Searching for Print Queues in the Active Directory

Print servers also use LDAP to search for print queues in the Active Directory. Print servers perform the following steps to search for print queues:

  • Locate the domain controller and bind to the LDAP server as described in section

  • Search for print queues with the desired attributes, using the LDAP search operation, as defined in section 4.5 of [RFC2251]. The format of the LDAP search request is described in section 4.5.1 of [RFC2251]. The parameters of the search request are set as follows:




    Print servers SHOULD<279> specify the default naming context retrieved from the root DSE. The root DSE is defined in [MS-ADTS] section 1.1, and the default naming context attribute is described in [MS-ADTS] section


    Print servers SHOULD specify wholeSubtree.


    Print servers SHOULD specify neverDerefAliases.


    This value is dependent on the print server implementation and does not affect the protocol.


    This value is dependent on the print server implementation and does not affect the protocol.


    The filter parameter of the search request MUST contain the requirement that the returned objects be of the print queue object class. In the string representation of filters described in [RFC2254], this requirement is written as "(objectClass = printQueue)". In conjunction with this requirement, the filter can contain any restrictions based on any combination of attributes of the schema for the print queue object class.


    The print server can request any set of attributes in the schema, but it SHOULD NOT fail if any optional attribute is missing.

  • Unbind from the LDAP server as described in section

Print servers can also search the global catalog (GC) for print queues in other NCs.<280> The GC and naming contexts are defined in section 1.1. The Active Directory implementation of the GC is described in [MS-ADTS] section Print clients use LDAP to perform searches on the GC in the same way as above.

Print servers can negotiate encryption of LDAP messages as part of the SASL authentication during the binding process, as described in [MS-ADTS] section<281>

If an Active Directory print queue object is enumerated by the search, but the mandatory information specified in section 2.3.2 is not present in that print queue object, the print server SHOULD ignore this object and continue to the next enumerated print queue object.

Print servers can retry failed LDAP search operations.