Help: Mass install several printers on several networks on several laptops

Posted by ValuableEarly673@reddit | sysadmin | View on Reddit | 41 comments

Let me set the stage:

I am on a special local government team that deploys nationally to disaster areas that may or many not have any infrastructure at all. In our cache we have 4 "internet in a box" devices and have to establish networks for the team to use and operate on. Along with the boxed internet we have several 10 printers, 5 plotters and 40 laptops.

The set up:

We have a fixed office location that has the primary network. Then the "internet in a box" devices each with their own networks which could be deployed anywhere. All 5 of these networks are interconnected via site to site VPNs so they can talk to each other, our NAS drives, or any of the printers.

Now no two missions are alike. The same printers, laptops, and boxed internet name not always go together from mission to mission. Because of this each laptop is programmed to reach each printer on any of the 5 networks.

Though some disaster areas have 0 cell services for internet and the satellites are swamped with everyone on them. In those cases they operate as a LAN with no internet but can still access the printers. Because of this potential we do not use print servers in case they can not be reached.

The issue:

While the system works flawlessly there are some drawbacks. I basically have to do 75 printer installs on 40 laptops (almost 3000 installs). Needless to say this is very time consuming whenever I need to replace laptops or printers within the system. The big limiter is once a printer is installed on a laptop I can simply add IP Ports for the other networks and pool them together. However windows wont allow an IP to be added unless the printer is physically on that network with that IP active which slows the process more.

So here I am...a broken man... reaching out to the great minds of Reddit to see if anyone has had a similar set up and knows a streamline way to do mass printer installs. Ideally some kind of program or script where I can set all the printers, their drivers, and their pooled IPs for all the networks and just hit send and poof the laptops got them. That might be wishful thinking but I feel there is a way out there that I haven't found or tried yet.

[-]

Hefty-Ad2513@reddit

These could be easily managed with a print solution (i would go with a more cloud print solution as "no more print servers")

[-]

RepulsiveDuck331@reddit

This is one of those "Windows printer subsystem will fight you every step of the way" problems and there's a real solution. We've done variations of this for multi-site MSP clients (smaller scale than yours but same shape — printers across N sites that need to be reachable from any laptop) and the pattern that works is going to feel familiar, but it's the gotchas where the wheels usually come off.

The core unlock: PowerShell Add-PrinterPort doesn't validate.

This is your specific pain point with "Windows won't allow an IP to be added unless the printer is physically on that network with that IP active." That's true through the GUI and the legacy Printers Control Panel. It's NOT true through PowerShell. Add-PrinterPort -Name "PrinterX_Net2" -PrinterHostAddress "10.2.1.5" will create the port without ever trying to reach the IP. This one fact changes the whole game for you.

The architecture I'd build for this:

Printer manifest as the source of truth. JSON or CSV file defining every printer in the cache: name, model/driver, and the array of IPs it could possibly have across all 5 networks. Version-controlled in a git repo so changes propagate consistently across the team.
PowerShell deployment script that consumes the manifest. For each printer:
Install the driver via Add-PrinterDriver (driver files staged locally, not downloaded)
Create one TCP/IP port per network IP using Add-PrinterPort (no validation, no need for printer to be online)
Create the printer queue using Add-Printer
For pooled ports, set port pooling via the Win32_Printer WMI class — Add-Printer doesn't expose this natively but it's a few lines of WMI to enable
Drivers pre-staged offline on every laptop. Use pnputil /add-driver to load all printer drivers into the Windows driver store at imaging time. Then the install script doesn't need internet or to reach the printer to find the driver. This is the piece that makes the LAN-only / no-internet scenario actually work in the field.
Idempotent script behavior. Running the script twice shouldn't duplicate ports or printers. Check for existence before creating. This matters because you'll want to re-run any time the manifest changes (new printer, IP change, model swap).

Driver matrix reduction — probably your single biggest win:

You said 10 printers and 5 plotters. If they're HP, look at HP Universal Print Driver (PCL 6 or PS). One driver covers most of their fleet. Same for Lexmark Universal, Konica Minolta Universal, Xerox Global Print Driver. If you consolidate even half your fleet onto two or three universal drivers, your install matrix gets dramatically simpler and your driver staging package gets much smaller. Won't help for truly specialty wide-format hardware, but for office MFPs and most standard plotters there's a universal that covers them.

Distribution mechanism for your scenario:

Given field deployability with potentially no internet, your realistic options are: - USB-stick deployment with a self-contained PowerShell package (script + driver files + manifest) - RMM push if you have an RMM that works in air-gap (most don't really) - Group Policy startup script if laptops can reach a DC via the VPN - Intune Win32 app (again, air-gap is the problem)

For your specific scenario, USB-stick with a signed PowerShell script is genuinely the most reliable answer. Build the package once, copy to a USB, run on the laptop, walk away. Not glamorous but it works in a tent in a disaster zone with zero signal, which sounds like a real requirement for you.

Gotchas worth knowing:

Driver signing. Modern Windows enforces signed printer drivers strictly. Make sure your staging step uses signed driver packages from the OEM, not random downloads, or Add-PrinterDriver will fail with confusing errors or fail silently.
Print spooler restart. Some driver changes don't fully apply until the spooler service restarts. Build a Restart-Service Spooler + sleep into your script before final verification, otherwise you get half-installed states that look fine until the user actually tries to print.
Port name length and format. There's an undocumented practical limit around 200 characters and certain special characters cause failures. Keep port names short and structured like PrinterName_NetX.
Pooled ports + bidirectional support. If you enable both bidirectional printing AND port pooling, Windows will sometimes flap between ports trying to query status from unreachable IPs. Recommend disabling bidirectional support on pooled-IP queues since it doesn't really work cleanly with this pattern anyway.
Type 3 vs Type 4 drivers. Type 4 drivers are more deployment-friendly (single driver, multiple models, easier to package). If you can get Type 4 drivers for your fleet, prefer them. HP Universal is historically Type 3 but they've shipped Type 4 versions for newer printers.
Microsoft IPP Class Driver. If you have printers that support IPP natively (most modern network printers do), you can use the built-in IPP class driver and skip the per-model driver entirely. Less feature-rich but dramatically simpler deployment story.

The 80/20 version if you were rebuilding from scratch:

JSON printer manifest checked into git as source of truth
PowerShell module that takes the manifest and a target laptop and does the full install
All printer drivers staged on a master image at laptop refresh time
USB-stick package that re-runs the install when the manifest changes
Universal print drivers wherever the fleet supports it, dropping per-model driver count

Build this once and your 3000-install problem becomes "plug in USB, run script, walk away for 5 minutes per laptop." From there, automating it for the office-connected case is just swapping the distribution mechanism — the script and the manifest don't change.

If you want the PowerShell module skeleton + manifest schema we use as a starting point, happy to DM. It's cleanly genericized and would save you a couple of weekends of reinventing the wheel.

[-]

shiranugahotoke@reddit

How do you handle software deployment and configuration on those laptops?
If you don’t have some kind of tool or process to do this in bulk you are going to have a lot of similar problems.

I’m a little confused about the need to print off site - why is that necessary? I can see why you’d need local printing, but is printing cross-site even a thing?

A powershell script and PS remoting is the first thing that comes to mind for me. Then you maintain a script or a set of scripts and hit the button to run it on 40 devices.

Universal print is probably not going to work if your local site doesn’t have internet.

I might possibly add to my “internet in a box” kit some kind of print server… although I’m not sure the best way to implement that with your situation that any given deployment can be different.
A print server lets you centralize the drivers and then the devices that need to print just need pointed to the print server location.

[-]

ValuableEarly673@reddit (OP)

software is the same go one by one on each laptop. the cross site printing inst always needed but kind of a site effect with how the system is set up. Usually some user error. Right now if someone wants to print to Printer 1 which is local but accidentally clicks printer 10 with is somewhere else the laptop will find whichever network printer 10 is on and print. Where is has been useful for cross site printing is our map guys who like to sit in warm offices can do the map designs on their high powered office PCs and print them right to us in the field.

I feel power shell is where the answer is at but trying some of the scrips Ive seen out there haven't worked the way I hoped.

I have the whole thing designed so that even the computer illiterate can deploy these systems and they just work.

[-]

jimicus@reddit

You absolutely need to quit depending on scripts someone else has written and get comfortable enough rolling your own unless you want to spend your entire career being frustrated by little issues like this.

[-]

shunny14@reddit

Is it possible in PowerShell to just find all printers on local LAN and add them? This is a question I would throw at AI/LLM and then start testing.

Alternately it’s really not that hard in my experience to add any printer in windows. I suppose you are probably trying to do everything for people but making a shortcut on the desktop to the add/remove devices settings page might give people some hints when they are stuck.

[-]

ValuableEarly673@reddit (OP)

not so much that its hard there are just a lot of them so its time consuming. I try to automate as much as i can so the end user doesnt have to fuss with it.

[-]

shunny14@reddit

You are misunderstanding what I am saying. Does 1 laptop really need to print to 75 printers? In the time it takes someone to select a printer from a list of 75 they could add the one they see locally.

And my powershell suggestion is based on I assume you don’t need to add all printers all the time. That the 4 network on boxes are separate and one might only see the 15 printers at a time. You only need to add what they can see on the LAN at that time.

[-]

yahuei@reddit

You can just loop theough your list of printer ip’s with test-netconnection -hostname $printerip -port 9100 if there is a response add it, if not skip or try to remove it to keep the list of printers manageable for the end user?

[-]

ARJeepGuy123@reddit

If the IPs of the printers is always known you (or your LLM of choice) could probably whip up a PowerShell script to probe for available printers at each boot and set them up accordingly

[-]

Less-Philosophy-1978@reddit

This is how we did it but there were no LLM smart enough back then

[-]

ARJeepGuy123@reddit

Oh definitely, I have written countless scripts on my own. But I'm not above using an LLM now that they're available 🤷🏼‍♂️

[-]

ValuableEarly673@reddit (OP)

All the IPs for everything are fixed and known which is what allows the system to do what it does. Just a pain to keep up with newer hardware as we deploy them.

[-]

ARJeepGuy123@reddit

Ok great, get to scripting, or just leave them all installed and let people use whichever printers don't say they're offline

[-]

ValuableEarly673@reddit (OP)

funny enough but the way its set up now the cross site printers show offline even though they arnt. probably a windows thing.

[-]

ARJeepGuy123@reddit

Windows generally uses SNMP for printer status, might be something you need to allow in your VPN/firewall

I'd look into the scrip to set up printers though, that is something chat or Claude could probably get going in an afternoon with some testing and a few revisions

[-]

joedotdog@reddit

Ideally some kind of program or script where I can set all the printers, their drivers, and their pooled IPs for all the networks and just hit send and poof the laptops got them.

If you can push a script, then yes, you can make this. Not hard to do, or ground breaking really.

I'm sure you'll stumble over many of the wildly available powershell scripts out there. Something to consider regarding scripting printers, it's not a 3 step, it's really a 4 step:

Install driver into driver store.
Install printer driver from driver store.
Create port.
Create object referencing port & driver.

[-]

KevMar@reddit

Here is how I would use powershell in this setup.

Power on and network connect all laptops at the same time.
Ensure that WinRM is configured properly for remote connectivity. This might require firewall changes if using multiple subnets or "public" network profile.
From one system, establish remote powershell PSSessions to all the other systems.
Then run whatever powershell script or commands in parallel across all of them to install the printer or install software or whatever configuration that's needed.

That's one of my favorite features of powershell. That same PSSession can be used to transfer files like installers or drivers.

[-]

scheumchkin@reddit

For our solution we have printer logic where you can set a DHCP range and force it to install printers if someone is within that range.

Alternative since I don't know your guys money situation would be scripts as that's the only way outside of paid product that I know of.

[-]

simonjakeevan@reddit

PrinterLogic installs the printers locally, so loss of Internet wouldn't prevent them from printing. If it's total loss of network then nothing will work right?

[-]

scheumchkin@reddit

The installs are local but I was under the impression that the check in for the automated installs required networking.

Now I could be wrong about that as I'm not entirely confident in this.

[-]

ValuableEarly673@reddit (OP)

yea unfortunately. If i could guarantee internet always this problem becomes very simple haha

[-]

MeIsMyName@reddit

My thought process would be to set all the printers to DHCP, and set up a DHCP reservation for each printer at each site. Since every site is going to have its own IP address range, this would allow the printers to be as "plug in and go" as possible at each site.

From there, you can either install all printers on all devices and dynamically update the printer ports/IPs with a script, or dynamically install the printers. Regardless, pre-loading all needed printer drivers on all systems will probably make your automation easier.

I haven't done this myself, but a script that pings or otherwise queries printers to see if they're alive at one of the designated IPs, and then executed one of the changes above seems pretty reasonable. You could also set the script to check and see if there's an update for the script on a network share, and if so, download it. Otherwise, use the locally cached copy.

[-]

MSP_Guy999@reddit

Since lack of internet might occur, I would have an LLM loaded on a cheap Mac mini (best for local LLM’s) and then test it out before the next disaster situation. The LLM should be able to do everything for you without the headache.

[-]

DefJeff702@reddit

The easiest most manageable way would be to deploy something like Printix. We use it when we don't have an on premise print server. You can create locations based on the Gateway MAC address or IP (if different between locations). Assuming the same printers will remain with the gateway, the agent will determine which location and printers they should have available. You can enable remote printing for those edge cases too. Once you've created your locations and assigned printers all that's left to do is deploy the agent. Easy script from RMM, group policy or intune policy with SSO for simple authentication. Bonus, you can manage drivers, default print settings, and printer status in one place. Obviously there is a cost but assuming even once deployed, you will still have to maintain and manage this fragmented system.

[-]

OkAssistance7072@reddit

Startup batch file with all printer IPs telling it to map only the ones it sees and remove all others. The laptops should already have all the drivers necessary if there aren't a bunch of different models.

[-]

Beautiful_Ad_4813@reddit

PrintLogic or Printix

[-]

Adam_Kearn@reddit

The best solution would be to use papercut and setup follow-me-print

Then you just install a single printer and users tap their ID cards to release prints.

——

You can also automate this all using powershell scripts to install the driver and map the ports automatically.

If you cant get papercut then I would just create a DNS entry called local-printer.company.internal

Then set that to the branch printer and have users print to this DNS name.

But just scripting this on powershell would be a lot easier.

ChatGPT could prob pump this out within 10mins of testing

[-]

Valkeyere@reddit

Powershell exists for things like this. Using the windows UI for ibstalling printers is the end user way of doing it.

The process shoudl look like: 1) Get the driver, import that (This is the most time consuming atep but you only need to do that once per printer model. Repackage the files into a .zip so you can dump and extract as step one of the script) 2) Create the port. 3) Create the print queue with the driver and port.

When you do it this way you dont need the printer to be on the network at all. Can prestage everything.

This is how Im pushing out printers for my whole clientbase. Easy to copypaste the script and just change the IPs. Often someone else already has the pritner model at a different client so Ive already done the legwork.

Helps that we have RMM, but if you dont have a remote management tool for the machines you can just maintain it on a hardsrive full of the drivers and .ps1 files.

[-]

jimicus@reddit

GPO always used to do a bang up job of setting up printers, but I believe it's been basically kneecapped since PrintNightmare.

This leaves you a few options:

Print on Demand.
Not ideal, because it requires a print server and either a release station (clunky) or printers with this functionality built in and appropriately configured (massive overhead from what you've discussed).
Driverless printing.
This might not be a completely crazy idea. Windows can find printers on the local LAN with multicast. Though older printers might be an issue.
Learn enough Powershell to script it yourself.
I absolutely guarantee you, it'll take you a lot less time to learn Powershell well enough to do this and then push your script out than it ever will to configure 3000 printers. Personally, I'd cobble together a small engine that can read a list of printers from a config file and install them - that way, you just need to update the config file when things change.

[-]

MidgardDragon@reddit

No one wants to admit it but an LLM can probably figure the script out for you if you give it enough info and details

[-]

GoAskJohn@reddit

I was wondering “why not GPO,” thanks for showing me I’m out of touch lmao. Agreed, in that case, I’d do PowerShell. My environment is far less complex, but I use a PS script on W11 to delete and reinstall printers daily. W11 stops printing otherwise. 🙄

[-]

jimicus@reddit

GPO can install drivers. But where you run into problems is that print drivers need to be installed with admin rights, which tends to result in "this needs admin rights, cancel/allow?" questions presented to the user when the policy is processed.

There's a Group Policy that you can configure that says "install the drivers anyway and override the prompt for admin rights", but something in the back of my mind tells me that GPO was rendered ineffective with the PrintNightmare remediation. Don't quote me on that, however, because the last time I set up printers with GPO was circa 2015.

[-]

ValuableEarly673@reddit (OP)

When i deploy via print servers I use GPOs but also around circa 2015 haha. I tried the GPO route with this but had issues like you mentioned.

[-]

Such_Field_3294@reddit

The restriction you're hitting is the add printer wizard validating the IP. If you create the ports via command line or scripting, it wont care whether the IP is live or not. You can preconfigure every port and pool ahead of time on a golden image, then just clone it out to all 40 laptops.

[-]

AnonymooseRedditor@reddit

My opinion? I’d try to set the gear up in kits so the same printers and devices are sent for each deployment. From a deployment pov this allows you to standardize the kits and equipment requirements. Come up with a standard BOM for different scales of emergencies, pack and organize kit accordingly. This would allow you and the teams being deployed to come up with standard operating procedures for setup and tear down too. I spent an early part of my career working for a defense company and part of what we did was sell command and control kits like this for deployments.

[-]

Temporary-Living@reddit

Is having an internet connection and acceptable requirement? If so it opens up a myriad of options. RMMs. Intune. Etc

If not, then you’ll need to do it via some hacky scripting. You’ll need to have an “access” script on your laptop whose job is to psexec out to every local laptop and then push your payload scripts. Those will be the ones others discussed that install printers. PS what can these laptops achieve without the internet? You’re presumably not deploying a whole offline email server for them to email amongst themselves. Your not deploying a local VOIP PBX in every site to talk to themselves

[-]

ValuableEarly673@reddit (OP)

Ideally we always have internet. But there have been times we dont. So i designed for worse case. Now during my updates and programming times its at the office where we do have internet. as long as whatever it is can operate offline in the field I am ok with it.

[-]

Cozmo85@reddit

You can add ips without the printer.

Just use powershell. If you have intune you can deploy printer as apps as well.

[-]

98723589734239857@reddit

if you for example use HP printers, its easy to just use the universal print driver and make a script:

add driver to driverstore (only step that requires admin)
Add-Printer in powerhell for every printer you want to install
profit

[-]

Silver-Ability-3181@reddit

What a fascinating and genuinely tough deployment scenario, good news is this is very solvable with scripting.