© 2024 SkillPoint IT. All rights reserved.
Module 5: Publishing Resources in Active Directory – Simplifying Resource Discovery
Active Directory (AD) doesn’t just manage users and computers—it also allows resource publishing. This feature helps users easily discover shared printers, file shares, and services within the network without needing to know specific paths or server names.
What Are Published Resources?
Resources that are made discoverable through Active Directory include:
Shared Folders
Network Printers
Servers and Services
Applications (via GPO or DFS)
Once published, these objects appear in Active Directory search, and users can locate them using Windows Explorer or the Search function.
Benefits of Publishing Resources in AD
📌 Centralized Resource Access
🔍 Easy Search and Discovery
✅ Less IT Support Dependency
🔐 Controlled Access via Group Policy and Security Groups
How to Publish a Shared Folder in Active Directory
Share a folder on a Windows Server.
Right-click the shared folder → Properties.
Go to the Sharing tab → Click Advanced Sharing.
Enable Share this folder → Click Permissions if needed.
Click Publish in Active Directory checkbox.
✅ This makes the folder searchable via AD queries.
How to Publish a Printer in Active Directory
Open Print Management on the server or from Control Panel.
Right-click the printer → Properties.
Go to Sharing tab → Check List in the directory.
Users can now find this printer by:
Opening Devices and Printers → Add Printer → Search AD
Searching for Published Resources
Open File Explorer → Network → Search by keyword.
Or use Active Directory Users and Computers (ADUC) → Find → Choose object type (e.g., Printers).
Best Practices for Publishing Resources
Use naming conventions for resources (e.g.,
NYC-HR-Printer1).Only publish commonly used resources.
Keep published resource descriptions updated.
Control access using NTFS/Share Permissions and Group Policy.
- To Create Objects in Active Directory that:
- Contain the required information
- Provide a reference to the required information
- That Do Not Already Exist in Active Directory
- That Are Relatively Static and Change Infrequently
- To Enable Administrators and Users to Locate Resources Even if the Physical Location of Resources Changes
Setting Up and Administering Published Printers in Active Directory
Publishing printers in Active Directory (AD) simplifies printer access and management across a network. It allows users to discover and install nearby printers without manually entering network paths, while giving IT administrators centralized control.
Step 1: Install and Configure the Printer
Connect the printer to the server or network.
Go to Control Panel > Devices and Printers or Print Management.
Add the printer if it’s not already installed.
Test print to verify functionality.
Step 2: Share the Printer
Right-click the printer > Printer Properties.
Go to the Sharing tab.
Enable Share this printer.
Enter a share name (e.g.,
NYC-Floor1-HP4050).Check the box List in the directory to publish it in Active Directory.
✅ This makes the printer searchable for domain users.
Step 3: Publish or Verify in Active Directory
To manually verify if the printer is published:
Open Active Directory Users and Computers (ADUC).
Click View > Users, Contacts, Groups, and Computers as containers.
Navigate to the server object > Right-click > Properties > Published Printers tab.
Step 4: Deploy Printers Using Group Policy
To automatically assign printers to users or computers:
Open Group Policy Management Console (GPMC).
Create or edit a GPO linked to the desired OU.
Navigate to:
User Configuration > Preferences > Control Panel Settings > PrintersRight-click > New > Shared Printer
Enter the shared path (e.g.,
\\ServerName\PrinterShareName)Choose update, create, or replace based on policy behavior.
🛠️ Tip: Use Item-Level Targeting to deploy by group membership, location, or computer.
Managing Printer Access and Permissions
Control who can print and manage the printer by:
Going to the Security tab in Printer Properties
Assigning permissions like Print, Manage Documents, or Manage Printer
Using security groups for scalable permission management
How Users Find Published Printers
Users can:
Go to Devices and Printers > Add a Printer
Select The printer that I want isn’t listed
Choose Find a printer in the directory, then search by location, name, or model
- Introduction to Printer Publishing
- Any Printer Shared by a Windows 2012-Based Print Server Is Published in Active Directory
- A Printer Is Automatically Removed from Active Directory When a Print Server Is Removed from the Network
- Each Print Server Is Responsible for Its Printers Being Published in Active Directory
- Windows 2012 Automatically Updates the Printer Object’s Attributes in Active Directory
Implementing Printer Locations
- What Are Printer Locations?
- Active Directory finds the subnet object that corresponds to the IP subnet in which the user’s computer is located
- Active Directory uses the value in the Location attribute of the subnet object to search for printers with same value
- Active Directory displays a list of printers whose Location value matches the Location value of the subnet object
- Requirements for Printer Locations
- An Active Directory Network with Two or More IP Subnets
- An IP Addressing Scheme That Corresponds to the Physical Topology of the Network
- A Subnet Object for Each Site
- Represents an IP subnet in Active Directory
- Contains a location attribute that Active Directory uses to find printers in the same physical location as a client computer
- Client Computers That Can Search Active Directory
- Defining Location Names
- Add More Levels to the Location Attribute for the Printer to Better Define the Physical Location
- Configuring Printer Locations
- Enable Location Tracking by Using Group Policy
- Create a Subnet Object in Active Directory
- Set the Location Attribute for the Subnet Object
- Set the Location Attribute for Printers
Setting Up and Administering Published Shared Folders
- Publish a Shared Folder
- Share the Folder
- Publish the Shared Folder in Active Directory
- Add Description and Keywords to the Shared Folder Object to Facilitate Search Operations
- Move the Published Shared Folder Object to Another Container or OU Whenever Required
Comparing Published Objects with Shared Resources
Troubleshooting Published Resources: Fixing Printer Discovery and Access Issues in Active Directory
Publishing printers and shared folders in Active Directory (AD) helps streamline access, but misconfiguration can lead to visibility and access issues. Below are common troubleshooting steps for two frequent problems:
Issue 1: Cannot Find All Printers with Location Tracking Enabled
Symptoms:
Users search for printers using location filters but can’t see all expected printers.
Only some printers appear, even though all are shared and published.
Possible Causes & Fixes:
Location Not Set on Printer
Each printer must have a Location property set that matches your physical AD hierarchy.
✅ Fix:
Go to Print Management > Printer Properties > General tab > Set Location (e.g.,
Building A / Floor 2)
AD Site/Subnet Not Mapped to Printer Server
The printer’s subnet must be associated with a site in Active Directory Sites and Services.
✅ Fix:
In AD Sites and Services, ensure the printer server’s IP is within a defined subnet, and the subnet is linked to the correct site.
Group Policy Not Enabling Location Tracking
Clients won’t use location-based search if it’s not enabled via GPO.
✅ Fix:
Open Group Policy Management Console (GPMC)
Navigate to:
Computer Configuration > Administrative Templates > Printers > Pre-populate printer search locationEnable this setting and configure accordingly.
Printer Not Published in AD
Even with location tracking, the printer must be listed in the directory.
✅ Fix:
In Printer Properties > Sharing tab, ensure “List in the directory” is checked.
Issue 2: User Cannot Access Published Shared Printers
Symptoms:
Printer appears in search but returns error on connection.
Access denied or no printers map on login.
Possible Causes & Fixes:
Permission Denied
Users may lack the Print permission.
✅ Fix:
Go to Printer Properties > Security tab
Ensure users/groups (e.g.,
Domain Users) have Print rights.
GPO or Login Script Not Mapping Printer
If using GPO or scripts to deploy printers, settings may be incorrect.
✅ Fix:
In GPMC:
User Configuration > Preferences > Control Panel Settings > PrintersEnsure the correct shared path is used (e.g.,
\\Server\PrinterName).
Offline or Unreachable Print Server
If the print server is offline, clients won’t connect.
✅ Fix:
Test printer server availability using:
ping servername
Driver Issues
Incompatible or missing printer drivers can block connections.
✅ Fix:
Update or replace drivers using Print Management > Drivers
Use Type 4 drivers for better client compatibility
Firewall or Network Blocking Ports
Printers may not be reachable due to network or firewall settings.
✅ Fix:
Allow Print Spooler Service (TCP 139, 445; UDP 137, 138) on both server and client firewalls.
Additional Troubleshooting Tips
Run
gpupdate /forceand log off/log in after any changes.Use Event Viewer for logon script or printer mapping errors.
Use PowerShell to list shared printers:
Get-Printer -ComputerName “PrintServerName”
Add comment