Rock my Printers

By Nicklas AhlbergIntune

No admin ever: “Working with printers is the best thing in the world!”

Working with printers is just something we need to deal with and moving from Hybrid Azure AD join to Azure AD join usually include a hard time for admins, in-regards to printers. #PrinterNightmare should still be considered and moving away from GPOs is key in the modern world.

Change log:

.Version 1.0.0.9

  • Stability fixes and added Epson as supported manufacturer.

.Version 1.0.0.8

  • -MinimumSupportedWindowsRelease now reflects the latest changes while uploading the package to Intune

.Version 1.0.0.7

  • Changed how the “minimum supported Windows requirement” is set while creating the Intune W32 app
  • _template has been updated to PSADT 3.9.3

v1.0.0.7 has been tested on:

  • Azure AD-joined Windows 11-22H2
  • Hybrid Azure AD-joined Windows 11-22H2
  • Hybrid Azure AD-joined Windows 10-22H2

.Version 1.0.0.6

  • Fixed: Microsoft recently changed the way Windows Minimum Supported WindowsRelease for Win32 App requirements are set.
  • The tool will now set “W10_20H2” as the minimum supported Windows release instead of “20H2”.

_template has been updated to PSADT 3.9.3 https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases

.Version 1.0.0.5

  • Added Intermec, NiceLabel and Riso logos

.Version 1.0.0.4

  • Added a new textbox to set the AD domain name. This will simplify the printer mapping while using Azure AD-joined devices.

.Version 1.0.0.3

  • Added Konica Minolta support and logo

.Version 1.0.0.2

  • Fixed a case sensitive issue which would throw $driverPath error
  • Added Lexmark and Ricoh logos

Rock my Printers: Why

Rock my Printers will save you a lot of time when it comes to moving away from those pesky GPO’s to a more modern approach. Use Intune to install both drivers and printers, remember that we can still use a print server for the queues.

High level view of what is going to happen:

  1. Export related printer drivers from the server.
  2. Create an installation package per printer, to be installed from Intune.
  3. Automatically upload the installation package to Intune (Win32 app).
  4. Logo, install/uninstallation commands, detection rule will be handled by the tool, so no need to spend time on repetitive activities.
  5. We will now be able to install the driver and map the printer in one go.

Prerequisites

We will use @NickolajA PowerShell module called: “IntuneWin32Apps” to upload the package to Intune. Check it out over at Github: GitHub – MSEndpointMgr/IntuneWin32App: Provides a set of functions to manage all aspects of Win32 apps in Microsoft Endpoint Manager (Intune).

  1. Open: PowerShell as an administrator
  2. Run: Install-Module -Name IntuneWin32App -Confirm:$false -Force:$true
  3. Make sure you are able to manually run PowerShell commands against the printer server if you want to run the tool on a remote device. Example: Get-Printer -ComputerName %PrinterServer%
  4. You may need to change your PowerShell execution policy to allow the tool to run.
    Read more: about Execution Policies – PowerShell | Microsoft Learn
  5. Each device must have line of sight to AD during printer installation.
  6. If using Azure AD-joined devices and passwordless: Make sure you have hybrid cloud trust set up.

Rock my Printers: Contents

Rock my Printers use PowerShell App Deployment Toolkit (PSADT) for printer installation. We will configure a template which the tool will use to create each unique printer installation package.

After you have downloaded the tool you will find:

  • RockMyPrinters.exe (this is the executable to run the tool)
  • Tools (this folder contains exported drivers, logos logfile etc…)

The installation package will install the printer drivers in system context and run the printer mapping in user context. PSADT has this cool function called Execute-ProcessAsUser, that will create a temporary scheduled task which in-turn will be run as the currently logged on user.
⭐This is just one of the excellent stuff we get access to by using PSADT.

Rock my Printers: Preparation

  1. We will start off by downloading the tool from: NicklasAhlberg/RockMyPrinters (github.com)
  2. Extract the zip file and you will find a Tools folder and RockMyPrinters.exe
  3. Navigate to: Tools -> _Template
  4. Open: %Deploy-Application.ps1% with your favorite editor, I am using VSCode.
  5. Scroll down to line 29 and add your Organizational name as the $appVendor variable. In this demo I will use RockEnrollTech. The appVendor variable will be used for detection after the installation package has run.
  6. Optional: Scroll down to line: 134to check the Execute-ProcessAsUser function in action.

Rock my Printers: Supported manufacturers

All manufacturers are supported by the tool. Below logos have been uploaded and will be used as logo by the Intune Win32 app. All other manufacturers will have a generic logo (see below).
❓Want to add more manufacturers to the list? Tweet at me and I will make it happen!

Logos

Rock my Printers: Run the tool

Now that we have made sure that all prerequisites are fulfilled and taken the preparational steps, it is time to run the tool 🤩

  1. Run: RockMyPrinters.exe either directly on the print server or from a remote device.
    It is recommended to run it from a remote device, such as Windows 11, as we usually do not want to add “unnecessary” PowerShell modules to our servers.
  2. Click: Settings -> Add tenant ID or domain
  3. Enter either your tenant id or domain name such as YourDomainName.com
  4. Save and close the .txt file
  5. Click: Settings -> Connect to tenant
  6. Login with an account with sufficient Intune privileges
    Note: The sign in prompt will only show if you are not already signed in/have a token.
  7. Add your printer hostname to the textbox
  8. Click: Settings
  9. Click: Get printers
  10. Select printers based on your need and
  11. Click the Rock My Printers logo to have them exported to Intune.
    Note: This will not impact the server itself.
    This will take some time depending on a lot of parameters such as file copy speed between client and server, amount of selected printers and internet speed to upload the content to Intune. Count with about 2-3 minutes per printer, this is still much fast than doing it manually, right?
  12. ❗Time-out after 15 minutes. Please note that the token will live for 15 minutes and you will need to re-authenticate. As demonstrated below, drivers will be exported and packages created but not uploaded to Intune, if we do not have a valid token.
    💡Choose not to connect to the tenant when you do not want to upload the content to Intune. The .intunewin file is found in the Intune folder within each package.

Rock my Printers: Install from Intune (company portal)

✅Now that we have uploaded our printers to Intune all we need to do is create assignments.
I usually add the printers as available and let the users decide which printers to install. It is fully supported to create required assignments as well, this is totally up to each organization to decide upon.

User experience using available assignments.

Rock my Printers: Detection

We are using the registry to detect the printer installation.
💡Update the _template version variable (found at line 27) to create new package versions.

Rock my Printers: Theme

🤩I have heard your feedback on my sticky colors and have added the possibility to change theme, should you want to.

36 thoughts on “Rock my Printers

  1. This is awesome! We currently have two print servers that service two separate geographical locations. We typically don’t install both sites printers everywhere but rather if you work in Site A, you get Site A print server. For this scenario would you recommend two separate apps with different app names or should I just change the print server and get printers from both sites and package all together?

    Reply

    1. ✅Hi, I have found the issue and the v1.0.0.1 release has been updated with the fix.

      The issue was related to how different PowerShell versions read the $driverPath variable.

      I am running PS7 which is not case sensitive but older versions are.

      Reply

  2. I also thought of something else, when you have multiple printers deployed that all use the same driver (eg HP Universal), does the app download the same package for each one? Or can it evaluate the driver used first and if it exists, just copy the driver?

    Reply

    1. ✅Hi, I have found the issue and the v1.0.0.1 release has been updated with the fix.

      The issue was related to how different PowerShell versions read the $driverPath variable.

      I am running PS7 which is not case sensitive but older versions are.

      Reply

  3. So sorry, I just saw the animated gif showing duplicate drivers are already handled. But I did encounter an issue – no drivers were downloaded from the print servers when I ran this. The logs show it trying to download drivers from my own laptop, not the print server. It looks like $driverPath wasn’t properly set but all printers were discovered and packages created, but unfortunately no drivers. Any thoughts?

    Reply

    1. ✅Hi, I have found the issue and the v1.0.0.1 release has been updated with the fix.

      The issue was related to how different PowerShell versions read the $driverPath variable.

      I am running PS7 which is not case sensitive but older versions are.

      Reply

  4. Hi.

    Thank you for a great tool.

    I have a issue when i try to deploy the printers to Intune with your tool.

    When i start deployment, it’s says uploading to intune.

    but nothing is happening in intune.

    Am i doing anything wrong or is this an error?

    Reply

      1. Hi Nicklas!

        Dont know if I am dooing something wrong but I am not able to extort the printer drivers from the printserver.
        All I get is this error
        Cannot bind argument to parameter ‘Path’ because it is an empty string.

        Is the RockMyPrinters,exe built from powershell , if so is it possible to get the sourcecode?

        Reply

        1. Hi Niklas,
          Thanks for reaching out!

          did you declare the $appVendor variable in the template?

          Snipped from the post:
          “Scroll down to line 25 and add your Organizational name as the $appVendor variable. In this demo I will use RockEnrollTech. The appVendor variable will be used for detection after the installation package has run.”

          Reply

  5. The upload towards Intune does not work for me:

    PS>TerminatingError(Add-IntuneWin32App): “Cannot validate argument on parameter ‘Publisher’. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again.”
    Add-IntuneWin32App : Cannot validate argument on parameter ‘Publisher’. The argument is null or empty. Provide an argume
    nt that is not null or empty, and then try the command again.
    At line:17259 char:38
    + … $Win32App = Add-IntuneWin32App @addIntuneWin32AppParameters -Icon $ …
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidData: (:) [Add-IntuneWin32App], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Add-IntuneWin32App
    Add-IntuneWin32App : Cannot validate argument on parameter ‘Publisher’. The arg
    ument is null or empty. Provide an argument that is not null or empty, and then
    try the command again.
    At line:17259 char:38
    + … $Win32App = Add-IntuneWin32App @addIntuneWin32AppParameters -Icon $ …
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidData: (:) [Add-IntuneWin32App], Parameter
    BindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Add-IntuneWin32
    App

    **********************
    Windows PowerShell transcript end
    End time: 20230323115045
    **********************

    Reply

    1. Hi Mitch, it seems you have not declared the $appVendor variable in the template.

      Snipped from the post:
      “Scroll down to line 25 and add your Organizational name as the $appVendor variable. In this demo I will use RockEnrollTech. The appVendor variable will be used for detection after the installation package has run.”

      Reply

  6. I have the packages uploaded to Intune and the deployment works. But after deployment I cannot see the print queue on my test machine. Any idea?

    Reply

    1. Hi Mitch, thanks for reaching out.

      As for now your device must have line of sight to the print server during the time the printer is mapped.
      Also, if you are using passwordless (Window Hello for Business) you must make sure the device is able to authorize during printer mapping.

      //Nicklas

      Reply

  7. Hi Nicklas,

    Nice looking tool!
    Maybe I am doing something wrong but when the Intune app is installed the printer won’t show up in Devices & Printers or Printmgmt. The driver is installed and the registry keys are made. Intune status says Installed. Tried installing on system with and without local admin rights. Also the repair file won’t fix the issue.

    Reply

    1. Hi Niels, thanks for reaching out!

      As for now your device must have line of sight to the print server during the time the printer is mapped.
      Also, if you are using passwordless (Window Hello for Business) you must make sure the device is able to authorize during printer mapping.

      I have updated the blog post to clarify this.

      //Nicklas

      Reply

  8. Absolutely awesome!! Great work.

    Do you think it would be easy to add Intermec / Nicelabel drivers to your solution?

    Reply

    1. Hi, thanks for reaching out. v1.0.0.5 comes with added support for NiceLabel, Intermec and Riso 🙂

      //Nicklas

      Reply

  9. Same here. Everything is deployed. Line of sight. Reg keys exist.
    But no printers (Canon)

    Reply

    1. Hi, thanks for reaching out. There have been some changes in how the W10/11 minimum os version requirements are set while uploading the W32app to Intune.
      I have updated the tool to reflect the changes in v1.0.0.7

      //Nicklas

      Reply

  10. Hello
    Thanks for the great app.
    I can download drivers from printer server, but no Intune package is created?
    Output from App. “Success! All selected printers have been exported”
    And then noting happens? What are i missing?

    App runs from a server 2022 with PowerShell 7 (not printer server).
    Connected to Tenant, and module IntuneWin32Apps installed
    There is nothing in logfile(only that script started).

    Reply

    1. Hi Nicke, thanks for reaching out! I have received reports of others with the same challenge when running the tool on a server.
      Please try to use the New-IntuneWin32AppPackage manually once just to make sure it works. This has been the main issue for other with same challenge.

      Do you find any leads in logfile.log (found in the tools folder)?

      Let me know how it goes!

      Reply

  11. Hi Nicklas,

    Great tool, works like a charm 🙂

    An improvement to consider is the ability to add a prefix and postfix to the AppName in intune so all printers could be prefixed with i.e PRN- so they are easy to find in the app list ?

    Reply

    1. Hi Morten,

      Thanks for reaching out and for the feedback. That is an excellent idea I will do my best to make it happen!

      //Nicklas Ahlberg

      Reply

  12. Hi Nicklas,

    I am currently trying your tool, and it seems like when the package is installed without line of site to dc the first time, it wont map the printer anymore with a “re-install” button in the company portal. Is this correct?

    Would it be an idea to combine this solution from Florian Salzbach to create a scheduled task for the mapping part? This will be even more close to the old gpo style.
    And then we could also deploy the package to devices instead of users.

    Just an idea. Kind regards!

    Manuel

    Reply

    1. Hi Manuel, thanks for reaching out and the great feedback. Yeah, line of sight to AD is a pre-req for this to properly work as for now, and I’m actually working on a new release similar to your feedback.

      Regards

      //Nicklas

      Reply

  14. I stuck at “Connect-MSIntuneGraph’ is not recognized as the name of a cmdlet. I’ve istalled the module with “Install-Module Microsoft.Graph -Scope AllUsers”.

    If i try “Connect-MgGraph”, it works. What am i doing worng?

    Reply

    1. Hi Robert, thanks for reaching out.

      MS has released some changes to the old PS-modules and I have not had time to update Rock my Printers due to summer holidays.

      //Nicklas

      Reply

  15. Good evening Nicklas,
    I have the same issue of Nicke but unfortunately I don’t understand your solution: I need to manually launch the “New-IntuneWin32AppPackage” command for create the package?

    What kind of source file I need to indicate?

    Once I have generated the package, what steps are needed for upload the one into Endpoint Manager Apps? (Step-by-step)?

    Thanks

    Reply

    1. Hi, Rock my Printers will take care of all the steps as long as the powershell module: IntuneWin32App is present

      //Nicklas

      Reply

  16. will this also work for exporting local tcp/ip printers without print server or ad to import into intune for per device deployment?

    Reply

    1. Hi,

      Thanks for your question. I have not tested this but will definitively look into it!

      //Nicklas

      Reply

      1. I just tested and it worked perfectly. Just add your device as the printer server and you are good to go. You do not need to add an AD domain name when using your local device as printer server.

        //Nicklas

        Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.