On the basis the printer is probably statically addressed, why not try...
1. Add the two laptops in question to the mac auth database too.
2. In the mac auth server group you're using, add role derivation for the two laptops, resulting in role which has all normal rules, plus permit rules to the printer IP.
The only challenge you might get is discovering the printer in the first place. Printer discovery methods vary from vendor to vendor. Some operate with multicast, some broadcast etc. So your rules would also have to allow the laptops to discover it however the vendor does it. Recommend running a packet capture to find out if you don't know (probably either on the wired LAN, or when putting both the laptop and printer in "allow-all" roles temporarily to test).
Good luck.