I'm currently dealing with a situation at work where some employees are abusing the printer usage. We don't have an Active Directory and have a mix of Windows, MacBooks, and Linux systems here. In just three months, they've already printed more than half of what we printed last year! The manager wants to restrict printing access, but I've hit a few roadblocks. I set up a printer server on a Debian VM, which works for the workstations, but the problem is with the Lexmark MX410de printer's whitelist—it doesn't prevent printing from phones. Disabling mDNS helps, but it also stops scanning and AirPrint for MacBooks, which creates more issues. What other options should I explore? I've considered using CUPS or SAMBA for authentication, but I'm unsure if those will effectively restrict mobile printing. I know something like Papercut would work, but our budget is tight in this public sector environment.
5 Answers
Using CUPS or creating VLANs for the printers can be effective. Set up a dedicated network just for the printer and use firewall rules to control access. If the phones are BYOD, those should have their own network access as well.
You might want to link the printer from your print server to the users' MacBooks, and simply disable AirPrint on that printer to avoid any mobile printing.
Instead of over-engineering the tech side, addressing the human aspect might work better. Have HR create a policy that penalizes unauthorized printing, such as a temporary suspension. It gets the message across effectively!
Is everything connected to the same network? If these devices are personal phones, they shouldn't have access to your corporate network where printers are located. You might want to consider separating the networks.
Check if your printer has authenticated printing options. The Lexmark MX410de should offer confidential or held printing solutions. Also, you can consider Printix for an affordable solution, promoting it as a way to enhance security.
We're currently working on separating the guest and internal networks.