I abandoned my print servers and deployed local queues via SCCM
[Driver App - System Context - No Deployment]
Install script:
cscript c:\windows\System32\Printing_Admin_Scripts\en-US\prndrvr.vbs -a -m "Xerox GPD PCL6 V5.810.8.0" -h "%~dp0UNIV_5.810.8.0_PCL6_x64_Driver.inf" -i "%~dp0UNIV_5.810.8.0_PCL6_x64_Driver.inf\x3UNIVX.inf"
Detection:
cscript c:\windows\System32\Printing_Admin_Scripts\en-US\prndrvr.vbs -l | findstr /c:"Xerox GPD PCL6 V5.810.8.0,3,Windows x64"
[Port App - System Context - No Deployment]
Install script:
cscript "C:\Windows\System32\Printing_Admin_Scripts\en-US\Prnport.vbs" -a -me -r v1_10.10.10.10 -h 10.10.10.10 -o raw
netsh advfirewall firewall set rule group="SNMP Trap" new enable=Yes
Detection:
cscript "C:\Windows\System32\Printing_Admin_Scripts\en-US\Prnport.vbs" -l | findstr /c:"Port name v1_10.10.10.10"
[Queue App - User Context - User Deployment - Dependency: driver and port apps]
Install script:
cscript "C:\Windows\System32\Printing_Admin_Scripts\en-US\Prnmngr.vbs" -a -p "HR Printer" -m "Xerox GPD PCL6 V5.810.8.0" -r "10.10.10.10"
Detection:
cscript "C:\Windows\System32\Printing_Admin_Scripts\en-US\Prnmngr.vbs" -l | findstr /c:"Printer name HR Printer"
Kind of crazy to just abandon our print servers but at least now we have a secure and workable foundation to migrate to.