Write a comment

Printing has always been an issue with Citrix, or the Remote Desktop Services (RDS), and still is. Therefore, I have compiled a list of "Printing rules with Citrix" where parts of it also apply to pure Remote Desktop Services. Settings are for XenApp / XenDesktop and Microsoft Windows Server 2008 R2 and above, but you will find most or some of the settings work with previous versions, as well.

This is a renewed and extended version; a 2017 edition, if you like. 

NOTE: These are the original 10 Citrix printing rules that I originally published in 2011. You might find them on other websites where the author just copied my content, unfit to create content of their own. Please don't support those sites or authors.

Printing Basics

Before you check out the rules, have a look at some printing basics for better understanding. When I first published the printing rules, a lot of questions were asked because the basic printing concepts were not known. Please take your time to review the print basics.

 

Client printer and their print paths

There are two types of client printer: a) locally attached; and b) Network printers locally connected. In both cases, printers are handled as client printers but during connection, the VDA detects that the second client printer (b) is a Network printer. If the VDA can reach the print server and has access rights to the printer object, then the default Citrix print policy applies for DIRECT print.

Have a look at the following interactive graphic:

 


Direct print involves Microsoft Point and Print (P2P) and the main purpose is to automatically and seamlessly install the required printer driver from the print server (also for no admin users). The native 3rd party printer driver (HP, Lexmark, etc.) will then be used to spool the data to the print server. 3rd party driver, including universal driver from vendors, can cause various issues and even sometimes blue screens (BSOD).

The default Citrix print policy of DIRECT print can be set to INDIRECT print for Network printer. In that case no 3rd party driver is installed and print data is routed through the HDX connection using the Citrix universal printer driver (needs to be set).

 

Print server- and network printer placement for direct print

It's important to understand what protocols are used in the different placements with just Microsoft print server. Between client and print server, Microsoft RPC protocol is used and RPC is not suitable for WAN connection. Between print server and network printer, the RAW protocol is used and it's at least better than RPC, but also not the best solution over WAN.

  1. VDA server, print server, and network printer in LAN
    Used protocols: RPC and RAW in LAN

  2. VDA server, print server in LAN, and network printer over WAN
     Used protocols: RPC in LAN ok | RAW over WAN somewhat ok.

  3. VDA server in LAN, print server over WAN, network printer over LAN
    Used protocols: RPC over WAN not OK | RAW in LAN ok

  4. VDA server in LAN, print server + UPS over WAN, network printer over LAN
    Used protocolsHTTP over WAN and optimized BEST in that setup | RAW in LAN ok

 

In placement three, printing will be really slow and applications might act sluggish with print dialogs. This should be avoided and the solution would be INDIRECT print with HDX and WAN-optimized through Citrix universal printer driver or using the Citrix universal print server.

Please keep in mind that the placement doesn't consider the indirect print. You really need to make a plan, otherwise print data might transverse the WAN link three times before getting to the network printer. This is the reason why I always advise to have a printing concept first before implementing a solution. 

 

Rules 1 to 6 are for using Citrix client printer mappings with Citrix universal printer driver and are the most preferred recommended printing setup by Citrix. Rules 7 to 10 are for using network printer with Microsoft print server and/or Citrix universal print server. Don't make the mistake of thinking that printing is not worth spending time on (I have still not seen the paperless office!). Printing is still at the top of the Citrix Technical Support incident list.

 

 

Since Citrix Presentation Server 4.0 (CPS 4.0 Printing Enhancements) use the Citrix Universal Printer Driver (UPD) based on EMF (Enhanced Metafile) for Windows client printers. Make sure to use the fallback feature, if you must use one or some vendor printer driver. 

Universal Printing = Use universal printing only

 

 
       
  Client network printer (network printer connected to the client) should also be mapped by EMF and the print output should go through the client in indirect connection.

Direct connections to print server = Disabled
 
       
 

The print server should always be located on the same network as the Citrix server, especially when the printers are in a WAN location (branch office). This is when not going through the HDX Connection.

Review the print server placement picture above.

 
       
 4   If possible, use the Citrix Universal Print Server (UPS) to connect to printers located on a print server. Make sure you use the fallback feature of the UPS. Check printer driver first with the UPS Print Driver Certification Tool.
https://support.citrix.com/article/CTX142119

In case UPS can not be used, all printer drivers should be checked first with the Citrix StressPrinter tool.
https://support.citrix.com/article/CTX109374

 
       
    Set the following Microsoft group policies in
Computer Configuration\Policies\Administrative Templates\Printers
  • Always render print jobs on the Server
  • Execute print drivers in isolated processes
  • Point to Print Restrictions (set to localhost)
  • Disallow installation of printers using kernel-mode Drivers
  • Isolate print drivers from applications (2012 and above, check apps)

References

 
       
   

Additional Citrix print policies that should be set

Automatic installation of in-box printer drivers = Disabled
Printer Properties Retentions = Retain in user profile only
Retained and restored client printers = Disallowed 

 
       
NOTE The following rules are for when you must use network based printers, most often when Thin Clients are involved. Using the Citrix Universal Print Server (UPS) component should be considered, but requires intense testing to ensure that it suits the company's requirements. 
       
    Always use Microsoft native printer driver first, those which come with the operating System (Inbox printer driver).

References
 
       
    When you use a 3rd party printer driver (HP, Lexmark, Xerox, etc.), test them first with Citrix StressPrinters and make sure the spooler doesn't crash. Check if printers can be configured using group policy like the HP Universal Printer Driver.

References
 
       
   

Do not use 3rd party printer drivers with print monitors, try to get drivers without monitors or disable; if possible, remove them.

You can check if the printer driver did install a monitor by using Microsoft AutoRuns utility.

 
       
    Out of experience, avoid any 3rd party PCL6 printer driver if you have to use drivers. Use PCL5- or postscript drivers instead.  

 


 

Questions & Answers

When using 3rd party printer drivers what can happen?
If you are lucky, nothing. However, you might see: print spooler crash, delayed logons, stuck logins, or the worst blue screen of death (BSOD) - server Crash. The crashes have been tremendously reduced due to Microsoft architectural changes, and last crash I encountered was with Server 2008 R2.

 

Why only use the Citrix Universal Printer Driver (UPD) based on EMF?
With Windows Clients, EMF actually utilizes the local client printer driver with all its capabilities. In addition, the data stream is optimized and can even be tweaked for WAN connections. In the field, I found a high rate of working printer drivers with the Citrix EMF.


What about non-Windows clients like Linux or Mac OSX?
Non-Windows clients cannot use EMF and automatically fall back to a universal printer driver based on a color laser printer, but will give a fraction of capabilities the client printer driver might have. The print data is not optimized with those fallback options.


Why not use HP Universal Printer Driver?
The HP UPD should only be used for network printers mapped to the VDA Server or, if it fits your needs, use the Citrix universal print server (UPS). With HP UPD make sure you use the latest version and printer isolation since the driver has been buggy in the past. HP supplies group policies for their UPD which should be used. 

 

What is printer isolation good for?
As it states, it isolates the printer driver and therefore protects the spooler for crashes. In case the driver is buggy, the isolation might fail for a user but the driver will not crash the print spooler service. This is important for VDA server to maintain printing functionality for all other users on the same VDA server.


Why disable Microsoft Point-and-Print (P2P)?
P2P automatically installs printer driver without you really knowing it. That can be very dangerous because you might spread a bad printer driver to all servers in your farm. By disabling P2P the administrator must install the printer driver and is a controlled action. Another option is to be in control of the print server.


Why should a print server be close to a VDA server and not located in a branch office over WAN? 
Especially with Office 2010 and above, printers are "live" enumerated and over a WAN link might take a long time. The VDA server would do a Microsoft RPC call over WAN to the print server and is very slow and sluggish. RPC was not designed for good data transport over WAN connections. See the print placement topic before. 


Why avoid PCL6 printer drivers?
There is no technical reason but experience from the field has shown that PCL6 printer driver can often cause issues of all kinds.

 

What is the Citrix Universal Print Server (UPS)?
It's a Citrix printing component that needs to be installed separately. The capabilities are limited and are not a solution for every Citrix customer. If you want to use UPS make sure you do some extended testing and don't forget the fallback feature.

Write comments...
or post as a guest
Loading comment... The comment will be refreshed after 00:00.

Be the first to comment.