Internet Printing Protocol (IPP)
Updated: March 28, 2003
Applies To: Windows Server 2003 with SP1
Windows 2000 Server introduced support for the Internet Printing Protocol 1.0 specification. Windows Server 2003 continues this support for the 1.0 standard. There are two main components to IPP:
Web-based printer management
Web-based Printer Management
Web-based printer management is very simple to use. The only prerequisite is that IIS be installed and running on the print server. It is on by default for Windows 2000 Server versions and can be installed as an optional component on Windows 2000 Professional. Web-based printer management can be configured on Windows Server 2003 by using the IIS Lockdown Wizard and selecting the Enable Active Server Pages and Enable Internet Printing check boxes. When a printer is created and shared, it becomes available for management through the Internet browser. To access the Web-based feature, use the following URL, substituting your print server’s computer name for printserver:
Users must have adequate permissions in order to pause printers, purge print jobs, and so on. Most Windows clients in use today have built-in support for IPP or can download IPP support from the Microsoft Web site (http://www.microsoft.com). When a client has IPP support installed, they can view and connect to printers from within their Web browser. Microsoft strongly recommends the use of this technology, particularly for corporations that want to deploy a Web-based solution for finding and connecting to printers.
|Windows XP provides support for Web-based management of locally hosted printers by default. In the future, this option might be disabled by default—as is true for Windows Server 2003 — and enabled by a process similar to the IIS Lockdown Wizard used on the Windows Server 2003 family of products.|
When a user connects to a printer through the Web-based printer management, one of two things can happen: Either Windows creates an IPP printer connection using an HTTP port, or Windows creates an RPC “true-connect” printer connection.
HTTP Printer Connection Through Web Browser
If the client’s Internet Explorer security settings for the print server are set to medium or higher, Windows creates an IPP printer connection using an HTTP port. Because this technology requires the installation of a local printer queue (unlike a true Point-and-Print connection, which uses RPC), the client must have either Administrator or Power User status with the added Load and unload driver privilege on the local machine. (On Windows 2000 Server, this connection also works if the client has only Power User privilege.)
This solution is recommended only for Internet sites–specifically, untrusted sites viewed by a browser in which the security settings must be set to medium or higher. This type of printing works very well to print data in one location on a page at another location that does not share security or network infrastructure. However, HTTP printer connections are more limited than RPC true-connections (described below) in a Windows printing environment, as they do not support enhanced metafile (EMF) features.
RPC Printer Connection Through Web Browser – Preferred Method
If the client’s Internet Explorer settings are set to medium-low or lower, when the client chooses the connect option in a Web browser, Windows automatically creates an RPC true-connect printer connection. True-connect, or UNC, connections have many benefits over true IPP printer connections and should be used for intranet printing (local to the company) where the security setting in Internet Explorer can be set to medium-low safely. True-connect connections are supported through the Windows remote spooler, which is where the vast majority of future Microsoft innovation will be—in the RPC printer connection rather than the IPP printer connection state.
For additional information about RPC connections, see the “Point and Print Technical Overview” at http://www.microsoft.com/printserver.