5.0 KiB
5.0 KiB
Cascades — Printer / VLAN 20 Migration Map (GPO planning)
Living reference for the printer migration onto Staff VLAN 20 (10.0.20.0/24) and the eventual printer GPO build. Update as machines/printers migrate. Started 2026-06-30 (Howard).
How the GPO needs to be built (two layers)
- Point-and-Print policy (computer GPO, fleet-wide) — REQUIRED prerequisite or any
GPO-pushed printer fails (PrintService event 513 / error 0xBCB) for standard users.
Set on
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Printers:RestrictDriverInstallationToAdministrators=0; subkeyPointAndPrint:Restricted=1, TrustedServers=1, ServerList=CS-SERVER, InForest=0,NoWarningNoElevationOnInstall=1, UpdatePromptSettings=2(scopes silent driver install to CS-SERVER only). Caregiver machines already have this — that's why their printer GPO works. Set manually 2026-06-30 on DESKTOP-ROK7VNM + DESKTOP-DLTAGOI; needs to be a GPO. - Printer deployment — GPP Printers / Deployed Printers mapping
\\CS-SERVER\<share>to the right users/OU/room. Existing GPOCSC - Life Enrichment Printerslikely still points at OLD share names — repoint.CSC - Printer Deploymentis disabled/empty (do not use).
Driver trap: Canon MF741/743 are UFR II only — PCL6 produces Error #822 (spools, never
prints). Any GPO/share for those Canons MUST use Canon Generic Plus UFR II V250 (INF cnlb0ma64.inf).
Printer / machine map
| Printer (share / name) | Model | IP (VLAN20) | Driver | Machine | User(s) | Domain? | Status / GPO action |
|---|---|---|---|---|---|---|---|
\\CS-SERVER\FrontDesk |
Epson ET-5800 | 10.0.20.221 | EPSON ET-5800 Series | RECEPTIONIST-PC (frontdesk box, S/N MJ0KQHNP) | frontdesk | Domain (cascades.local) | DONE — share repointed, mapped, default. Add to GPO. |
\\CS-SERVER\LifeEnrichment |
Canon MF741CDW | 10.0.20.94 | Canon Generic Plus UFR II V250 | DESKTOP-DLTAGOI; DESKTOP-ROK7VNM | sharon.edwards; susan.hicks | Domain | DONE — UFR II driver fixed, mapped (not default). Repoint CSC - Life Enrichment Printers GPO from old 1F-132-RecRoom-Canon to LifeEnrichment. |
| Dining Room Manager - Canon MF743CDW | Canon MF743CDW (MF741C/743C) | 10.0.20.228 | Canon Generic Plus UFR II V250 | DESKTOP-MD6UQI3 | dining manager (Alyssa) | WORKGROUP — not domain-joined yet | DONE as direct-IP (local) printer, default. TODO: when DESKTOP-MD6UQI3 is domain-joined, add this printer to the GPO and map it to Alyssa's domain account. |
| Chef Office - Brother MFC-9330CDW | Brother MFC-9330CDW | 10.0.20.236 | Brother MFC-9330CDW Printer | CHEF-PC | chef (all users) | WORKGROUP — not domain-joined | DONE as direct-IP (machine-wide / all users), default. TODO: add to GPO + map to chef's domain account once CHEF-PC is domain-joined. This is the Chef's printer in the Chef's office (distinct from the kitchen printer with the chefs). |
Memory Care Front Desk - Epson ET-5800 (\\CS-SERVER\MCReception) |
Epson ET-5800 | 10.0.20.78 | EPSON ET-5800 Series | MEMRECEPT-PC | memfrtdesk (+ other MemCare front-desk staff) | WORKGROUP — not domain-joined | Already shared on CS-SERVER as MCReception. Machine currently has the Epson via OLD vendor/WSD ports (EP833571:ET-5800 SERIES + WSD), NOT the static .78 — needs direct-IP to 10.0.20.78. Mark for GPO: MemCare front-desk users (mostly the memfrtdesk machine). TODO: add to GPO + map to domain accounts once domain-joined. |
Memory Care MedTech - Brother MFC-L8900CDW (\\CS-SERVER\MCMedTech) |
Brother MFC-L8900CDW | 10.0.20.74 | Brother MFC-L8900CDW series | RECEPTIONIST-PC (memcare box → rename to MEMCARE-*); DESKTOP-LPOPV30 | memory care; karen rossini | WORKGROUP | DONE direct-IP machine-wide on both; old 192.168.2.53 + WSD connections removed; LPOPV30 default = new printer (was the old one); memcare box default unchanged (iR-ADV). MedTech room in Memory Care. TODO: GPO + domain accounts once joined. |
\\CS-SERVER\Kitchen |
Canon MF743CDW | 192.168.3.232 (pre-migration) | (verify) | (kitchen) | chefs | — | Kitchen printer (with the chefs). Not yet migrated to VLAN20 this round. |
Machine rename TODO
- RECEPTIONIST-PC (the Memory Care box, "memory care" user, S/N MJ0KQH4R, agent 57f19e17) shares its hostname with the front-desk RECEPTIONIST-PC box — too hard to tell apart in the agent list. Rename STAGED 2026-06-30 ->
MEMCARE-STATION; applies on next reboot (not forced; user was active). The OTHER RECEPTIONIST-PC (frontdesk user, S/N MJ0KQHNP) is the actual front desk.
Notes
- Workgroup machines (DESKTOP-MD6UQI3, CHEF-PC) get direct-IP local printers for now
(no domain auth / no point-and-print needed). Once domain-joined, switch them to the
GPO-deployed
\\CS-SERVER\<share>model and map to the domain account. - Detailed how-to + pfSense routing fix:
.claude/memory/project_cascades_vlan20_migration_routing.mdand session logclients/cascades-tucson/session-logs/2026-06/2026-06-30-howard-vlan20-printer-migration.md.