Re: RDP Printing by station

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Hey TP,

the stations that are to be denied printing at not going to typically
have static IPs. In some cases we will be able to give them statics,
but overall it's not something that I can count on being able to
control at every customer site.

I'm planning on using both auto created printers (redirected) and
network printers configured on the terminal server(s) with the printers
physically located at the customer site.

A more specific idea of the customers and reasons for this might help.
The scenario is actually for medical software and regulations stipulate
that you must be able to deny certain computers (in a exam room for
instance) from printing from that application.

The application used generally is a custom application so it could
definitely be changed. The best way that I can think of would be to
allow/deny based upon the MAC address since they will be unique (in
theory at least!) and we can add those addresses to an approve/deny
list within the application. So the application would have to be
changed to obtain the MAC address of the Terminal client for that
session and compare it to the predefined list.

If my way of thinking is correct, then my question is how would one
request the MAC address of the terminal client session? (This is why
I'd also inquired if the WTSClientHardwareId references the MAC address
of the client.)

One last question...if the
WTSQuerySessionInformation/WTSClientHardwareId is the solution, does
anyone know if these queries work when pointing at a Mac OS X RDP
client?

Thanks again!

On Dec 12, 3:02 pm, "TP" <tperson.knowsp...@xxxxxxxxxxxxxxx> wrote:
Will the stations that printing is permitted from be
connecting via known static ip addresses? It is
okay if they will be behind a NAT, as long as
you know the public ip.

For example, you want User1 to be able to print
when she is located at a remote work site, but
prevent her from printing when she is located at
home. The remote work site has a static ip
address that you know, but at home the address
is dynamic.

I assume you are referring to auto-created printers?

What application(s) do you need to prevent them
from printing from? If these are custom apps, do
you have access to modify the source code if
necessary?

I am asking about the applications because that
will give us more flexibility/options for a solution.

-TP

flippergo...@xxxxxxxxx wrote:
Hi All;

I will be implementing an app on a group of terminal servers and am
running into an issue that I haven't got figured out yet. Please, if
this is the wrong group feel free to suggest another for me!

The environment will be a group of 2003 terminal servers locally with
an app and database installed local to them. The RDP clients will be
connecting from remote sites and/or home users. The RDP client
machines will NOT be part of the AD domain that the Term Servers
participate in. Those client computers are also not under my
jurisdiction, therefore I can not impose security restrictions on them
other than via terminal services.

So, the problem is that I have to be able to disallow certain stations
from being able to print at all through terminal services.

For example:
Station 1 is allowed to print.
Station 2 is not allowed to print.
User 1 is allowed to print.

So, allowing/disallowing print access is easy on a per-user basis, and
if the terminals were part of my AD domain then I could deal with
station level printing, but since they are connecting to terminal
services I'm stumped. I need user #1 to be able to print from Station
1 but not from Station 2.

I've reviewed WTSQuerySessionInformation on MSDN, but not being a
programmer I don't really understand this from a practical sense.
From a general perspective what steps should I be taking to deal with
this?

Secondly, in the WTSQuerySessionInformation, is the
WTSClientHardwareId the MAC address of the RDP client?

Thank you in advance for any suggestions!

Jef

.

Relevant Pages

  • Re: RDP Printing by station
    ... Will the stations that printing is permitted from be connecting via known static ip addresses? ... For example, you want User1 to be able to print when she is located at a remote work site, but prevent her from printing when she is located at home. ... Station 2 is not allowed to print. ... if the terminals were part of my AD domain then I could deal with ...
    (microsoft.public.windows.terminal_services)
  • Re: Ibiquitys "Gag Order" on engineers
    ... And it does bear fruit...both for the end client and the station, which means it also bears fruit for the agency. ... One of the hottest things for a parent to do was to put their kid on the phone to the radio station. ...
    (rec.radio.shortwave)
  • Re: hostap TX fix in 5.x [Fwd: Re: wi hostap speed]
    ... the client side can be anything compatible. ... Demarc PRISM 200mw PCMCIA. ... Station ... the hostap station itself - the speeds do not change. ...
    (freebsd-current)
  • op-locks
    ... wir hatten heute auf unseren NW 6.5 SP 8-Servern massiv Probleme mit der meldung "station x timed out waiting for an op-lock on file y held by station z" ... Also bei Station z nachgeschaut: Novell Client Eigenschaften: Windows XP Sp 3, Novell Client4.91 SP 5, Erweiterte Einstellungen, File Caching war "Ein". ...
    (de.comp.sys.novell)
  • Re: Ibiquitys "Gag Order" on engineers
    ... easy, David, but if a station can make an agency/client see a potential ... First, save a rare all radio campaign, ... agency, except in commissions. ... But the main point is that agencies will not go back to a client to change ...
    (rec.radio.shortwave)