Apple macOS Desktop Modern Management UEM Script

macOS : Deploying printers trough script.

Dec 9, 2022 6 min read
macOS : Deploying printers trough script.

Deploying printers to macOS Devices in an enterprise environment can sometimes be complicated. If you have a management tool, such as Workspace One UEM or JAMF, you can deploy printers in an automated way. Our method described here is to use a Shell script to deploy the printers, as this is the one that gives us the most flexibility.

The Drivers

The first thing to do is to identify the printer and its driver. On most printers, you just need to navigate to the IP address of the printer to check the make and model with an administration device, then go to the vendor's website to download the latest driver for macOS. Once you have the driver it is advisable to push it and install it via your MDM tool. It is also possible to test it first locally on a test macOS terminal to check if the driver file is added on the system. On a Mac, most printer drivers are stored in :

/Library/Printers/PPDs/Contents/Resources

The <lpadmin> command

The next thing to do is to use the right command to add a printer on macOS and then build the configuration script. We will use the macOS internal command <lpadmin> to add the printer to the system. Here is what this command looks like:

sudo lpadmin -p <PRINTERNAME> -E -v <PRINTURL> -P "<PPDDIR>/<PPDNAME>" -L "<LOCATION>"

Ok this is a bit complicated ? so let's break it down a bit:

-p : This flag sets the name of the printer as seen by the CUPS process (macOS system's internal print server). Use a name without spaces, or replace the space with an underscore character. You can choose any name you want or that corresponds to what your employees know, like a print queue for example.

-E : This flag allows the printer to automatically accept new jobs.

-v : The -v flag defines the URL of the printer or print server. The URL often takes the form of -v protocol://FQDNorIP, where the protocol is usually IPP (Internet Printing Protocol) or LPD (Line Printer Daemon) or even SMB depending on your print server.

-P : Quite explicitly, the -P flag defines the path to the driver. That is, the one we saw just a bit above.

-L : This one is not mandatory but allows you to define a location for the printer if you have offices with several floors/departments/devices.

-D : Where -p sets the name that the CUPS process saw, the -D flag sets the "friendly" name, the name that is visible in the macOS system GUI. This is also an optional entry.

Finally, let's keep in mind the command to remove a printer or a print queue via lpadmin with the -x flag :

sudo lpadmin -x <PRINTERNAME>

Building the script

And now the script to add the printer. Open up a code editor that you're used to on macOS (we use Code Runner personally) and create a new shell script (preferably in bash).

For our example, let's take a scenario where Mobinergy wants to add to its macOS fleet the configuration of a fleet of RICOH Aficio MP5502 enterprise printers managed by a Windows print server running in the classic Spooling fashion (print queue).

Here is the information we need:

  • The PRINTER FQDN will be :
    "printserver-corp-prd.mobinergy.com"
  • The the print queue dedicated to macOS created on the server will be the PRINTER FILE :
    "PRINT_RICOH_MAC"
  • The drivers previously installed via the manufacturer package with the MDM will be located in the folder PPDDIR :
    /Library/Printers/PPDs/Contens/Ressources
  • The name of the printer driver in the previous folder will be PPDNAME :
    "RICOH Aficio MP C5502"
  • The LOCATION will be :
    "MobinergyHQ"

The protocol used by macOS to reach this printing server will be LPD.

Now let's start writing the script, we will first declare our variables :

#!/bin/bash

PRINTERFQDN="printserver-corp-prd.mobinergy.com"
PRINTERFILE="PRINT_RICOH_MAC"
PPDDIR="/Library/Printers/PPDs/Contents/Resources"
PPDNAME="RICOH Aficio MP C5502"
LOCATION="MobinergyHQ"

We will then build the printer URL PRINTURL with the LDP protocol :

#!/bin/bash

PRINTERFQDN="printserver-corp-prd.mobinergy.com"
PRINTERFILE="PRINT_RICOH_MAC"
PPDDIR="/Library/Printers/PPDs/Contents/Resources"
PPDNAME="RICOH Aficio MP C5502"
LOCATION="MobinergyHQ"

PRINTURL="lpd://${PRINTERFQDN}/${PRINTERFILE}"

Now we check if the configuration already exists :

#!/bin/bash

PRINTERFQDN="printserver-corp-prd.mobinergy.com"
PRINTERFILE="PRINT_RICOH_MAC"
PPDDIR="/Library/Printers/PPDs/Contents/Resources"
PPDNAME="RICOH Aficio MP C5502"
LOCATION="MobinergyHQ"

PRINTURL="lpd://${PRINTERFQDN}/${PRINTERFILE}"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} already configured"

And if not we can now add the configuration with the lpadmin command :

#!/bin/bash

PRINTERFQDN="printserver-corp-prd.mobinergy.com"
PRINTERFILE="PRINT_RICOH_MAC"
PPDDIR="/Library/Printers/PPDs/Contents/Resources"
PPDNAME="RICOH Aficio MP C5502"
LOCATION="MobinergyHQ"

PRINTURL="lpd://${PRINTERFQDN}/${PRINTERFILE}"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} already configured"
else
	echo "Printer queue ${PRINTERNAME} will be now configured"
    
	sudo lpadmin -p ${PRINTERNAME} -E -v ${PRINTURL} -P "${PPDDIR}/${PPDNAME}" -L "${LOCATION}"
fi

exit 0

Bravo your print configuration script for your macOS fleet is finished !

For your information, here is the complete script we used recently for a configuration.
We first check the presence of old or bad printers that we remove, before adding the right configuration and also activate the Kerberos support in case of an authentication of this type accepted by the print server.

#!/bin/bash

# Remove legacy printers

PRINTERNAME="Mobi_0"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} configured. Removing..."
	sudo lpadmin -x ${PRINTERNAME}
	sleep 3
else
	echo "Printer queue ${PRINTERNAME} does not exist. Skipping..."
fi

PRINTERNAME="ORIGIN_RICOH"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} configured. Removing..."
	sudo lpadmin -x ${PRINTERNAME}
	sleep 3
else
	echo "Printer queue ${PRINTERNAME} does not exist. Skipping..."
fi

PRINTERNAME="PRINT_RICOH"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} configured. Removing..."
	sudo lpadmin -x ${PRINTERNAME}
	sleep 3
else
	echo "Printer queue ${PRINTERNAME} does not exist. Skipping..."
fi

PRINTERNAME="PRN_RICOH_MAC"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} configured. Removing..."
	sudo lpadmin -x ${PRINTERNAME}
	sleep 3
else
	echo "Printer queue ${PRINTERNAME} does not exist. Skipping..."
fi


# Add Windows Virtual Printer queue

PRINTERFQDN="printserver-corp-prd.mobinergy.com"
PRINTERFILE="PRINT_RICOH_MAC"
PPDDIR="/Library/Printers/PPDs/Contents/Resources"
PPDNAME="RICOH Aficio MP C5502"
LOCATION="MobinergyHQ"

PRINTURL="lpd://${PRINTERFQDN}/${PRINTERFILE}"

if ( lpstat -v | grep -q "${PRINTERNAME}" ) ;
then
	echo "Printer queue ${PRINTERNAME} already configured"
else
	echo "Printer queue ${PRINTERNAME} will be now configured"
    
	sudo lpadmin -p ${PRINTERNAME} -E -v ${PRINTURL} -P "${PPDDIR}/${PPDNAME}" -L "${LOCATION}"
fi


# Enable Kerberos Printing on SMB printers

echo "Enable SSO on printer queue : ${PRINTERNAME}"
sudo lpadmin -p ${PRINTERNAME} -o auth-info-required=negotiate

exit 0

Adding the Script to Workspace One UEM

Let's finally see how to add this script to our Workspace One UEM console to push it on all our macOS terminals.

Simply log into your Workspace One UEM console with an administrator account and navigate to Resources > Scripts.

From this page click on Add and choose macOS as OS.

The script editor opens and you just have to select a name for your script and click on Next.

Then you can simply copy and paste our printer configuration script, here we sill select the Bash language and the System context for execution. CLick on Next.

On the next screen we dont need any specfic Workspace One Variable so we can just click on Save.

Congratulations, you can now assign this script to the right macOS Organisation Group or Smart Group and push your printer configuration to your devices.

Don't forget to install the drivers beforehand via the right package from the printer manufacturer.

Note: It is possible in Workspace One UEM to use a Freestyle Orchestrator Workflow that will install the package and then run our script.

Thanks for reading and see you soon for new contents !

Published by
Pierre Samenayre
Pierre Samenayre
Pierre joined Mobinergy team after 5 years at Apple and then worked as technical manager for Apple partners. Fan of Rugby, Pierre makes Mobility his priority today as a Digital Workspace Architect.
Great! Next, complete checkout for full access to Mobinergy Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Mobinergy Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.