopes
Top

#159010 - 2006-03-14 05:29 PM Re: A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	Les, your suggestion sounds more like what I'm looking for. Do you have any snippets of code I could utilize?
Top

#159011 - 2006-03-14 05:31 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	If you ACL the DGGs to the printers, you can skip the reading of printer ACEs. My suggestion then would fit the bill nicely. You only need to enum all the groups a user is a member of and pull out the printer DGGs. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159012 - 2006-03-14 05:39 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Start with the GetGroups() UDF. http://www.kixtart.org/UDF/UDF_lister.php?what=post&code=82790 AScan() is pretty straight forwward. Just make sure you have the newest KiX as partial matches are a recent addition. Read the INI with ReadProfileString(). The only challenge would be in ascertaining which printer to make default. See what you can do with that and post back when you hit a speedbump. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159013 - 2006-03-14 07:46 PM Re: A More Automated addprinterconnection() Approach
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	I think you should review the following thread. I think it pertains to some of the issues you are encountering. Some of the discussion throughout the thread may be directly applicable to your situation. http://www.kixtart.org/ubbthreads/showflat.php?Cat=0&Number=104500 _________________________ Home page: http://www.kixhelp.com/hb/
Top

#159014 - 2006-03-14 08:02 PM Re: A More Automated addprinterconnection() Approach
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11624 Loc: CA	You can also assign printers by GPO on Active Directory if that meets your needs. Plenty of ways to handle this, depends on what suits you best.
Top

#159015 - 2006-03-14 08:09 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	I would just map printers to PCs through an INI file. lots already on that subject complete with ready UDFs. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159016 - 2006-03-15 05:34 PM Re: A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	OK, I just realized this is going to be a bit more complicated. Here's what I need to do: 1. (FIRST for-loop): Query ALL of the GLOBAL groups that start with glbl_grp_* (Please note * is a wildcard) from @USERID when they login and dump the results into an array called $USR_GLOBAL_GRPS[$i]. 2. (INSIDE FIRST for-loop (SECOND for-loop)): Query all of the corresponding DOMAIN LOCAL groups that contain dmlcl_grp__printers from $USR_GLOBAL_GRPS[$i] (Please note is a wildcard) and dump the results into an array called $USR_PRINTER_PERMS[$j]. 3. (INSIDE FIRST for-loop (THIRD for-loop)): Query ALL of the installed printers on the print server and determine what their NAMES are and what DOMAIN LOCAL groups contain dmlcl_grp__printers. Dump those results into two arrays; an array called $CURRENT_PRINTER[$k] and an array called $PRINTER_PERMS[$l]. 3. (inside FIRST for-loop (FOURTH for-loop)) Once our two arrays ($USR_PRINTER_PERMS[$j] and $PRINTER_PERMS[$l]) have been populated, start traversing and comparing both arrays 4. (INSIDE FOURTH for-loop (If-statement)): If any one of the printer's DOMAIN LOCAL groups inside the $USR_PRINTER_PERMS[$j] array match any one of the DOMAIN LOCAL groups inside the $PRINTER_PERMS[$l] array, use the addprinterconnection($CURRENT_PRINTER[$k]) function to add the printer to the @USERID logging in. Please note that I am attempting to eliminate hard-coding username's groups and printers (With the exception of the naming convention dmlcl_grp__printers and glbl_grp_* used to populate the arrays). Also could someone please shoot me some sort of code to start with, because I'm having a hell of a time with this . Thanks in advance! Hoopes
Top

#159017 - 2006-03-15 05:46 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	I think you have over-complicated this unnecessarily. I don't see why you need all those loops and all those arrays. You should be able to do it with one loop/one array. Show us your group naming standard so we can determine the AScan() bit. Include a sample dump of GetGroups(). _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159018 - 2006-03-15 06:06 PM Re: A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	getgroups returns: DOMAIN\user is a member of three groups. Domain Users glbl_grp_corp_acctpay dmlcl_grp_defprn_prn0025 The problem is that the printers use DOMAIN LOCAL groups to determine their permissions such as "dmlcl_grp_corp_acctpay_bw_printers" or "dmlcl_grp_corp_acct_clr_printers." These groups are "Member Of" glbl_grp_corp_acctpay. If we just take the DOMAIN LOCAL groups out, we have to assign the DOMAIN LOCAL groups to each user. That would suck and just isn't possible. Any suggestions?
Top

#159019 - 2006-03-15 06:18 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	UGH! The UGLY principle. Fine for ACL'ing local resources but sucks for this task. Back to the drawing board. If you look in the reg key HKEY_CURRENT_USER\Software\KiXtart\TokenCache for that user, what local printer groups if any show? _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159020 - 2006-03-15 06:38 PM Re: A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	Yeah it is pretty ugly (Microsoft's best practices crap). Here's the local printer groups for that user: DOMAIN\dmlcl_grp_corp_MIS_bw_printers DOMAIN\dmlcl_grp_corp_MIS_clr_printers DOMAIN\dmlcl_grp_corp_ACCOUNTING_EVERYONE_printers Thanks again Les! Hoopes
Top

#159021 - 2006-03-15 06:47 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Are you able to mine those out of the KiX TokenCache? _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#159022 - 2006-03-15 06:48 PM Re: A More Automated addprinterconnection() Approach
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	are these shown in the registry key les pointed above? _________________________ ! download KiXnet
Top

#159023 - 2006-03-15 06:53 PM Re: A More Automated addprinterconnection() Approach
hoopes hoopes Fresh Scripter Registered: 2006-03-02 Posts: 33	I'm not sure if I could mine out the Kix TokenCache because I'm not sure if kixtart is capable of doing it. But if kixtart can, that would be fine for the user side. How would we compare it to the permissions of each printer on the print server? P.S. In reply to Lonkero, "are these shown in the registry key les pointed above?", Is what shown in the registry key les pointed out?
Top

#159024 - 2006-03-15 07:02 PM Re: A More Automated addprinterconnection() Approach
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	those darn groups you just showed. les asked previously you to list the DLG's you see in the kixtart key. please do so. _________________________ ! download KiXnet
Top

#159025 - 2006-03-15 07:07 PM Re: A More Automated addprinterconnection() Approach
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Quote: How would we compare it to the permissions of each printer on the print server? Why would you have to compare? Can one not safely assume that if they are in the DLG, then the DLG is ACL'd in to the printer? Is that not the whole point of this, to avoid parsing all the ACEs or all the printers? _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

Page 1 of 3

1

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Jochen, Allen, Radimus, Glenn Barnas, ShaneEP, Ruud van Velsen, Arend_, Mart

Hop to:

Shout Box

Who's Online

0 registered and 369 anonymous users online.

Newest Members

rrosell, PatrickPinto, Raoul, Timothy, Jojo67
17877 Registered Users

Generated in 0.148 seconds in which 0.097 seconds were spent on a total of 14 queries. Zlib compression enabled.

click tracking