Mandrake 10.0 LDAP PDC with ldapauth.
Server is a member of the PDC but not using winbind since we have
ldapauth. Basically this just means that I used:
net rpc join -U Administrator%PASSWORD
I've been going by the HOWTOs and books from the beginning. I even have
the Samba HOWTO Guide and Reference in dead tree format.
Today I tried using a simple setup from this site:
http://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/CUPS-printing.html#id2562223
This is the cupsaddsmb deal where you get the postscript drivers from
the cups site and then install them using cupsaddsmb. I've had the same
problems mentioned here with other printing setups I've tried. Most
notably, vanilla printing with no special handleing or features.
Of course, cupsaddsmb would not work and the verbose mode gave little
indication as to why other than the following:
Running command: smbclient //enigma/print\$ -N
-U'Administrator%XXXXXXXXXXX' -c 'mkdir W32X86;put
/root/tmp/4115b28cb66f0 W32X86/LinLexZ53.ppd;put
/usr/share/cups/drivers/cupsdrv5.dll W32X86/cupsdrv5.dll;put
/usr/share/cups/drivers/cupsui5.dll W32X86/cupsui5.dll;put
/usr/share/cups/drivers/cups5.hlp W32X86/cups5.hlp'
Domain=[J9STARR] OS=[Unix] Server=[Samba 3.0.5pre1]
tree connect failed: NT_STATUS_BAD_NETWORK_NAME
This should not be the case because my setup is identical to that
mentioned in the howto (sans compensation for my distro). Now it is
true that my server doesn't use winbind to join the domain. This should
not be required with ldapauth right on the server box, though should it?
Anyway, I took the commands above and tried to reverse engineer them for
use on the command line. This seemed to get the job done. Now I have:
> [root@enigma W32X86]# pwd;ls
> /var/lib/samba/printers/W32X86
> cups5.hlp* cupsdrv5.dll* cupsui5.dll* LinLexZ53.ppd*
Right now I have the /var/lib/samba/printers directory and all
subdirectories and files chmod'd to 766 to eliminate any possibility of
an underlying file system access problem. The same on /var/spool/samba.
[root@enigma root]# ls -l /var/spool | grep samba; ls -l /var/lib/samba
| grep printers
drwxrwxrwt 2 root Domain Users 4096 Aug 6 23:18 samba/
drwxrw-rw- 7 root Domain Admins 4096 Jul 30 00:15 printers/
The end result was this: As a Domain Admin, I can browse to the
printer. I can see stuff in the queue that has been printed from Linux
but I cannot add the printer or print to it in anyway from the client
machine. I note that when I browse to My Network Places->Entire
Network->Microsoft Windows Network->J9STARR->Enigma->Printers and
Faxes,
I can right click on the icon and click "No" when it first prompts for
a
printer driver (as instructed by the HOWTO) and then select the
"Advanced tab". All according to instructions in the HOWTO.... *BUT*
the "Driver:" drop down list box is not accessible and the "New
Driver"
button is disabled.
Here is my current testparm output. Note that I've grep -v'ed out a lot
of redundant recycle bin crap and that no errors are reported.
P.S.> I'm going to re-read the troubleshooting section before bed for
ideas.
# Global parameters
[global]
unix charset = LOCALE
workgroup = J9STARR
interfaces = eth0, lo
bind interfaces only = Yes
passdb backend = ldapsam:ldap://localhost
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
smb ports = 139 445
name resolve order = wins bcast hosts
time server = Yes
show add printer wizard = No
add user script = /usr/share/samba/scripts/smbldap-useradd.pl -a -m
'%u'
delete user script = /usr/share/samba/scripts/smbldap-userdel.pl %u
add group script = /usr/share/samba/scripts/smbldap-groupadd.pl -p
'%g'
delete group script = /usr/share/samba/scripts/smbldap-groupdel.pl
'%g'
add user to group script = /usr/share/samba/scripts/smbldap-groupmod.pl
-m '%u' '%g'
delete user from group script /usr/share/samba/scripts/smbldap-groupmod.pl
-x '%u' '%g'
set primary group script = /usr/share/samba/scripts/smbldap-usermod.pl
-g '%g' '%u'
add machine script = /usr/share/samba/scripts/smbldap-useradd.pl -w
'%u'
logon script = logon.bat
logon path = \\%L\profiles\%U
logon drive = Z:
logon home = \\%L\%U\profiles
domain logons = Yes
preferred master = Yes
wins support = Yes
ldap suffix = dc=j9starr,dc=net
ldap machine suffix = ou=People
ldap user suffix = ou=People
ldap group suffix = ou=Group
ldap idmap suffix = ou=Idmap
ldap admin dn = cn=root,dc=j9starr,dc=net
ldap ssl = no
idmap backend = ldap:ldap://localhost
idmap uid = 10000-20000
idmap gid = 10000-20000
printer admin = '@Domain Admins', Administrator, root
map acl inherit = Yes
print command = lpr-cups -P %p %s
[apps]
comment = Application Files
path = /mnt/apps
read only = No
[netlogon]
comment = Network Logon Service
path = /var/lib/samba/netlogon
guest ok = Yes
browseable = No
locking = No
[profiles]
comment = Profile Share
path = /var/lib/samba/profiles
read only = No
profile acls = Yes
browseable = No
root preexec = PROFILE=/var/lib/samba/profiles/%u; if [ ! -e
$PROFILE ]; then mkdir -pm700 $PROFILE; chown
"%u"."%g" $PROFILE; fi
root postexec = /bin/su -c "/usr/local/bin/dl
/var/lib/samba/profiles/%u/Desktop/*[^.lnk]" %u
[homes]
comment = Home Directories
valid users = %S
read only = No
hide special files = Yes
browseable = No
[public]
path = /home/storeage
read only = No
guest only = Yes
guest ok = Yes
[printers]
comment = All Printers
path = /var/spool/samba
guest ok = Yes
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /etc/samba/drivers
write list = root, '@Domain Admins'
Jim C.
--
-----------------------------------------------------------------
| I can be reached on the following Instant Messenger services: |
|---------------------------------------------------------------|
| MSN: j_c_llings@hotmail.com AIM: WyteLi0n ICQ: 123291844 |
|---------------------------------------------------------------|
| Y!: j_c_llings Jabber: jcllings@njs.netlab.cz |
-----------------------------------------------------------------