C H A P T E R 1 8 Managing printingn Enhancements to Printing in Windows 7 761 n How Printing Works in Windows 7 765 n Understanding the Print Management Console 772 n Managing Print
Trang 1Managing Services
Windows provides four main tools for managing services:
n The Services snap-in (Services msc)
n Task Manager
n Group Policy
n The Sc exe command
Managing Services Using the Services Snap-in
The Services snap-in in Windows 7 is the same as in Windows Vista Compared to this snap-in
in Windows XP, the main difference is that the Startup value for a service can be configured
as Automatic (Delayed Start) on the General tab of the properties sheet for the service (see Figure 17-11)
FIgURE 17-11 Configuring a service for Delayed Start
iMpoRtAnt Before configuring a service for Delayed Start, be sure that you understand the possible ramifications Delayed Start does not provide any time guarantee for when a delayed service will start after the boot process finishes, and if a client application attempts
to use the service before it starts, the client application may fail This means that client applications should be designed to start up the service on demand if they need the service before the Delayed Start sequence starts it In addition, if a particular service is configured for Delayed Start and SCM detects other services that depend on this service, SCM will ignore the Delayed Start setting on the service and will start it during the boot process.
Trang 2The only other change from Windows XP is the option of enabling actions for stops with errors This option can be configured on the Recovery tab, and configuring it enables detec-tion of and recovery from nonfatal errors
Managing Services Using Task Manager
A Services tab was added to Task Manager in Windows Vista and is still available in Windows 7 (see Figure 17-12) This tab allows you to:
n View the name, Process Identifier (PID), description (which is actually the service’s friendly name), status (running or stopped), and service group for all services running
on the system
n Stop or start a service by right-clicking it and then selecting the appropriate option
n View the process within which a service is running by right-clicking the service and then selecting Go To Process
FIgURE 17-12 The Services tab in Task Manager
note To view the process associated with a service, you should first click the Show processes From all Users button on the processes tab This is a necessary step because many services run within an SvcHost.exe process to reduce the memory footprint that would result if each service ran separately after processes for all users are displayed on the processes tab, right-click a service that has a pID number on the Services tab and then select Go To process The focus will switch to the processes tab and highlight the SvcHost.exe process used to host that particular service.
Trang 3Managing Services Using Group policy
You can use Group Policy to configure the startup state (Automatic, Manual, or Disabled) and ACLs for services in the same way that you do this on previous versions of Windows A policy setting for each system service on a computer can be found under the following node:
Computer Configuration\Policies\Windows Settings\Security Settings\System Services
Managing Services Using the Sc.exe Command
You can use the Sc exe command to start, stop, configure, and manage various aspects of services in the same way that you can on earlier versions of Windows The Sc exe command provides administrators with far more flexibility in configuring services than the Services snap-in or Group Policy
The Sc exe command was previously enhanced in Windows Vista with additional command-line switches, including the following:
n New switches for specifying required privileges for a service, including:
• privs Sets the required privileges for a service
• qprivs Queries for the required privileges of a service
n New switches that support per-service SIDs, including:
• sidtype Changes a service’s SID
• qsidtype Retrieves the setting for a service’s SID
n New switches to enable configuration of the FailureActionsOnNonCrashFailures setting, including:
• failureflag Changes the setting of the FailureActionsOnNonCrashFailures flag
• qfailureflag Retrieves the setting for the FailureActionsOnNonCrashFailures flag
• showsid Displays the service SID string corresponding to an arbitrary name
• stop This is an old setting that was enhanced in Windows Vista to specify the stop
reason This setting enables postmortem reliability analysis to find an tor’s reasons (by examining the event logged by SCM with the stop reason) for stopping a service
administra-New in Windows 7 are command options for Sc exe that allow configuring and querying
a service for supported triggers For information about how to use these new command options, see the sidebar titled “Direct from the Source: Sc exe Command Support for Service Triggers” later in this chapter
For more information about the command-line switches for Sc exe, type sc /? at a
command prompt
Trang 4diReCt FRoM tHe SoURCe
Sc.exe Command Support for Service Triggers
CSS Global Technical Readiness (GTR) Team
The Sc.exe command-line tool has been updated for Windows 7 and Windows Server 2008 R2 to include the triggerinfo command option for configuring a service for supported triggers and the qtriggerinfo command option for querying the trigger information for a service
The syntax for the triggerinfo option is as follows.
sc <server> triggerinfo [service name] <parameter1> <parameter2>
possible parameters for the -triggerinfo command option are as follows:
n start/device/UUID/HwId1/… Starts the service on arrival of the specified device interface class UUID string with one or more hardware ID strings and/or compatible ID strings.
n start/custom/UUID/data0/… Starts the service on arrival of an event from the specified custom ETW provider UUID string with one or more binary data items in hexadecimal string format, such as aBCDaBCD to set 4-byte data.
n stop/custom/UUID/data0/… Stops the service on arrival of an event from the specified custom ETW provider UUID string with one or more binary data items in hexadecimal string format, such as aBCDaBCD to set 4-byte data.
n start/strcustom/UUID/data0/… Starts the service on arrival of an event from the specified custom ETW provider UUID string with one or more optional string data items.
n stop/strcustom/UUID/data0/… Stops the service on arrival of an event from the specified custom ETW provider UUID string with one or more optional string data items.
n start/networkon Starts the service on first Ip address.
n stop/networkoff Stops the service on zero Ip addresses.
n start/domainjoin Starts the service if a domain member.
n stop/domainleave Stops the service if not a domain member.
n start/portopen/parameter Starts the service on the opening of a network port The parameter is of the semicolon-delimited form portnumber;protocol name;imagepath;servicename.
n stop/portclose/parameter Stops the service on the closing of a network port The parameter is of the semicolon-delimited form portnumber;protocol name;imagepath;servicename.
Trang 5n start/machinepolicy Starts the service when machine group policy changes
or is present at boot.
n start/userpolicy Starts the service when user group policy changes or is present at boot.
n delete Deletes the existing trigger parameters.
Using the sc -qtriggerinfo command and the Windows Time (W32Time) service as
an example, you can see that this service is configured to start when the system is joined to a domain and stop when the system is not joined to a domain.
C:\Windows\system32>sc qtriggerinfo w32time
[SC] QueryServiceConfig2 SUCCESS SERVICE_NAME: w32time
START SERVICE DOMAIN JOINED STATUS: 1ce20aba-9851-4421-9430-1ddeb766e809 [DOMAIN JOINED]
STOP SERVICE DOMAIN JOINED STATUS: ddaf516e-58c2-4866-9574-c3b615d42ea1 [NOT DOMAIN JOINED]
For all services that specify trigger actions, a TriggerInfo subkey is created in the registry in the service configuration key, which is located at:
HKEY_LOCaL_MaCHINE\SYSTEM\CurrentControlSet\Services\<Service Name>
The TriggerInfo registry key for the Windows Time service is shown here.
The first trigger is assigned a subkey of 0, selected in the image above The 0 subkey for the Windows Time service indicates the Start trigger action The second trigger action is assigned a subkey of 1 For the Windows Time service, the second trigger is used for the Stop trigger action.
Trang 6The following values are contained within the TriggerInfo subkey(s):
n Value Name: action Value Type: REG_DWORD Description: Specifies the action to take when triggered:
n Value Name: Type Value Type: REG_DWORD Description: Specifies the type of trigger:
• 0x00000001 = Device arrival trigger
• 0x00000002 = Ip address trigger
• 0x00000003 = Domain join trigger
• 0x00000020 = Custom trigger Note that for Trigger Start services, the Start value should be 0x00000003 to specify the Demand-Start Startup Type also, the Startup Type for Demand-Start services is listed as Manual in the Services MMC console
Summary
Windows 7 provides an improved device installation experience for users that always searches Windows Update for the latest compatible drivers when a device is connected to the computer The new Devices And Printers folder and Device Stage make it easier than ever for users to install, configure, and use both wired and wireless devices Windows 7 also includes significant improvements in energy efficiency that increase battery life for mobile computers and can help businesses reduce their electric bills Finally, Windows 7 includes support for Trigger Start
of services to reduce the memory footprint, reduce the attack surface, and increase the boot- and run-time performance of Windows computers
Trang 7n Device Management and Installation Step-by-Step Guide: “Signing and Staging Device
Drivers in Windows Vista and Windows Server 2008” found at
Trang 8On the Companion Media
Trang 9C H A P T E R 1 8 Managing printing
n Enhancements to Printing in Windows 7 761
n How Printing Works in Windows 7 765
n Understanding the Print Management Console 772
n Managing Printers Using Print Management 782
n Client-Side Management of Printers 792
n Managing Client-Side Printer Experience Using Group Policy 800
n Deploying Printers Using Group Policy 806
n Migrating Print Servers 812
n Monitoring and Troubleshooting Printers 816
n Summary 818
n Additional Resources 818
Previous to the introduction of the Windows 7 operating system, the Windows Vista operating system included enhanced capabilities for printing to provide high-fidelity print output, better print performance, improved manageability of printers and print servers, integrated support for XML Paper Specification (XPS), and the Windows Color System (WCS), which provides a richer color-printing experience The Windows 7 operating system builds on these earlier printing improvements by adding Location-Aware Printing, printer driver isolation, configurable default spooler security settings, and an improved Point and Print experience for users This chapter describes the printing capabilities of Windows 7 and how to manage printers in enterprise environments
Enhancements to Printing in Windows 7
The printing subsystem in Windows 7 and Windows Server 2008 R2 builds on the ing improvements made previously in Windows Vista and Windows Server 2008, so we will discuss the improvements that were introduced in the earlier versions of the operat-
Trang 10print-printing Enhancements previously Introduced in Windows Vista
A number of print subsystem, print management, and printing experience improvements were first introduced in Windows Vista, and these continue to be included in Windows 7 The new features and enhancements to printing in Windows Vista were as follows:
n Integrated support for XPS Windows Vista includes support for XPS, which is a set
of conventions for using Extensible Markup Language (XML) to describe the content and appearance of paginated documents
n XPS print path In addition to supporting the Graphics Device Interface (GDI) print
path used by earlier versions of Windows, the printing architecture of Windows Vista includes a print path that uses XPS as a document format, a Windows spool file format, and a page description language (PDL) for printers
n XPS document graphics fidelity and performance The XPS document printing
capability in Windows Vista supports vector-based graphics that can be scaled to a high degree without creating jagged or pixilated text, producing high-fidelity print output for graphics-rich documents An XPS document is created by default when you print from any application running on Windows Vista, and you can print this document without rendering it again to an XPS-capable printer Therefore, you can reduce print processing time by as much as 90 percent compared with printing in previous versions
of Windows, depending on the richness of the content being printed and the ties of the printer
capabili-n Microsoft XPS Document Writer Windows Vista includes the Microsoft XPS
Docu-ment Writer, which you can use through any Windows application to print rich application output as XPS documents You can then view these documents in Windows Internet Explorer by using the Microsoft XPS Viewer or by printing them directly to an XPS-capable printer without rendering them again
graphics-n Client-Side Rendering (CSR) By default, Windows Vista renders print jobs on the
client instead of the print server This can significantly reduce print processing times when printing to XPS-capable printers CSR works on non-XPS printers as well and
is useful for reducing CPU and memory load on the server (servers can host more queues); it also reduces network traffic for some drivers
n Resource Reuse XPS documents include the capability of rendering an image once
and reusing the rendered image when it appears on multiple pages of a print job This can reduce the print processing time for documents that have graphics-rich corporate logos and reduces the amount of data sent over the network to remote printers
n Windows Color System Windows Color System (WCS) works with the Windows
Vista print subsystem to provide a richer color-printing experience that supports gamut printers (inkjet printers that use more than four ink colors) for lifelike printing of color photos and graphics-rich documents
Trang 11wide-n Print Management Print Management, a Microsoft Management Console (MMC)
snap-in that was first included in Windows Server 2003 R2, is installed by default on Windows Vista, allowing administrators to manage printers, print servers, and print jobs easily across an enterprise Print Management in Windows Vista has also been enhanced with new capabilities
n Network Printer Installation Wizard Windows Vista replaces the Add Printer Wizard,
which was used in previous versions of Windows, with the Network Printer Installation Wizard, which is easier to use and has new capabilities This new wizard makes it easier for users to connect to remote printers and to local printers that are not Plug and Play
n Non-admin printer installation Standard users (that is, users who are not local
administrators on their computers) can install printers without requiring administrative privileges or elevation at a User Account Control (UAC) prompt
n Deploying and managing printers using group Policy Using Group Policy to
de-ploy printer connections—first introduced in Windows Server 2003 R2—was enhanced
in Windows Vista by eliminating the requirement to prepare client computers first using a startup script that installs PushPrinterConnections exe client software on them New policy settings have also been added in Windows Vista to enhance the capability
of managing printers and printing using Group Policy You can also use the Group Policy Results Wizard in the Group Policy Management Console (GPMC) to display Resultant Set of Policy (RSoP) for deployed printers
n Assigning printers based on location In Windows Vista, you can assign printers
based on location by deploying printers using Group Policy and linking Group Policy objects (GPOs) to sites in Active Directory Domain Services (AD DS) When mobile users move to a different site, Group Policy updates their printer connections for the new location; when the users return to their primary site, their original default printers are restored
n Easier printer migration You can use a new Printer Migration Wizard (including
a command-line version called PrintBRM) to back up printer configurations on print servers, move printers between print servers, and consolidate multiple print servers onto a single server
additional printing Enhancements in Windows 7
In addition to the previously listed printing improvements first introduced in Windows Vista, printing in Windows 7 and Windows Server 2008 R2 has now been enhanced in the following ways:
n XPS printing system The XPS printing system has been enhanced in Windows 7 and
Windows Server 2008 R2 by the inclusion of a new rendering service for XPS printer drivers, new application programming interfaces (APIs), XPS Viewer enhancements, and miscellaneous performance enhancements For information concerning one of these enhancements, see the sidebar titled “Direct from the Source: New Rasterization Service
Trang 12n Devices And Printers Windows 7 and Windows Server 2008 R2 include a new item
on the Start menu and Control Panel called Devices And Printers, which provides a single, central location where users can interact with all of the devices connected to their computer Devices And Printers can display different types of devices, includ-ing universal serial bus (USB), WiFi, and Bluetooth devices Devices And Printers also integrates with Device Stage, a new feature of Windows 7 that makes it easier for users
to connect, recognize, and use their devices For more information about Devices And Printers, see the section titled “Using Devices and Printers” later in this chapter For more information about Device Stage, see Chapter 17, “Managing Devices and Services ”
n Installing printer drivers using Windows Update The Add Printer Driver Wizard
has been enhanced in Windows 7 and Windows Server 2008 R2 to enable ing of additional printer drivers directly from the Windows Update Web site This change also means that fewer in-box printer drivers need to be included in Windows
download-It also makes the Point and Print experience for users easier because if a compatible in-box driver is not found when installing a printer, Windows Update is silently queried for a compatible driver to complete the installation For more information about this feature, see the sections titled “Managing Printer Drivers” and “Extending Point and Print Using Windows Update” later in this chapter
n Cross-platform Point and Print Improvements to the Point and Print experience
now make it easy for users having Windows 7 computers running different sor architectures (x86 or x64) to share their printers For more information about this feature, see the section titled “Extending Point and Print Using Windows Update” later
proces-in this chapter
n location-Aware Printing This feature allows mobile users running Windows 7 on
their laptop computers to set a different default printer for each configured work location For more information about this feature, see the section titled “Using Location-Aware Printing” later in this chapter
net-n Printer driver isolation This enhancement to the printing subsystem in Windows
Server 2008 R2 can increase the stability of print servers by allowing administrators to isolate unstable printer drivers in a separate process instead of within the spooler pro-cess When this is done and an unstable printer driver crashes, the crash doesn’t halt the spooler, which will stop all other printers from functioning on the server For more information about this feature, see the sections titled “Understanding Printer Driver Isolation” and “Configuring Printer Driver Isolation Mode” later in this chapter
n Custom default security settings for print servers Administrators can now define
custom default security settings on Windows Server 2008 R2 print servers that apply
to all printers installed on the print server For more information about this feature, see the section titled “Configuring Default Security for Print Servers” later in this chapter
n Print Management enhancements The Print Management MMC snap-in has been
enhanced in Windows 7 and Windows Server 2008 with new functionality that allows administrators to configure default security settings for print servers and printer driver
Trang 13isolation settings The filtering capabilities of custom filters have also been enhanced with additional filter criteria to make filtering more powerful For more information concerning these enhancements, see the section titled “Enhancements to the Print Management Console in Windows 7” later in this chapter
n PrintBRM The PrintBRM command-line tool has been enhanced in Windows 7 and
Windows Server 2008 R2 to provide more flexibility and improved instrumentation for the administrator For more information concerning these improvements, see the sidebar titled “Direct from the Source: Enhancements to PrintBRM in Windows 7 and Windows Server 2008 R2” later in this chapter
How Printing Works in Windows 7
Understanding how printing works in Windows 7 is important for administrators who need to know how to configure, manage, and troubleshoot printers and printing on this platform The key topics to understand are:
XPS support, which is native to Windows Vista and later versions, allows users to open XPS documents in Internet Explorer 7 0 or higher and to generate XPS documents from any Windows application using the Microsoft XPS Document Writer When you install additional features, some earlier versions of Windows can also use some of the capabilities of XPS:
n By installing the NET Framework 3 0 redistributable on Windows XP Service Pack 2 (SP2) or Windows Server 2003, users of these platforms can open XPS documents using Internet Explorer 6 0 or later versions
n By installing Microsoft Core XML Services 6 0 on Windows XP SP2 or later versions, users can generate XPS documents from any Windows application using the Microsoft XPS Document Writer
n By installing the Microsoft XPS Essentials Pack and Microsoft Core XML Services 6 0 on Microsoft Windows 2000, Windows XP, or Windows Server 2003, users can open XPS documents in a stand-alone XPS Viewer application
Trang 14note You can download these additional features from the Microsoft Download Center
at http://www.microsoft.com/downloads.
You can find detailed information on XPS in the version 1 0 document for this specification
at http://www.microsoft.com/whdc/xps/downloads.mspx on Microsoft Windows Hardware
Developer Central (WHDC) You can find additional news concerning this specification on the
XPS Team Blog at http://blogs.msdn.com/xps/
Understanding the Windows printing Subsystem
The print subsystem on versions of Windows earlier than Windows Vista used the GDI print path The GDI print path processes print jobs as follows:
n Client processes When a user on a client computer sends a print job from an
ap-plication, the application calls the GDI, which then calls the printer driver for tion about how to render the print job in a format that the printer can understand The printer driver resides on the user’s computer and is specific to the type of printer being used After the GDI renders the print job, it sends the job to the spooler By default
informa-on Windows 2000 and later versiinforma-ons, the GDI renders print jobs using the Enhanced Metafile (EMF) format, a standard print job format that is highly portable but needs
to be further rendered by the spooler before being sent to the printer When an EMF print job is sent to the spooler, control returns to the user and the spooler then com-pletes rendering the job for printing (Because the EMF job is quickly handed off to the spooler, the time during which the user’s computer is busy is minimized )
n Spooler processes The print spooler is a collection of features that resides on both
the client computer that sends the print job and a network print server that receives the job for printing The spooler takes the job as rendered by the GDI and, if necessary, renders it further to ensure that it prints correctly The spooler then hands the job off
to the printer
n Printer processes The printer receives the print job from the spooler, translates it
into a bitmap, and prints the document Beginning with Windows Vista, the printing subsystem still includes a GDI print path (for Type 3 – User Mode) to support printing to existing printers Kernel-mode GDI (Type 2 – Kernel Mode) drivers, however, are no longer supported
note Type 3 (User Mode) means that the driver is compatible with Windows 2000, Windows Xp, Windows Server 2003, Windows Server 2003 R2, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2.
Trang 15Beginning with Windows Vista, the printing subsystem also includes a second print path that is based on XPS This additional print path, called the XPS print path, is built on the XPS printer driver model (XPSDrv) and provides the following benefits over the GDI model:
n Maintains the XPS document format from the point when an application sends a print job to the final processing by the print driver or device By comparison, the GDI print path first renders the job into EMF, and then the print driver or device renders the job
a second time into the language the printer can understand
n The XPS print path can be more efficient and can provide support for advanced color profiles, which include 32 bits per channel (bpc), CMYK, named colors, n-inks, and na-tive support of transparency and gradients when XPS-capable printers are being used
n Provides “what you see is what you get” (WYSIWYG) printing Applications can print documents in Windows Vista and later versions by using either the GDI or XPS print path For example, if a Win32 application sends the print job to a print queue that uses a GDI-based print driver, the print job is processed using the same GDI print path used in previous versions of Windows However, if a WPF application sends the job to a print queue that uses a new XPSDrv print driver, the job is spooled using the XPS Spool File format and is processed using the XPS print path The print path taken by the print job is therefore determined by the type of printer driver (GDI-based or XPSDrv) installed on the target print queue
Figure 18-1 illustrates the two print paths (GDI and XPS) available in Windows Vista and later versions Although not shown in the diagram, both of these paths use the same Print Spooler service (%SystemRoot%\System32\spoolsv exe)
Depending on the presentation system of the application from which the document is being printed, the print job might need to be converted before being spooled in the target print path For example, when you print from a Win32 application to an XPS-capable printer, GDI spooling functions must perform GDI-to-XPS conversion, which simulates a WPF applica-tion and spools the job in XPS Spool File format Similarly, when you print from a WPF appli-cation to a legacy GDI-based printer, the WPF Print Support functions must perform XPS-to-GDI conversion, which simulates GDI calls by a Win32 application and spools the job in EMF format These two conversion technologies are built into Windows Vista and later versions for maximum application compatibility when printing from different kinds of applications to either legacy or XPS-capable printers
Trang 16Win32 Applicationusing GDI graphics
Spooling Functions
PrintSpooler
EMFSpoolFile
Print Subsystem
EMF PrintProcessor
PrinterGraphicsDLL
Version 3Print DriverGDI
Rendering EnginePDL to printer
GDI Print Path
Windows PresentationFoundation Application
Windows PresentationFoundation Print Support
PrintSpooler
XPSSpoolFile
FilterPipelineManager Print Filter
Pipeline Service
FilterConfigurationFile
FIgURE 18-1 GDI and XPS print paths in Windows Vista and later versionsFor more information on the XPS print path and XPSDrv print drivers, see the white paper
titled “The XPSDrv Filter Pipeline” on WHDC at http://www.microsoft.com/whdc/device/print /XPSDrv_FilterPipe.mspx
diReCt FRoM tHe SoURCe
New Rasterization Service for Print Drivers
CSS Global Technical Readiness (GTR) Team
The XpS print path, introduced in Windows Vista and Windows Server 2008, did not provide any rendering services and therefore placed a higher burden on vendors developing drivers with support for the XpS print path Rendering services provide the ability within the printing subsystem to convert a print job into a format that can be sent to the printer In the GDI print path, the operating system provides
Trang 17rendering services that support conversion to raster, printer control language (pCL), postScript, and Hp-GL for output.
a rasterization service enables printer drivers to render a print job and send it to the printer in pDL format In Windows 7 and Windows Server 2008 R2, the XpS Rasterization service (XpSRas) provides print driver developers with the capability to rasterize XpS content in the Windows print path This service enables printer driver developers to provide better support for printers and other document peripherals
on the Windows platform and provides an XpS service that is better than the ization capability provided in previous versions of Windows.
raster-Understanding printer Driver Isolation
Printer driver isolation is a new feature of the printing subsystem in both Windows 7 and Windows Server 2008 R2 that can increase the stability of print servers by allowing admin-istrators to isolate unstable printer drivers within a separate PrintIsolationHost exe process instead of within the spooler process The advantage of doing this is that when an unstable printer driver crashes, the crash doesn’t halt the spooler, which would stop all other printers from functioning on the print server
When the Print Server role service of the Print and Document Services server role is stalled on Windows Server 2008 R2, each printer driver on the print server can run in one of three possible driver Isolation modes:
in-n None In this mode, the printer driver will run in the spooler process and not in a
separate process If a driver crashes, the spooler will crash, and administrators must restart the Print Spooler service All print queues on the server will be offline while the spooler is offline This mode is the only option on Windows 2000, Windows 2003, and Windows 2008 print servers
n Shared The printer driver will run in a separate process with all of the other
drivers that are also configured in Shared mode If the driver crashes, the spooler will not crash, but all print queues with drivers in the shared process will be offline (print queues with drivers in isolated processes or within the spooler process will remain online) The shared process will be recycled, the drivers in it will be restarted, and the queues associated with these drivers will return to the online state
n Isolated In this mode, the printer driver will run by itself in a separate process
iso-lated from all other drivers If the driver crashes, only the print queue associated with this driver will be offline The isolated process will be recycled, the print queue will be restarted, and the queue associated with the driver will return to the online state No other print queues or drivers on the server will be affected by this crash/restart
Trang 18Therefore, a Windows Server 2008 R2 print server can have the following:
n Legacy mode (always present)
n Shared process (always present)
n One or more isolated processes (optional)
note The default driver Isolation mode for in-box printer drivers in Windows 7 and Windows Server 2008 R2 is Shared, whereas the default driver Isolation mode for virtual printer drivers (such as the Microsoft XpS Document Writer), fax, and print-to-file drivers (such as print To OneNote) is None Group policy and inf settings can override these System Default driver isolation settings For more information, see the section titled
“Configuring printer Driver Isolation Mode” later in this chapter.
Printer vendors can indicate whether a particular printer driver that they provide has been tested and verified to support running in a shared or isolated process They can do this by adding a DriverIsolation entry in the Version section of the inf file for the driver For example, the following inf file entry indicates that the driver does not support running in a separate (shared or isolated) process
[Version]
… DriverIsolation=0The following inf entry indicates that the driver can be run in a separate process [Version]
… DriverIsolation=2
note The values 1 and 3 for DriverIsolation are reserved for future use any value other than DriverIsolation=2 assumes DriverIsolation=0.
Regardless of whether this inf file entry is present or what its value is, administrators can override this setting and configure driver Isolation mode for any print driver by using the Print Management console Administrators can also configure global driver isolation settings
by using Group Policy For information on how to configure driver isolation using Print agement and Group Policy, see the section titled “Configuring Printer Driver Isolation Mode” later in this chapter
Trang 19Man-note print servers might experience a small degradation of performance when driver isolation is implemented due to the increased number of processes running on the system and the additional interprocess communication overhead incurred when the driver calls spooler functions, and vice versa additional temporary performance degradation might also be incurred when a new process is created or needs to be recycled This performance degradation is much more evident when there are many drivers running in Isolated mode than when using Shared mode.
diReCt FRoM tHe SoURCe
Printer Driver Isolation
CSS Global Technical Readiness (GTR) Team
The printer Driver isolation feature of Windows 7 and Windows Server 2008 R2 allows some print driver functionality to be executed in a process, or processes, separate from the print spooler By invoking print drivers in a separate process, problems associated with faulty print drivers are isolated from the print Spooler ser- vice and will not cause it to fail In addition, the ability to isolate print drivers from each other further increases the reliability of the printing system.
prior to Windows 7 and Windows Server 2008 R2, the failure of third-party drivers was a leading print server support issue at Microsoft The crash of a driver loaded into the print spooler process would crash the process, leading to an outage of the entire printing system The impact of a spooler crash on a print server is particularly significant because of the number of users and printers that are typically affected.
In addition to the benefit of improving overall printing system stability, this new feature provides a means to:
n Isolate new drivers for testing and debugging without affecting the spooler.
n Identify which drivers have been causing spooler crashes.
The printer Driver isolation feature is not intended to isolate print driver ality from applications other than the print spooler If an application loads a print driver into its own process space and the driver crashes, then the application might crash as well For example, if an application directly calls into a printer’s configura- tion module to set or get print capabilities, a failure in the configuration module will crash the application itself In this scenario, the application is directly loading the printer driver into its process space If the print driver’s rendering module is loaded
function-in the process space of the application, a failure function-in the driver will agafunction-in cause a crash
of the application itself.
Trang 20Understanding the Print Management Console
Print Management is a snap-in for the MMC that administrators can use to manage multiple printers and print servers on a network Using the Print Management console, an administrator can manage hundreds of print servers and thousands of print queues on Microsoft Windows
2000 Server, Windows Server 2003, and Windows Server 2008
note The print Management console is designed as a general systems-management tool for administering print servers and print queues For Help desk scenarios or printer-specific troubleshooting, however, enterprises might need to use vendor-supplied tools from printer manufacturers.
Enhancements to the print Management Console in Windows 7
The Print Management console was introduced in Windows Server 2003 R2 and was hanced in a number of ways in Windows Vista:
en-n Network Printer Installation Wizard The Add Printer Wizard used in earlier versions
of Windows has been replaced by the Network Printer Installation Wizard, which can automatically search the network for TCP/IP printers and Web Services for Devices (WSD) printers and add them to the print server You can also use the wizard to manually add TCP/IP and WSD printers, add printers to an existing port, or add a new port and a new printer
n All Drivers filter The new All Drivers filter displays details concerning all installed
printer drivers for all print servers managed by Print Management The All Drivers filter shows the version of printer drivers on multiple servers, which allows administrators to quickly and easily see which print servers must receive updated drivers (when they are updating printer drivers in their organization) The All Drivers filter also allows adminis-trators to easily remove printer driver packages from the driver store when they are no longer needed
n Export/import print queues and printer drivers You can now use Print
Manage-ment to export the configuration of all print queues and printer drivers on a print server to a Printer Migration (* printerExport) file, which you can then import on either the same print server or a different one This is useful for administrators who want to back up printer configurations or migrate printers to a different print server
n Comma-separated list in Add/Remove Servers Administrators can now quickly
add multiple print servers to Print Management by specifying a comma-separated list
of print servers in the Add/Remove Servers dialog box Administrators can also copy and paste a list of servers (one per line) to the text box in the dialog box In addition, the print servers being specified in this dialog box no longer need to be online when added to Print Management
Trang 21n More filter conditions When creating a new custom filter, administrators now have
the option of specifying up to six filter conditions instead of only three as supported previously
n less detailed logging by default By default, only Error and Warning Events are now
logged in the event logs for the Print Spooler service If desired, however, tors can still enable logging of Informational Events for detailed logging purposes, such as auditing print queue activity
administra-n Migrate Printers option By right-clicking the root node in Print Management,
administrators now have the option of using the Printer Migration Wizard to export
or import print queues and printer drivers to move printers to a different print server, such as for consolidation purposes
In addition to the enhancements to the Print Management console found in Windows Vista and Windows Server 2008 that were described earlier in this chapter, several new enhancements can be found in the Print Management console in Windows 7 and Windows Server 2008 R2 These new enhancements include the following:
n Security tab added for print servers When you open the properties of a print
server found under the Print Servers node in Print Management, a Security tab is now displayed Using this tab, you can configure default print permissions for all new printers installed on the server For information on how to do this, see the section titled “Con-figuring Default Security for Print Servers” later in this chapter
n New custom printer filter criteria The New Printer Filter Wizard has been enhanced
with additional criteria for creating custom printer filters For more information on this enhancement, see the section titled “Creating and Using Printer Filters” later in this chapter
n Custom driver filters A New Driver Filter Wizard is included that can be used to
filter printer drivers according to a wide range of criteria For more information on this enhancement, see the section titled “Creating and Using Driver Filters” later in this chapter
n Configure Driver Isolation mode You can now configure the Driver Isolation mode
as None, Shared, or Isolated using the context menu that appears when you right-click
a printer driver found under the Drivers node in Print Management For information on how to do this, see the section titled “Configuring Printer Driver Isolation Mode” later
in this chapter
n Installing printer drivers using Windows Update The Add Printer Driver Wizard
has been enhanced to enable downloading of additional printer drivers directly from the Windows Update Web site This change also means that fewer in-box printer drivers need to be included in Windows The Network Printer Installation Wizard has also been enhanced to provide this functionality For more information about this feature, see the section titled “Managing Printer Drivers” later in this chapter
Trang 22To use the Print Management console directly on a remote computer (for example, on a remote print server), connect to the computer using Remote Desktop The remote computer must be running Windows Server 2003 R2 or later, and the Print Management console must
be installed on the computer You might need to use this approach if the computer on which you are running Print Management does not have all of the printer drivers needed to manage the printers because Print Management pulls its printer drivers from the computer on which Print Management is running
To take advantage of the new Print Management console features in Windows 7 and Windows Server 2008 R2, your computer should be running one of these versions of Windows
On Windows Server 2008 R2, the Print Management console is available from Administrative Tools when you install the Print and Document Services server role On Windows 7, the Print Management console is available from Administrative Tools, which is found under System And Security in Control Panel
The print Management Console
As shown in Figure 18-2, Print Management displays a root node and three main subnodes You expose the functionality of these different nodes in the Action pane (or by right-clicking
a node) They can be summarized as follows:
n Print Management (root) node Adds or removes print servers to/from the console
and launches the Printer Migration Wizard to export or import printer configurations
n Custom Filters node Displays all custom filters, including four default filters:
• All Printers Displays all printers on all print servers and allows administrators to
open the printer queue for a selected printer, pause or resume printing, print a test page from a printer, configure printer properties, and deploy a printer connection using Group Policy
• All Drivers Displays all printer drivers for all printers and allows administrators to
view driver properties and remove driver packages from the driver store
• Printers Not Ready Displays all print queues that are in a Not Ready state for any
reason
• Printers With Jobs Displays all print queues that currently have jobs pending in
them When you create a new custom filter using the New Printer Filter Wizard, you can con-figure an e-mail notification for troubleshooting purposes to alert administrators when
a printer matches the filter conditions You can also configure a script action so that a specified script can be run when a printer matches the condition—for example, a script
to restart the Print Spooler service on a print server
In addition, the Show Extended View option (available by right-clicking a custom filter) displays jobs pending on the print queue and—if supported by the print device—the Web page from which the printer can be managed
Trang 23n Print Servers node Displays all print servers being managed by Print Management,
together with a manageable view of their drivers, forms, ports, and print queues You can also use this node to export/import print queues and printer drivers, configure e-mail notifications or script actions during times when the spooler or server is down, and launch the Network Printer Installation Wizard to add new printers manually or automatically search for TCP/IP and WSD printers and add them to the list of printers being managed by Print Management
n Deployed Printers node Displays printer connections that have been deployed
using Group Policy For more information, see the section titled “Deploying Printers Using Group Policy” later in this chapter
FIgURE 18-2 Overview of Print Management
note print Management also lets you view print queues on both a UNIX or Linux server running Samba and on apple Macintosh computers You can view these queues and also monitor these print servers by receiving notifications when they go down, but you cannot use print Management to add or remove printers to such servers To view print queues on
UNIX or Linux servers, you must authenticate to \\server_name\ipc$ before you can add
the server to the list of print servers you want to monitor.
adding and Removing print Servers
To add or remove print servers so that Print Management can manage them, follow these steps:
1. Click Start, point to All Programs, select Administrative Tools, and then select Print Management
2. Respond to the UAC prompt either by clicking Continue or by supplying administrator credentials as required
Trang 243. Right-click either the root node or the Print Servers node, select Add/Remove Servers
to open the Add/Remove Servers dialog box, and then do one of the following:
n Click Add The Local Server to add the local computer to the list of managed print servers
n Click Browse to open Network Explorer and browse to select print servers on the network
n Type a comma-separated list of print servers and click Add To List
To remove a print server from the list of managed print servers, open the Add/Remove Services dialog box, select the print server, and then click Remove You can also remove all print servers by clicking Remove All
Configuring Default Security for print Servers
In Windows Server 2008 and earlier versions, the following permissions are assigned by fault when a new printer is added to the Print Management console:
de-n Administrator has Print, Manage Printers, and Manage Documents permissions
n Creator Owner has Manage Documents permission
n Everyone has Print permission
If an administrator wants to modify these permissions for all printers on a print server ning on one of these platforms, he needs to open the properties for each printer individually and make the necessary changes on the Security tab of each printer’s properties sheet This can be inconvenient if the administrator needs to modify printer permissions to comply with corporate security policy
Trang 25run-New in Windows Server 2008 R2 is the capability of modifying the default security settings for all printers installed on a print server This can be configured by using the new Security tab on the properties sheet for a print server (as shown in Figure 18-3) Any changes made to these default security settings will then be inherited automatically by any new printers added
to the print server Changes to these default security settings do not modify the permissions for any existing printers on the print server
FIgURE 18-3 Configuring default security settings for new printers created on a print serverYou can modify a print server’s default security settings by using Print Management run-ning on Windows 7 or Windows Server 2008 R2 You can also take or assign ownership of
a print server by clicking Advanced and selecting the Owner tab of the Advanced Security Settings dialog box
note a user must have View Server permission to view printer settings on a print server
a user must have Manage Server permission to add or delete printers, drivers, ports, and forms on printers or to modify settings on a print server.