Printing from AzureAD workstation to printserver is slow

Question

We experience a lot of problems with (slow) printing in a network from one of our cliënts (Verbeek) and it's getting frustrating finding the cause.

 

The problem started after we (Tel-It) migrated the environment from on premises AD to Office 365/AzureAD. Everything worked fine before migrating. In the old situation we had a (Hyper-V) virtual Microsoft 2016 server as printer server, serving a local domain. This worked fast with no delay.

 

In the new environment we have a VMWare ESXi server, version 7.0 update 2. On this VMware server thare are two virtual hosts:

1. Microsoft server 2022 (which is not an AzureAD member);
2. A windows 10 client configured as with Azure AD client computers.

 

We experience the following:

The first print always takes a long time to reach the printer. It sometimes takes up to 30 seconds before the printer to start printing (before migration it was 4 seconds on that same printer). Between the prints there is a lot of delay, sometimes even between pages. So printing is frustrating, knowing that the old situation was much faster.

Also is connecting to a shared printer with a third party driver a real challenge.

 

Things we tested:

• Ajust the registry concerning the PrintNightmare update: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint RestrictDriverInstallationToAdministrators = 0 (improved the connectivity);
• Tested performance on the VMWare server. The Server 2022 has 16 cores and 16Gb of memory (21% used). The Windows 10 printserver has 8 Vcores and 8Gb of memory (71% used). The networkcard is not busy;
• Tested network performance, no issues found;
• Export the printers with printmanager from the old Windows 2016 server and import the printers with printmanager on Windows 2022 server (no result);
• Export the printers with printmanager from the Windows 2022 server and import the printers with printmanager on (AzureAD connected) Windows 10 client (no result);
• Reinstalling and sharing the printers on Windows server 2022 with the latest drivers ;
• Export the fresh installed printers with printmanager from the Windows 2022 server and import the printers with printmanager on Windows 10 cliënt (no result);
• Changes advances printer settings to "Start printing when last page is receiver in queue". Prints are rendered on the client.
• Changed TCP/IP printerport settings (SNMP switched off and set to RAW mode);
• Configured Universal Printing with 1 printer (the delay was 7 seconds, too slow);

 

My questions:

What is causing the delay?

Is this a known problem?

Are there other things we could test to find the problem?

Answer 1

@Niels | Tel-it

The print spooler by default uses the high TCP/IP port range when making a connection to a shared printer. When the high range is blocked this usually adds 45 seconds to the first job submission as the client and server negotiate to a connection method supported by Server 2003.

You will need that registry setting so standard users can download the software from the print server. That software == a print driver.

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint RestrictDriverInstallationToAdministrators

If you are blocking the high ports, can you open them up?

Microsoft published a recent article for setting the spooler on a static port number. I'd need to trace through some notes if you need that.

Thanks