Haven't gotten any responses since my post last wednesday, can anyone
help? Questions too simple? Need more info? Wording too hard to
understand?
Samba 2.2.5-1 installed via RPM on a RH7.2 system, authentication is
against an NT PDC (security = domain) using winbindd. Mostly w2k
clients connecting to samba for print serving.
(A) In my [printers] share I have:
printer admin = "MY_DOM+user1, MY_DOM+user2"
queuepause command = /usr/sbin/lpc stop %p
queueresume command = /usr/sbin/lpc start %p
trying to "Pause Printing" from a w2k client doesn't appear to do
anything.
I also tried adding
queuepause command = /usr/sbin/lpc stop %p
queueresume command = /usr/sbin/lpc start %p
printer admin = "MY_DOM+user1, MY_DOM+user2"
to the global section, no luck.
lpc status (print queue name) shows printing and spooling remain enabled.
Maybe I was thrown off by the comments in default RPM smb.conf:
# if you want to automatically load your printer list rather
# than setting them up individually then you'll need this
and
# NOTE: If you have a BSD-style print system there is no need to
# specifically define each individual printer
Do I need to identify shares for each print queue for attributes like
queuepause, etc to work? I noticed they are listed as [S]ervice
attributes, but also that testparm listed it as a global attribute as well.
(B) Does /etc/samba/smbpasswd provide anything for this configuration
(security = domain authenticating against a NT server and using winbind)?
(C) Every 15 minutes or so I get this in log.nmbd:
[2002/07/30 06:32:04, 0]
nmbd/nmbd_browsesync.c:find_domain_master_name_query_fail(358)
find_domain_master_name_query_fail:
Unable to find the Domain Master Browser name MY_DOM<1b> for the
workgroup MY_DOM.
Unable to sync browse lists in this workgroup.
Is that because my interface does not support broadcast? Any idea how
to remedy these errors? Is it likely I've misconfigured something
somewhere? Or is lack of broadcast the likely culprit? Does this mean
when I make changes to shares, the Domain Master Browser won't know it?
I thought since I'm pointing at an NT WINS server, my lack of broadcast
was a non-issue?
(D) In my log.winbindd I get:
[2002/07/30 07:47:06, 1] nsswitch/winbindd_user.c:winbindd_getpwnam(120)
user 'ftp' does not exist
(It used to be 'nobody' though I did have a 'nobody' account. I
put
"guest account=ftp" to see if that worked any better, and it
didn't.)
Any ideas? I had also tried a nobody = MY_DOM+guest in smbusers, but
that did not help. Testparm shows map to guest = Never, guest ok = no,
and guest only = no. I haven't set any public=yes. I don't know why,
with security = domain and my other share settings it would ever be
needing a guest account anyway.
Thanks for your expertise,
~ Daniel
My smb.conf... a work in progress. Please let me know if anything looks
missing or redundant:
[global]
# default of 10 wasn't enough for Printers folder to show up on first
connect
lpq cache time = 30
printing = LPRNG
queuepause command = /usr/sbin/lpc stop %p
queueresume command = /usr/sbin/lpc start %p
printer admin = "MY_DOM+user1, MY_DOM+user2"
netbios name = myhost
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind separator = +
workgroup=MY_DOM
server string = Samba Server on myhost
log level = 1
printcap name = /etc/printcap
load printers = yes
guest account=ftp
log file = /var/log/samba/%m.log
security = domain
password server = pdc1host pdc2host pdc3host
encrypt passwords = yes
interfaces = (my ip)/24
domain master = no
wins support = no
wins server = (ip address of wins server)
dns proxy = no
[print$]
path = /usr/local/samba/printers
browseable = yes
read only = yes
write list = "MY_DOM+user1, MY_DOM+user2"
[printers]
comment = All Printers
path = /var/spool/samba
print command = /usr/bin/lpr -r -P%p %s
printable = yes
queuepause command = /usr/sbin/lpc stop %p
queueresume command = /usr/sbin/lpc start %p
printer admin = "MY_DOM+user1, MY_DOM+user2"
and...
# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[print$]"
Processing section "[printers]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Press enter to see a dump of your service definitions
Thank you.
