From what I can see, in Pharos Uniprint each user is a member of one (and only one) User Group at any time. I have questions:
- Why? Why must each user be a member of only one User Group?
- Might it be possible (probably in a future Uniprint version?) for users to be members of more than one User Group?
- What problems would arise if users could be members of more than one User Group?
- Are there limits to the number of User Groups that can be defined in Uniprint?
It seems to me, if users could be members of more than one User Group, the User Group membership could be easily (very easily) mirrored with Active Directory membership, thus allowing much greater flexibility with print options and controls.
We use Secured Release for all our Release Station controlled printers, however we use a lot of Direct Printing (with no release stations) which to the end users feels like traditional printing (hit Print at the computer, print job comes out on the printer, release/billing/etc is all automatic) and this is where User Group membership becomes important however because Uniprint users can only be members of one Uniprint User Group at a time, it is a huge problem to setup and maintain if any print controls based on Uniprint User Group membership is applied.
If Uniprint Users were allowed to be members of multiple Uniprint User Groups ... with the methods we use at our campus, we could easily control "who prints where" based on the Active Directory membership by having the user's Active Directory membership be echoed in their Uniprint User Group membership. This would allow for better securing of systems and better ensuring only authorized printing. One of the challenges I face currently is providing printing for departments but with little to no methods to ensure unauthorized printing does not occur. We have many locations where multiple departments (or "organizations") are allowed to use the same computers (at different times from each other, of course) however the printers (and the use of the printers) are supposed to be limited to the "primary" department or organization or at a different cost rate than the "primary" organization. Right now, it's difficult to manage controls of that because the Uniprint Groups cannot mirror active directory membership.
Yes, the printers can be "secured" using ACLs and/or Firewall settings, but those settings are not user based. If Uniprint's User Groups could mirror Active Directory membership, then it would be simple to have user based controls of "who prints where".
I ask Pharos: Can we have multiple User Group membership for the Uniprint users? (if so, how soon?)
- Paul L.