When you publishing printer queues on Active Directory, by default the printer spooler save the shared printers info as object inside the printserver computer object.
On DC (generally the site DC of the printserver) by default is running a printers pruning; this job check if the printserver is reachable and if the printer is still shared and if not, delete the printQueue object from AD.
- Printserver publish by default the printers only at startup (if you what to force the printer publishing just restart the printspooler service)
This Setting is managed by “Computer Configuration / Administrative Templates / Printers / Check Published State”
- Dc try to contact the prinserver/printer for 3 time every 8 hours. If for 3 time the prinserver/printer is not reachable then will be unpublished.
This Setting is managed by “Computer Configuration / Administrative Templates / Printers / Allow Pruning of Published Printers”, “Directory Pruning Interval”, “Directory Pruning Retry”
uses ADSI calls ( ADsGetObject, IID_IDirectorySearch->ExecuteSearch) to get the
list of all the printQueue servers in the AD.
To check whether the server is in same site it uses Winsock call (gethostbyname)
and other net APIs (DsAddressToSiteNames,DsGetDcSiteCoverage).
To check if the print queue\print server availability it uses OS APIs
So all the work by pruner is done using ADSI, WinSock and OS functions.”
Can happen that for some firewall/network misconfiguration, a DC start to pruning some/every published print queues on regular basis. To find which DC is making too much cleaning, we first try to find the deleted printQueue object:
Find deleted Object
- Run ldp.exe as Domain Admin.
- On “Connection” menu click “Connect”. You can leave the server name black to connect to the DC on your site.
- On “Connection” menu click “Bind”
- On “Browse” menu click “Search”. Select the “Base DN” of the domain where you want to retrive tombstones. In “Filter” box use filter “(objectclass=printQueue)”. Under “Scope” select “Subtree”. Click “Options” and under “Search Call Type” select “Extended”. Then add “1.2.840.1135184.108.40.2067” on “Active Controls” using “Check in”.
- Close “Search Options” and on “Search” dialog box, click “Run”
- On results, find your deleted printer and copy the CN of the deleted printQueue:
Find origin of change
Then using repadmin you can find from where this object was updated:
repadmin /showobjmeta [myDC] [CN of object]