0

I'm trying to match two users for a secure print scenario:

a) the owner of a printjob, logged in on a windows client and performing a print job to a secure print system via LPR The windows client is connected directly to an azure AD

b) to fetch the printjob from the secure print system I am performing an authentication via graph API, the user is logging in with the UPN but I can get some attributes like displayName etc.

On the windows 10 client

-> Login via UPN
Whoami /USER returns: MaxMusterman_rcai04e
Whoami /UPN returns Max.Mustermann1@domain.com

The "owner" of the printjob printed by LPR is "MaxMusterman_rcai04e"

So far I have not found a way to "find" this user detail via graph api to be able to "match" the user logged in on the secure print system with the actual owner of the printjob.

This is also a test what happens if two users have the same displayName.

Another account exists:

User1:
UPN: Max.Mustermann@domain.com
DisplayName: Max Mustermann
PrintjobOwner: MaxMustermann
User2:
UPN: Max.Mustermann1@domain.com
DisplayName: Max Mustermann
PrintjobOwner: MaxMusterman_rcai04e

What I have tried:

https://developer.microsoft.com/en-us/graph/graph-explorer
https://graph.microsoft.com/v1.0/me
https://graph.microsoft.com/v1.0/users/Max.Mustermann1@domain.de/identities

I cannot find the desired owner of the print job or any way to deduce it programatically so far.

Niklas Heikamp
  • 1
  • 1
  • Hi @NiklasHeikamp, did the suggested solution work for you? Do let me know if it solved your problem else share more details so I can troubleshoot or else do accept it for helping other community members. – Kartik Bhiwapurkar Jun 22 '22 at 18:11

1 Answers1

1

• You can surely get the owner of the desired print job through Microsoft Graph API by querying a particular print job owner. But you cannot get the list of print jobs by filtering or mentioning the name of the print job owner. Thus, you can get the whole list of print jobs that have been given through a printer and then you can filter the output for the jobs of a particular print job owner as below: -

Command for getting the list of print jobs for a printer: -

GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs

• Output for the above command includes the section for ‘createdBy’ for every print job displayed in the results. Thus, we can filter the jobs based on owner name by modifying the graph API query as by applying filter based on the UPN as below: -

GET https://graph.microsoft.com/v1.0/print/printers/{printerId}/jobs$filter=createdBy/userPrincipalName eq '{upn}'

Where ‘{upn}’ is the user principal name of the associated user.

To get more detailed information regarding the above commands, kindly refer to the documentation link below: -

https://learn.microsoft.com/en-us/graph/api/printer-list-jobs?view=graph-rest-1.0&tabs=http

Kartik Bhiwapurkar
  • 4,550
  • 2
  • 4
  • 9
  • Sorry but I think you misunderstood the szenario I described, or my described was flawed. The job is not printed to an azure cloud The Windows Client is sending a print job via LPR (515) to a remote printing system which can gather and store print jobs until they are released via another app. The user logged on has a UPN, but windows does not send print jobs using the UPN if LPR transfer is used. In my tests the print job owner used in the LPR protocol was always some truncated form of the users displayName attribute. – Niklas Heikamp Jun 06 '22 at 18:40
  • I understood that the display name was used in your case but would suggest you to please use the UPN of that user to get the print jobs from the remote printing system through Microsoft Graph as stated above in the answer. – Kartik Bhiwapurkar Jun 07 '22 at 09:37