I am seeing if I can support the following;
Printers 1-3 [two Kyocera P3060dn + Lexmark MX810dn] to be accessed by user group 1
Printer 4 [kyocera P3060dn] to be accessed by user group 2
All other production area users are to be denied printing access.
All above printers are networked only, no direct connection to any computers.
We are running Server 2016 and so far I have added the relevant printers to it, they weren't there before, we had added to printers individually on each PC. I have also created new security groups for Group 1, Group 2 and Deny. I've started creating GPOs for Group 1 and 2 but not Deny incase I stuffed something up.
The kyocera printers I added to the server under Print Management>Print servers have been deployed to the relevant GPOs.
Additional possibly relevant info;
Users are either using Windows 7 PCs directly or accessing a Windows 10 VM via Microsoft Remote Desktop on Macs [I haven't even started looking at printer restriction within macOS]
So I'm looking to see if, via Group Policy, I can deploy printers to users that are to have access to them and remove any existing printers to the remaining users as well as block future access to any printers. I've been wading through a few guides but I'm getting a bit stuck. I do not have any formal Microsoft or IT training, I've been learning as I go along.
I hope I've put this in the relevant section and it hasn't been previously addressed, I'd like to know whether or not this is realistic. Perhaps someone here might have some advice or could point to a good web resource for my specific query?