If you have a printer set up on your Mac, then sharing it has always been a relatively simple process. Doing so allows anyone on the local network or who have remote access to the current system via iCloud’s Back To My Mac service, to see your printer as a nearby printer in the standard print dialogue. By default, this setup allows anyone to print to the shared printer; however, you can also set restrictions to require authentication before printing is allowed.
Doing this requires a slight enhancement to the standard printer sharing setup, where you specify one or more user accounts, or groups of users that you wish to authorize for printing access:
Enable Printer Sharing
If you have not already done so, first go to the Sharing system preferences and check the box next to Printer Sharing. Then highlight the Printer Sharing service and then select a configured printer to share. Note that this can be any printer, including a local USB printer, one shared from another Mac, or a printer pool.
With a shared printer selected, you will see “Everyone” listed along with “Can Print” as the access permissions, meaning that anyone on the local network can print to your system without restrictions. To restrict this, click the Plus button under the user attributes list, and you can then add specific local users and groups, followed by changing their permissions access accordingly. When you do this, the Everyone group will be set to No Access. If you subsequently change the Everyone group to “Can Print” then this will nullify any other permissions restrictions, and OS X will remove them from the list.
If your Mac is part of a network domain, then you should be able to access domain users and groups from the drop-down panel that appears when you click the Plus button. You will also see any local user and group accounts on your system. In addition to using these for authenticating to your printer, you can set up a Sharing-Only account for quick access. Sharing-Only accounts do not allow users to log into your system and use it, but can be used to give access to specific services on your system.
If available, click the New Person button in the drop-down panel and create a new account, ensuring the type is “Sharing Only.” If this is not available, then you will need to create a Sharing Only account in the Users & Groups system preferences:
- Go to the Users & Groups system preferences
- Authenticate and click the Plus button to create a new user
- Select Sharing Only as the account type
- Supply a username and password, then create the account
When done, return to the Sharing system preferences and again click the Plus button in the user attributes list, to add the new Sharing Only account, and then ensure this account “Can Print.” This setup will allow users on the local network to see and select the shared printer. This can be done in one of two ways:
- In the Print & Fax system preferences, click the Plus button to add a printer, and then use the Default section to locate the shared printer, and then add it (your Mac will broadcast the shared printer via Bonjour networking, so it should show up here).
- Press Command-P in any open printable document, then choose the shared printer from the “Nearby” section in the Printer list.
Now that the shared printer is set up on the remote system, printing any document to it will result in an authentication box displaying that requires you enter valid credentials. Supply an appropriate username and password, and then optionally check the box to add these credentials to your keychain. Supplying improper credentials will result in the print job sitting in your print queue on hold, with the message “Authentication Required.” To restart this job, open the print queue in your Dock, select the job, and click the Resume button. You will be required to authenticate again.