[Samba] cups printing and user names from trusted domains

Wolfgang Ratzka ratzka at HRZ.Uni-Marburg.DE
Fri Mar 7 17:12:54 GMT 2003


-----BEGIN PGP SIGNED MESSAGE-----

Im currently running some tests for a samba/CUPS based print server.
The print server is a member of an NT domain and uses winbind to import
NT domain users. Users accessing the print server will be not from the
same domain but from trusted domains.
Everything basically seems to work, once you use sufficiently new
versions of cups and samba. (I'm on Debian woody, so I needed to get
the 2.2.7a debs from samba.org, and cupsys-* 1.1.18-2 from Debian
unstable to get a version of cupsaddsmb that actually works.)

One remaining problem is that the print jobs show up in the CUPS queue as
owned by "user" instead of "domain\user". Moreover, print jobs submitted by
"domain1\user1" can be deleted by another user "domain2\user1" who has the same
user name in a different trusted domain.

Am I doing something wrong? I remember vaguely, that during the first stage
of my experiments (maybe with an older version of the cupsys packages), some
printjobs showed up with a qualified name "domain\user".

Kind regards,
Wolfgang Ratzka

- --------------------------------smb.conf-----------------------------------
[global]

~   workgroup = MYDOMAIN
~   server string = %h print server running samba %v
~   load printers = yes
~   printcap name = cups
~   printing = cups

~   printer admin = @MYDOMAIN\Druck-Admins
~   admin users = @MYDOMAIN\Druck-Admins

~   guest account = nobody
~   log file = /var/log/samba/log.%m
~   max log size = 1000

~   syslog = 0

~   security = domain
~   password server = *
~   encrypt passwords = true

~   socket options = TCP_NODELAY
~   wins server = <edited out>
~   dns proxy = no

~   passwd program = /usr/bin/passwd %u
~   passwd chat = *Enter\snew\sUNIX\spassword:* %n\n
*Retype\snew\sUNIX\spassword:* %n\n .
~   obey pam restrictions = yes

~   winbind uid = 10000-60000
~   winbind gid = 10000-60000

~   character set = ISO8859-1
~   client code page = 850

[printers]
~   comment = All Printers
~   browseable = yes
~   path = /tmp
~   printable = yes
~   public = no
~   writable = no
~   create mode = 0700
~   printer admin = @MYDOMAIN\Druck-Admins

[print$]
~   comment = Printer Drivers
~   path = /var/lib/samba/drivers
~   browseable = yes
~   guest ok = no
~   read only = yes
~   write list = @MYDOMAIN\Druck-Admins
~   create mask = 0755
~   directory mask = 0755

- --
Wolfgang Ratzka  Phone: +49 6421 2823531  FAX: +49 6421 2826994
Uni Marburg,  HRZ, Hans-Meerwein-Str., D-35032 Marburg, Germany
~          http://www.uni-marburg.de/hrz/mitarbeiter/ratzka.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBPmjTFRwiO5rz0xULAQHiZwf9HH6OcbQHGF9kUnveS+JEDIauoBYQeBb0
bMgOe60CnKzhKt0+aRHVdBaK2hzQ+x66NdtmW3nPmmSvChqCzeY/plMcFPnxFN02
PA8h1ycD9dfAjVoMLr/+XZkTvpEKz5tXlZFg5WuSreBMYfA+MNZ11VXvLk2W6Y9N
O9ReJFbZNJzvKrjOKNUODzsfMIljzBzvRGDgKotrnXZM5ytlIkofWKnfKmmYU58i
sdBZRrSBjn/x5CHDOdC2i8Tv/uRTFW1CDJCxb1ow6DKSue2rrrjTKhQZlyLqVBEO
yQD+X/LqAsrnXkC8GhWOBeHZb28f4CcgGMAmmf/N6lmbgMjRua3SSg==
=NLPa
-----END PGP SIGNATURE-----



More information about the samba mailing list