802.1x and DHCP is the correct answer here.
DHCP is definitely going to be utilized. I'm just not quite sure how to leverage 802.1X to assign VLANS.
802.1x is a method of authenticating a device before giving it access to the network. Part of this authentication can be an authorization. As such, your policy server can instruct the switch as to which VLAN the device is authorized to connect to.
Basically, the switch says "hey this guy wants to connect to the network" and your policy server responds by saying "yep, allowed, put him on VLAN X".
For printers, you can use MAC-address-Bypass to classify based on the MAC address. Then you just need a list of MAC addresses on your policy server. Or you could use EAP-TLS.
Packetfence is a popular free policy server.
After a bit of research I think I got the gist of it. I already stood up a Windows NPS for the Wireless RADIUS authentication. I'm going to try and setup EAP-TLS and authenticate with a generic service account since all of our printers are 802.1X capable. I've already configured the policy just need to configure a switch port and test.
Thanks for the info!