Bulk Migration of Printer from Windows Server 2008/R2 to Windows Server 2012/R2

Bulk Migration of Printer from Windows Server 2008/R2 to Windows Server 2012/R2

The following steps are from those who would like to migrate print server from legacy Server 2008/R2 to Windows Server 2012/R2. This steps will bring new drivers and avoid bringing old corrupt drivers and configuration into new systems. If you utilize print migration wizard then you may bring legacy corrupt driver into new systems. This steps also helpful if you are using Citrix Universal Print Driver.

Step1: Download correct and latest Generic/Universal/Global print driver. HP called Universal. Other manufacturer may call global or generic driver. Help yourself from Bing.

Step2: Install Generic Driver.

Open Server manager>Print Management>print Servers>Server name>Drivers.

Right Click and add x64 & x86 drivers.

Step3: Extract Legacy print Configuration.

Open PowerShell as an administrator. Run the following command.

$printserver = “printservername.domain.com”

Get-WMIObject -class Win32_Printer -computer $printserver | Select Name,DriverName,PortName,sharename,location,comment | Export-CSV -path ‘C:\printers.csv’

Step4: Create a CSV file shown below from the CSV File extracted in step3.

Create a CSV fileand store the file into c:\printers.csv in new Windows Server 2012 R2.

First row of CSV shown below. Add relevant rows to your CSV file.

PrintServer|Driver|PortName|IPAddress|Sharename|Location|Comment|Printername

Step5: Create a Powershell script as below (Extracted the script from http://poshcode.org/1462)

Open a notepad. Copy from below and paste into the notepad. Rename to CreatePrinter.PS1

function CreatePrinter {

$server = $args[0]

$print = ([WMICLASS]”\\$server\ROOT\cimv2:Win32_Printer”).createInstance()

$print.drivername = $args[1]

$print.PortName = $args[2]

$print.Shared = $true

$print.Sharename = $args[3]

$print.Location = $args[4]

$print.Comment = $args[5]

$print.DeviceID = $args[6]

$print.Put()

}

function CreatePrinterPort {

$server = $args[0]

$port = ([WMICLASS]”\\$server\ROOT\cimv2:Win32_TCPIPPrinterPort”).createInstance()

$port.Name= $args[1]

$port.SNMPEnabled=$false

$port.Protocol=1

$port.HostAddress= $args[2]

$port.Put()

}

$printers = Import-Csv c:\printers.csv

foreach ($printer in $printers) {

CreatePrinterPort $printer.Printserver $printer.Portname $printer.IPAddress

CreatePrinter $printer.Printserver $printer.Driver $printer.Portname $printer.Sharename $printer.Location $printer.Comment $printer.Printername

}

Step6: run the scrip

Log on to new Server 2012/R2 print server. Open PowerShell as an administrator. Run the above script. You have to tweak little bit such as additional drivers. Amendment of print properties. But this is little effort than creating entire print server manually.

Further reading:

install unsigned drivers

FF TMG 2010—Can future be altered?

I read the following articles about Microsoft Forefront TMG 2010. I was shocked by the news. TMG 2010 is one of the beautiful product Wintel Engineers and Security Administer can be proud off. I believe I am one of the biggest admirer of Forefront Product lines.

                                                                    Death of TMG? by Deb Shinder 

What will happen with TMG?

The demise of Threat Management Gateway: Is Microsoft backing away from the edge?

I would like to voice my own opinion on this matter. I am sure I will find lots of similar minded techie out there who would love to share same opinion as me. I would like to send an open request to Microsoft Corp and MVPs to pursue for an advanced version of TMG that incorporate cloud security and address modern day security challenges.

I decided to write on a different perspective of TMG 2010 what I would like to see next service pack of Forefront Threat Management Gateway or in a future version if there is one. This is not an official account of Microsoft Corp. This is just my wish list. I hope and cross my finger that Microsoft will listen to those who are on the field working for a better and even bigger Microsoft community.   

FF TMG 2010: Here is details of evolution of today’s TMG 

image

TMG 2010 can be more advanced in terms Firewall Policy, Publishing Rules and Cloud Security. TMG 2010 may be available in Downloadable virtual Appliance build on Windows Server “Code name 8” and physical appliance through the Microsoft partners program. Microsoft declared TMG 2010 is in sustainable mode and will not invest on TMG for further development so my dream to administer TMG administration console via internet explorer and Silverlight will be just a dream. I would like to see TMG service pack as separate installed and TMG 2010+SP3 integrated together in a installer for those who wants to refresh TMG and adopt as a new customer.

Topology and Installation Changes: I would like to see a Hyper-V network incorporated into TMG. As you all know when installing TMG, TMG installer prompt you for subnets of Local area network. The new version will prompt you to add your cloud networks in an installation window. The installer will secure the local area network and private cloud network using default configuration which you will be able to modify and align later on with your desired topology and network layout.  

image

Incorporating Cloud Security:

clients and partners have serious concern over the years about Service provides who sells cloud solutions. For example, service provider selling Exchange cloud, SharePoint cloud, Anti-Spam  and Security Cloud Solution. There are questions to be asked when you buying public cloud solutions. This is not just having a hypervisor and virtual center. what about application security, identity and governance. How would to address your client’s concern of internal threat and external threat. How client will trust a provider when they place their data in somewhere service provider’s cloud.

Microsoft can/should/must address these issues by providing Security as a service. Forefront TMG can play a key role if Microsoft is willing take a step ahead to the bottom line.

  • Application security
  • Privacy
  • Legal issues
  • Availability
  • Identity management
  • Compliance
  • Business Continuity and data recovery
  • Data Security

Firewall Rules: New Publishing Tools in Tasks pan should include

  • Publish FTP Servers
  • Publish Lync Server
  • Publish Streaming Media Server
  • Secure Cloud Network

image

Configure IM and Social media policy: Web Access Policy Tasks Pan should include

  • Configure IM Access (Allow/Deny Skype/Lync/MSN/Yahoo Messenger)
  • Configure Social Media Access (Allow/Deny Social Media such as Twitter/FaceBook/Google+/Youtube)

image

Networks: Network rules incorporate a build-in cloud network and network rules establishing communication from LAN to Cloud network and External to Cloud network. During installation of TMG; allow rules to be configured automatically when selecting Hyper-V Server in DMZ.

image

Multicast NLB Configuration: NLB Properties should be added another check box to create firewall rule for Multicast NLB in a virtualized environment. That means Multicast NLB mac address can communicate within array members in a virtualized environment if there is strict security policy deployed through out the infrastructure.

image

List of New Protocol available: New Protocols includes following protocols and many more:

  • Cloud Protocols
  • Lync Protocol
  • Hyper-v Protocols

image

Generate offline Certificate request: There should be an option to generate offline certificate request in Systems>Tasks pan.

image

Integrating Bing Search with TMG 2014 Cache: Search result cached in TMG from Bing Search Engine and presented to client.

Bandwidth Management: TMG should be able to manage bandwidth by single user, multiple users, AD Security groups, IP address, Computer Name, Department, Site, Branch.

Configure Branch or Site TMG Server: Option can be selected during installation of TMG 2010+SP3 (integrated installer) whether TMG is a primary site or branch site. Selecting Branch Site will auto configure site server with site to site VPN (if selected) and even replicate with primary sites firewall rules and policies (depending on topology). when installing a branch TMG branch TMG will automatically create branch cache depending on selection of topology .

Reporting: Following are the examples of the reports will be available in TMG 2010 SP3. there will be many more.

image

  • User based report
  • AD Security Group Based report
  • Web Site Visited
  • IP Address visited
  • Web/Content Uses report
  • Download reports by users/Group/Department
  • Bandwidth Uses report
  • Caching report
  • Search Engine Visitor by Search Engine report
  • Real Time/Custom Traffic report
  • Traffic Trending report
  • Top 20 Net users
  • Top 20 Site Visited
  • Default Monthly report
  • Default Yearly report
  • TMG Health report

Audit and Change Management: TMG will include complete change manage and recording of Tasks/Events generated by role based user and systems itself.

Role based TMG management: TMG Workgroup Deployment and Domain Member deployment should include RBAC management.

  • Administrator
  • Organization Administrator (member of this group manages cluster of Arrays )
  • Backup operator (Commvault/Symantec Client/SCDPM client integrated)
  • Auditor/User (view permission)
  • Firewall Rules and Web Access Policy Operator
  • Single or Multiple array administrator

Tool Box: Pre-installed BPA, Troubleshooting, Monitoring & Capturing  Real Time Traffic.

Learn more about TMG here .

Backup, restore or migrate Print server in easy steps

Have you added a print server to your DRP work sheet? It is absolutely necessary when you have hundreds of printers in your print server/servers. Here is a solution for backup/restore/migrate print server.

Print migration 3.1 has been replaced with printbrm.exe i.e. print management in Vista. It easy to migrate print server whether it is x64 or x86 bit print server. It is very handy tool for system admin to backup print server after adding new printers in print servers or modifying network config in printers. Vista print management will save lots of time if disaster knocks on the door. If you don’t have Windows Server 2003 R2 (inbuilt print management) and you are in catastrophe then you can restore printers in few steps and all in GUI mode if you backed up printer drivers and config.

Backup printer drivers and config

From windows vista machine, open the Administrative Tools , and then click Print Management

image

Right click on print management, Click Export printer queues and printer drivers to a file, and then click Next

  image

Type name of the print server on the network then click next

image

You will be presented with all the available printers in print server, click next

image

Type the location where backup will be saved, click next

image

Wait until export/backup complete, click finish. Now a complete backup has been performed and saved in preferred location. Make sure you got a backup file name.printerexport

image

Restore /Import printer drivers and config

to restore print server to different server, open print management from administrative tools in vista machine, right click print management, select import, click next

image

type source of backup file i.e. name.printerexport file, click next

image

You will see a list of printer, you backed up, click next

image

Write destination print server name (netbios name) on the network, click next

image

Command line help for Printbrm.exe

Open command prompt, go to c:\windows\system32\spool\tools

To backup type

Printbrm.exe –B –S \\SourceServerName –F \\UNCPath\name.printerexport

To restore

Printbrm.exe -R -S \\DestinationServerName –F \\UNCPatch\name.printerExport

Printbrm.exe /?

image

Note: Vista print migration tool compitable with windows 2003 print server and windows 2008 print server.