Win10 with SMB2_10 or SMB3_11 and problems with 'print command'
Thomas Bork
tombork at web.de
Sun Jul 17 21:28:07 UTC 2016
Am 04.07.2016 um 23:38 schrieb ich:
[...]
> Win10:
> ------
> Ausgehandeltes Protokoll-Level (%R) = NT1
> Vom Client angeforderter Benutzername (%U) = hans-georg kiefer
> Name des effektiven Benutzers (%u) = tanne
>
> Ausgehandeltes Protokoll-Level (%R) = SMB2_10
> Vom Client angeforderter Benutzername (%U) = hans-georg kiefer
> Name des effektiven Benutzers (%u) = nobody
>
> Ausgehandeltes Protokoll-Level (%R) = SMB3_11
> Vom Client angeforderter Benutzername (%U) = hans-georg kiefer
> Name des effektiven Benutzers (%u) = nobody
[...]
> Does anybody know if this a problem in Win10 or in samba?
Can anybody reproduce this?
In the meantime we found out, that the misbehavior (effective user is
nobody and not the correct linux user) only take place, if Windows 10 is
not part of an domain.
If the same client is part of an domain (and even if it is not logged on
to the domain), the effective user is the correct linux user:
Ausgehandeltes Protokoll-Level (%R) = SMB3_11
Vom Client angeforderter Benutzername (%U) = hans-georg kiefer
Name des effektiven Benutzers (%u) = tanne
See also:
http://forum.nettworks.org/index.php?t=msg&th=7327&goto=49206&#msg_49206
http://forum.nettworks.org/index.php?t=msg&th=7327&start=0&
http://forum.nettworks.org/index.php?t=msg&th=7327&prevloaded=1&&start=40
My last test was with samba 4.3.11. This is the smb.conf:
[global]
dos charset = CP850
unix charset = UTF-8
workgroup = TESTDOM
serverstring =
interfaces = 127.0.0.1/8 192.168.0.12/255.255.255.0
bind interfaces only = yes
hosts allow = 127.0.0. 192.168.0.0/255.255.255.0
security = user
password server =
passwd program = /usr/bin/passwd %u
passwd chat = *New*Password:* %n\n *Retype*new*password:* %n\n
*password*updated*
username map = /etc/user.map
username level = 2
unix password sync = yes
debug level = 0
max log size = 10000
nameresolveorder = lmhosts host wins bcast
time server = yes
deadtime = 60
printing = lprng
printcap name = /etc/printcap
printcap cache time = 0
load printers = no
mangling method = hash2
domain logons = no
add user script = /usr/sbin/useradd -m '%u' -c '%u'
add machine script =
delete user script =
add group script = /var/install/bin/add-group '%g'
delete group script = /var/install/bin/remove-group '%g'
add user to group script = /usr/sbin/usermod -G '%g' '%u'
delete user from group script = /usr/sbin/userdel '%g' '%u'
set primary group script = /var/install/bin/modify-user -g '%u' '%g'
os level = 0
preferred master = no
local master = no
domain master = no
wins support = no
wins hook =
wins server =
wins proxy = no
kernel oplocks = no
utmp = yes
message command = /var/install/bin/samba-netbios-mail '%f' '%s'
admin users = root
use sendfile = yes
unix extensions = no
wide links = yes
enable core files = no
max mux = 10000
dos filemode = yes
acl group control = yes
force unknown acl user = yes
inherit acls = yes
map acl inherit = yes
map hidden = no
map system = no
map archive = no
map read only = no
store dos attributes = yes
ea support = yes
oplocks = no
level2 oplocks = no
blocking locks = no
hide files = /desktop.ini/Thumbs.db/
dos filemode = yes
passdb backend = tdbsam
lanman auth = yes
client lanman auth = yes
client plaintext auth = yes
client ntlmv2 auth = no
require strong key = no
allow nt4 crypto = yes
min receivefile size = 16384
aio read size = 16384
aio write size = 16384
acl allow execute always = yes
print notify backchannel = no
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
[homes]
comment = home directory on testeis
writeable = yes
create mode = 0600
force create mode = 0600
directory mode= 0700
force directory mode= 0700
browseable = no
valid users = %S root
[all]
comment = root directory on testeis
read only = no
browseable = no
path = /
dont descend = proc,sys,dev
valid users = root
create mode = 0700
force create mode = 0700
directory mode= 0700
force directory mode= 0700
[public]
comment = public directory on testeis
path = /public
force create mode = 0777
force directory mode= 0777
browseable = yes
writeable = yes
[pr1]
comment = local parallel printer pr1 on %h
printing = lprng
print command = chmod 666 "%s"; jobname=`echo "%J" | sed "s/^.*- //"`;
if [ -z "$jobname" ]; then jobname="%s"; fi;
/var/install/bin/lprng-print "%p" "%s" "%U" "%m" "%L" "%I" "%a" "$jobname"
lpq command = /usr/bin/lpq -P%p -L
lprm command = /usr/bin/lprm -P%p %j
lppause command = /usr/sbin/lpc hold %p %j
lpresume command = /usr/sbin/lpc release %p %j
queuepause command = /usr/sbin/lpc stop %p
queueresume command = /usr/sbin/lpc start %p
printable = yes
use client driver = yes
browseable = yes
create mode = 0700
path = /var/spool/samba
[pdf]
comment = pdf-service on %h
printing = bsd
use client driver = yes
browseable = yes
printable = yes
path = /var/spool/samba
lpq command = /var/install/bin/samba-print-pdf status
print command = ( /var/install/bin/samba-smbinfo-pdf
"T=%T|d=%d|v=%v|h=%h|L=%L|N=%N|p=%p|R=%R|S=%S|P=%P|U=%U|G=%G|u=%u|g=%g|H=%H|I=%I|M=%M|m=%m|a=%a"
) &
create mode = 0700
[print$]
comment = samba printer drivers on %h
browseable = yes
writeable = no
path = /samba_printer_drivers
write list = root
The user map file /etc/user.map:
root = "Administrator"
tanne = "Hans-Georg Kiefer"
--
der tom
More information about the samba-technical
mailing list