Universal Print Administrator Roles

  • Article

Using Universal Print's integration with Azure Active Directory (Azure AD), you can designate limited privilege administrators to manage printers. Universal Print introduced two roles into Azure AD:

Name Description
Printer Administrator Users in this role have full access to manage all aspects of printers in Universal Print.
Printer Technician Users in this role can register and un-register printers and set printer status.

Visit Azure AD administrator roles for information about other roles.

Assign Limited Admin Role through Azure portal

Follow instructions at Azure AD's View and assign roles to view and assign users to specific roles.

Assign Limited Admin Role using PowerShell

Azure AD offers the ability to use the AzureAD PowerShell module to assign users to any administrator role.

1. Install AzureAD Module

From Admin PowerShell prompt:

Install-Module -Name AzureAD

Note

You will need to accept to install the module from PSGallery, which is considered to be an un-trusted repository.

2. Connect to Azure tenant

Connect-AzureAD

Note

Use a Global Admin user account.

3. Check if Printer Administrator role is already enabled

Get-AzureADDirectoryRole

If you see "Printer Administrator" in the results then it is enabled and you can just start assigning members.

If you do NOT see "Printer Administrator" in the results, run:

Enable-AzureADDirectoryRole -RoleTemplateId "644ef478-e28f-4e28-b9dc-3fdde9aa0b1f"

4. Assign user accounts to Printer Administrator role

Add-AzureADDirectoryRoleMember -ObjectId "83e34fcb-2028-40f0-8d37-f84ebd9ece84" -RefObjectId "1319811c-4837-4e2e-bf62-45c80a3dd0c4"
Parameter Description
ObjectId The Printer Administrator role object from the "Get-AzureADDirectoryRole" call. In my test tenant it is "83e34fcb-2028-40f0-8d37-f84ebd9ece84".
RefObjectId The user account's object ID in Azure AD. This can be found at Azure portal.

Once complete, go to the Azure portal and look at the "Assigned roles" of the user account to verify.