Solving your printing problems with Windows Server and Azure

Solving your printing problems with Windows Server and Azure
5/9/ :43 AM BRK2136 Solving your printing problems with Windows Server and Azure Jimmy Wu Senior Program Manager © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Overview of Microsoft’s hybrid cloud print solution
5/9/ :43 AM Agenda Overview of Microsoft’s hybrid cloud print solution Why and when to use this solution Step by step configuration Demo Q&A © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Overview Current problem in the market
5/9/ :43 AM Overview Current problem in the market Non-domain joined devices cannot print to managed printers In-market 3rd party solutions often require user to remember separate credentials ing file attachment to print does not provide seamless experience What is Microsoft’s hybrid cloud print solution? Print solution for corporations looking to support print functionality for BYOD and Azure AD joined devices. What does it offer? Single sign-on (SSO) user authentication & seamless print experience Leverage existing Print Server infrastructure Option to support printing while away from corporate network © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows 10 – Printer Installation UX
5/9/ :43 AM Windows 10 – Printer Installation UX © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Reasons to deploy this solution
5/9/ :43 AM Reasons to deploy this solution If you want… You should… Benefits Deploy Windows 10 S devices into the existing AD & Print Server environment Deploy Microsoft’s hybrid cloud print solution You can stage hardware and software refresh cycles without impacting existing deployment Deploy Azure AD joined devices into the existing AD & Print Server environment Support MDM managed BYOD Users can use their own device and entities reduce cost of owning and servicing hardware Support printing while away from corporate network Configure support for Azure App Proxy Improve efficiency by supporting printing on the go Support quickly bring up new branch offices Removes the need to build out the VPN/dedicated corporate network pipe © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Overview - Architecture
5/9/ :43 AM Overview - Architecture High level deployment sequence Setup Azure AD Connect to sync user identities Deploy Hybrid Cloud Print Install the Discovery service endpoint on an IIS machine Install the Windows Print service endpoint on each of the Print Servers in the organization Register the Discovery and Print service endpoints with Azure Active Directory Configure MDM policies to be provisioned to the client device Publish shared printers from the Print Servers to the solution Optional: Configure Azure App Proxy for Internet access Azure Active Directory BYOD device Intune or 3rd Party MDM Service Azure AD Join / Authentication Device Policy Discovery / Print Azure AD Connect Authentication Azure App Proxy Internet IIS Endpoints Discovery Services Windows Print Active Directory On Premises Print commands Windows Print Server Printer (min. req. Windows Server 2016) © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Deploying Hybrid Cloud Print
5/9/ :43 AM Deploying Hybrid Cloud Print In a PowerShell window run “Install-Module -Name PublishCloudPrinter” “Import-Module PublishCloudPrinter” Navigate to the installed module directory “CloudPrintDeploy” Install SQLite binaries Create SQLite DB Assign ACLs for printer Administrators Update IIS web.config Configure IIS SSL certificate © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Register IIS Endpoints with Azure AD
5/9/ :43 AM Register IIS Endpoints with Azure AD Under Azure Active Directory go to App Registrations Add the 2 IIS Endpoint services as Web apps Add a separate Native app Add the required redirect URLs Grant permissions for the 2 Web apps Grant all users permissions to the Native app © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Publish Shared Printers
5/9/ :43 AM Publish Shared Printers On a Win10 client machine that is Azure AD joined login as a Printer Admin group user Easiest during initial boot In a PowerShell window run PublishCloudPrinter Make sure the printer name in the PublishCloudPrinter PowerShell input parameter matches the shared printer name on the print server. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure App Proxy – Passthrough Auth
5/9/ :43 AM Azure App Proxy – Passthrough Auth Download and install the App Proxy connector on an on-premises machine Setup external URL for the 2 Web apps Upload appropriate SSL certificate Set user permissions Make sure “App ID URL” still match your MDM policy © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo Windows 10 User Print Experience 5/9/2018 11:43 AM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Links to online documentation
5/9/ :43 AM Links to online documentation Microsoft Hybrid Cloud Print Azure AD Connect Azure App Proxy .Net Frameworks 4.62 SQLite Tools MDM Policies © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Please evaluate this session
Tech Ready 15 5/9/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite Phone: download and use the Microsoft Ignite mobile app Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Appendix

Setup Prerequisite Create Azure AD tenant if needed
5/9/ :43 AM Setup Prerequisite Create Azure AD tenant if needed Ensure Azure tenant domain name matches your company’s registered DNS name Create an Azure tenant global admin user account © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Self-signed SSL Cert

PowerShell – CloudPrintDeploy
5/9/ :43 AM PowerShell – CloudPrintDeploy $LogFile = ".\CloudPrintDeploy.log“ Write-Host "** Installing Enterprise Cloud Print binaries" "** Installing Enterprise Cloud Print binaries" | Out-File $LogFile -append dism /online /Add-Capability /CapabilityName:Print.EnterpriseCloudPrint~~~~ Write-Host "** Installing Mopria Discovery Service binaries" "** Installing Mopria Discovery Service binaries" | Out-File $LogFile -append dism /online /Add-Capability /CapabilityName:Print.MopriaCloudService~~~~ Write-Host "** Adding WebServices" "** Adding WebServices" | Out-File $LogFile -append & $env:SystemRoot\system32\inetsrv\appcmd add apppool /name:"ECPAppPool" >> $LogFile & $env:SystemRoot\system32\inetsrv\appcmd set config /section:applicationPools /"[name='ECPAppPool'].processModel.identityType:LocalSystem" >> $LogFile & $env:SystemRoot\system32\inetsrv\appcmd set site /site.name:$WebSite /+bindings."[protocol='https',bindingInformation='*:443:']" >> $LogFile & $env:SystemRoot\system32\inetsrv\appcmd add app /site.name:$WebSite /path:/ecp /physicalpath:"$env:SystemDrive\inetpub\wwwroot\EnterpriseCloudPrint" >> $LogFile & $env:SystemRoot\system32\inetsrv\appcmd set app "$WebSite/ecp" /applicationpool:"ECPAppPool" >> $LogFile & $env:SystemRoot\system32\inetsrv\appcmd add app /site.name:$WebSite /path:/mcs /physicalpath:"$env:SystemDrive\inetpub\wwwroot\MopriaCloudService" >> $LogFile & $env:SystemRoot\system32\inetsrv\appcmd set app "$WebSite/mcs" /applicationpool:"ECPAppPool" >> $LogFile © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Manual MDM provisioning
5/9/ :43 AM Manual MDM provisioning © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

PowerShell – PublishCloudPrinter
5/9/ :43 AM PowerShell – PublishCloudPrinter PS C:\temp> publish-cloudprinter -Printer "EcpTestPrinter" -Manufacturer "Microsoft" -Model "File Printer" -OrgLocation '{"attrs": [{"category":"country", "vs":"USA", "depth":0}, {"category":"organization", "vs":"Ignite", "depth":1}, {"category":"site", "vs":"Orlando,FL", "depth":2}, {"category":"building", "vs":"Convention Center", "depth":3}, {"category":"floor_number", "vn":2, "depth":4}, {"category":"room_name", "vs":"2017", "depth":5}]}’ -Sddl "O:BAG:DUD:(A;OICI;FA;;;WD)" -DiscoveryEndpoint " -PrintServerEndpoint " -AzureClientId "be6a9c3b-0ce6-4f7e-8de1-8b8e2be81fbc" -AzureTenantGuid "8f40ea58-23ce-497e-a4dd-eca0a747e0ad" VERBOSE: Published EcpTestPrinter at with UUID 875e6f42-f2e9-58aa-9bc3-26c955aeb716 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Troubleshooting – PublishCloudPrinter
5/9/ :43 AM Troubleshooting – PublishCloudPrinter Error Code Description Action Item 0x‭ ‬ ( ) ERROR_FAILED_TO_ENCRYPT If using self-signed SSL certificate on the IIS endpoint, make sure the SSL cert is imported to the client into the ‘Trusted Root Certification Authorities’ certificate store Make sure the client device is Azure AD joined: Settings -> Accounts -> Access work or school -> Connect -> Join this device to Azure Active Directory -> Enter a user account that is in the tenant. 0x‭CAA20003‬ ( ) Error requesting OAuth token. WebTokenRequestStatus: UserInteractionRequired. If using Azure App Proxy, make sure the right user access permissions have been set in Azure AD Enterprise App properties / users and groups page. The user or administrator has not consented to use the application Make sure the Azure AD tenant’s global admin user clicks the “Grant Permissions” button for the Native Client app. Error – sending print job Make sure the printer name that is published through PowerShell script matches the name shared through Print Server. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Solving your printing problems with Windows Server and Azure

Similar presentations

Presentation on theme: "Solving your printing problems with Windows Server and Azure"— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Solving your printing problems with Windows Server and Azure

Similar presentations

Presentation on theme: "Solving your printing problems with Windows Server and Azure"— Presentation transcript:

Similar presentations

About project

Feedback