How to programmatically search a printer in Active Directory

Question

Attempting to find printers / shares in Active Directory using C#.

This is my sample code that works for users however I cannot seen to be able to find a printer using the same concept. (I am new to Active Directory).

    DirectoryEntry entry = new DirectoryEntry();
    entry.Path = "LDAP://xxx.xxx.xx.xx/CN=Printers;DC=domainName, DC=com";
    entry.Username = @"domainName.com\Administrator";
    entry.Password = "admin";

    DirectorySearcher search = new DirectorySearcher(entry);
    search.Filter = "(objectCategory=printQueue)";
    SearchResult result = search.FindOne();

    if (result != null)
    {
        ResultPropertyCollection fields = result.Properties;

        foreach (String ldapField in fields.PropertyNames)
        {

            foreach (Object myCollection in fields[ldapField])
                Console.WriteLine(String.Format("{0,-20} : {1}",
                              ldapField, myCollection.ToString()));
        }
    }

Any assistance would be greatly appreciated.

score 5 · Accepted Answer · answered May 06 '12 at 11:24

In contrast to users (CN=Users) there is no CN=Printers container in Active Directory after installation.

Printers are published in Active Directory in the releated computer container. What does releated computer container mean? Well, open Active Directory Users and Computers MMC snap-in and follow this procedure:

Select advanced features in the view menu.
Select Users, Contancts, Groups and Computers as containers in the view menu.
Navigate to the computer object (which is now displayed as container) your printer belongs to.
Click on the plus sign of the computer container. There you will see the printer object.

So, you see printers are published in Active Directory in the releated computer container (the printer belongs to) and not in one common container such as CN=Printers.

So, to search for a printer object in Active Directory, you have to specify a different LDAP path. For example you could specify the root of your Active Directory as the search root:

using (DirectoryEntry entry = new DirectoryEntry())
{
  entry.Path = "LDAP://xxx.xxx.xxx.xxx/DC=domainName,DC=com";
  entry.Username = @"domainName.com\Administrator";
  entry.Password = "SecurePassword";

  using (DirectorySearcher search = new DirectorySearcher(entry))
  {
    search.Filter = "(objectCategory=printQueue)";
    SearchResult result = search.FindOne();

    if (result != null)
    {
      ResultPropertyCollection fields = result.Properties;

      foreach (String ldapField in fields.PropertyNames)
      {
        foreach (Object myCollection in fields[ldapField])
          Console.WriteLine(String.Format("{0,-20} : {1}",
                          ldapField, myCollection.ToString()));
      }
    }
  }
}

Of course, you could also specify as search root the LDAP path to the computer where your printer is shared on. For example if your printer is shared on a computer called server10 and this computer is located in the CN=Computers container, then specify this LDAP path:

LDAP://xxx.xxx.xxx.xxx/CN=server10,CN=Computers,DC=domainName,DC=com

If you share a printer on the domain controller then the LDAP path is slightly different (because by default domain controller computer objects are located in the OU=Domain Controllers organizational unit):

LDAP://xxx.xxx.xxx.xxx/CN=DomainControllerName,OU=Domain Controllers,DC=domainName,DC=com

Hello, Thank you so much! I have another Active Directory question: I see in the properties returned for a printer there is no ACL (Access Control List), is it possible to find out who is supposed to have access to a printer from Active Directory? (Using C# path and search filter) — acolene, May 06 '12 at 11:28
@acolene: Which ACL do you mean? For the printer object in active directory or for the printer share? — Hans, May 06 '12 at 11:43
@acolene: As far as I know, the ACL for the printer share is not stored in Active Directory. — Hans, May 06 '12 at 14:19
One last question. Can I search for a share the same way i search for a printer? If so what is the ObjectCategory value for SharedFolder? — acolene, May 06 '12 at 15:25
@acolene: Yes, you can search for shares in Active Directory. Of course, the object for the shared folder must exist. The objectCategory for a shared folder is 'Volume'. — Hans, May 06 '12 at 16:24
Thanks. Worked perfectly. I looked for a list of the objectCategories online but did not find one. Thanks again for your help. — acolene, May 06 '12 at 20:41
@Hans, +1 for your answer , after you search for the printer in AD is there a way to add/map that printer, I've been searching this for a while, couldn't find any article on that, thanks in advance — Clint, May 30 '18 at 07:00

How to programmatically search a printer in Active Directory

1 Answers1

Linked