Jamf Nation Community

If you are not concerned about users being able to remove every printer on the machine you could just have a single policy for removing any printer. I wrote this script to prompt the user to select from the installed printers for the one they want to remove and then remove it. I just have it as an onging Self Service policy alongside the printer install options.
Doesn't really answer your question but perhaps reduces the issue by half...

#!/bin/bash

##### SUB ROUTINES START HERE #####

Get_Printer() {
The_Printer=$(osascript <<AppleScript
set My_Printers to {$My_Printers}
set The_Printer to {choose from list My_Printers with title "AUT Printer Wizard" with prompt "Please select a printer:" OK button name "Remove Printer"}
AppleScript
)
}

Display_Cancel() {
osascript <<AppleScript
set NOTHING to the button returned of (display dialog "No printer selected, cancelling the process" with title "AUT Printer Wizard" buttons {"Exit"})
AppleScript
}

Display_Remove() {
The_Answer=$(osascript <<AppleScript
set The_Answer to the button returned of (display dialog "You have selected to remove $The_Printer" with title "AUT Printer Wizard" buttons {"Not Now","Proceed"})
AppleScript
)
}

Display_Final() {
Current_Printers=$(lpstat -a | awk '{print $1}')
osascript <<AppleScript
set NOTHING to the button returned of (display dialog "Process complete, currently installed printers:

$Current_Printers" with title "AUT Printer Wizard" buttons {"Finish"})
AppleScript
}

##### SUB ROUTINES END HERE #####


##### MAIN PROGRAM STARTS HERE #####

My_Printers=$(lpstat -a | awk '{print $1}' | tr "
" " " | sed -e 's/ $/"/g' -e 's/^/"/g' -e 's/ /","/g')
if [ "${My_Printers}" != "" ];then
Get_Printer
echo ${The_Printer}
fi

if [ "${The_Printer}" != "" ] && [ "${The_Printer}" != "false" ]; then
Display_Remove
fi

if [ "${The_Answer}" == "Proceed" ]; then
lpadmin -x ${The_Printer}
Display_Final
else
Display_Cancel
fi

##### MAIN PROGRAM ENDS, THANKS FOR PLAYING #####

@tcandela I tested my idea, and it worked. I did find that the recon during Self Service did not seem to pick up the printers, but you could use a script to add/remove the printers and throw a "jamf recon" in the script.

I also found that on removal I needed to stop the cups process and restart it just to kick the change into showing up. My removal was via the FIles & Processes tab, and it just had this:

lpadmin -x <printername> | launchctl stop org.cups.cupsd | launchctl start org.cups.cupsd

@stevewood prior to seeing your suggestions, while walking back from the grocery store I started to think on how to get this to work, and realized I needed to add to the smart group criteria the AND printer name not installed. (Just like you suggested). I'll test tomorrow.

The unmap policy log looks to stop/start CUPS already.

I thought Files and Processes statements get separated by colons?

So now after a self service policy runs it also supposed to kick off RECON?

@tcandela the statements in the FIles And Processes tab are run just like a command from the terminal. So the same way you chain a UNIX command together is how you would from that tab. You're piping ( | ) the output of one command into the next for processing.

And in my testing, the recon did not happen as expected from Self Service. To be fair, this was a 10.10.5 VM that I was testing in.

come to think of it, i really don't need the criteria to include operating system like 10.9 or 10.10 all I need is a single criteria for each smart group

Mapped Printers 'does not have' printer1 -- for add printer Mapped Printers 'does have' printer1 -- for remove printer