I'm in the process of testing a Windows Server 2008 R2 print server for a mixed OS X/Windows environment.
Any security permissions (AD groups) I set for the printers on the print server are not honoured by the OS X clients. Only if I remove absolutely all permissions for a given printer will an OS X client not print to that printer. The Windows clients honour the permissions as expected.
The PrintService log doesn't record any activity when an unprivileged Windows client attempts to print, and records a typical print job when an unprivileged OS X client attempts to print.
Has anyone encountered this problem before and have a fix? With 600-700 clients, a number of which are dual-booting, restricting by IP address is not viable.
EDIT: The jobs are definitely going through the print server, they show up in the logs with their AD credentials.