Printer mapping script to add printers based on AD groups

Techie365 26 Reputation points

hello! I am looking for help with a powershell or vbs script that's simple and can add printers filtered by group.

what we've done is created an AD group for each printer and corresponding default printer. for example: AD group called DefaultPrinter - HRPrinter, and Printer - HRPrinter

then we simply add remove those groups to the user in AD to get them the right set of printers and default.

we have a lot of printers and complex settings, doing it through GPO will likely bog down and login times and so on. Hoping to overcome that hurdle by using a script of some kind instead we can add to user accounts as a login script

Also does anyone have an opinion on powershell vs vbs in terms of speed? there are like 50+ printers

what we are looking for is a simple script that can be tied to those AD groups and perform various actions:
for example, members of AD group Printer - HRPrinter get \printserver\hrprinter and members of DefaultPrinter - HRPrinter get the \printserver\hrprinter as their default

we would repeat for say marketing, legal, sales and so on. if sales wanted the HR printer, we would simply add the user to the Printer -HRPrinter group and this script would take care of the rest.

Anyone have ideas on a simple script to do this?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
4,334 questions
Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
4,896 questions
{count} votes

3 answers

Sort by: Most helpful
  1. Ian Xue (Shanghai Wicresoft Co., Ltd.) 19,141 Reputation points Microsoft Vendor


    The links below could be helpful

    Best Regards,
    Ian Xue


    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Techie365 26 Reputation points

    that didn't help, we need a script that doesn't slow down login and can essentially look at AD groups to either assign printer, assign and set as default or remove a printer if not a member of the specific printer gropu

    so for example of the 100+ printers there are two groups for each in AD as an example

    HP400 printer
    HP400 Default Printer

    if you are member of the default printer group, it will map and set printer as default.
    If you are member of the "Hp400 printer" group, it only will ad as a printer and not mess with defaults.

    if you are not a member of HP400 printer but had it previously, next time you login it should remove it.

    right now we use KIXSTART to do first two conditions (add printer or add printer and set as default). need to figure out how to remove printer if user is not member of the correct AD group

    also kixstart has lot of overhead with script so login is slow while it processes. trying to use powershell to make this go faster

    0 comments No comments

  3. Rich Matheisen 39,261 Reputation points

    I have only one machine and no AD to work with so I don't know if this will work, but it should get you started.

    $ConsoleUser = Get-WMIObject -class Win32_ComputerSystem | Select-Object username
    $AllowedPrinters = Get-ADUser -Filter {Name -eq $ConsoleUser} -Properties memberOf | # verify that "Name" is the right property to use in filter!
                                $grpname = (Get-ADGroup $_).name
                                $printername = ""
                                if ($grpname -like "Printer - *" -or $grpname -like "DefaultPrinter - *"){
                                    $printername = $grpname.substring($grpname.lastindexof(" "))
    # get all networked printers -- I think this returns only the printers for the current user and not ALL printers!
    $InstalledNetPrinterNames = Get-WMIObject Win32_Printer | Where-Object {$_.Name -like "*\\*"} |
                                        ($_.Name -split "\")[3]
    # remove printers that are installed but shouldn't be
    $InstalledNetPrinterNames |
            if ($AllowedPrinters -notcontains $_){ 
                Remove-Printer $_
    # add printers that are allowed but not yet installed
    $AllowedPrinters |
            if ($InstalledNetPrinterNames -notcontains $_){
                # Add the network printer name ($_) here
    0 comments No comments