[Samba] Cups printing, domain group error, getting closer...
John H Terpstra
jht at samba.org
Wed Nov 5 07:04:21 GMT 2003
On Tue, 4 Nov 2003, Douglas Phillipson wrote:
> After realizing my CUPS printername in /etc/cups/cupsd.conf must be the
> same as my samba printer sharename (I don't think it says that anywhere
> in any HOWTO, correct me if I'm wrong though) I am now getting to the
> printer resource but...
Well, yes! If you create a service entry (its not a share!) in your
smb.conf file.
But I hope you realize that this is NOT necessary. CUPS will directly
export its printers via Samba. Why make life more difficult than it needs
to be?
>
> Using Samba 3.0.1 and attempting to connect to a samba cups printer with
> Win2000 I am getting the following samba error:
>
>
> Returning domain sid for domain TESTDOM ->
> S-1-5-21-4236639219-957987792-2344320348
> [2003/11/04 21:48:54, 2] rpc_server/srv_samr_nt.c:_samr_lookup_domain(2537)
> Returning domain sid for domain TESTDOM ->
> S-1-5-21-4236639219-957987792-2344320348
> [2003/11/04 21:48:54, 0] rpc_server/srv_util.c:get_domain_user_groups(371)
> get_domain_user_groups: primary gid of user [douglas] is not a Domain
> group !
> get_domain_user_groups: You should fix it, NT doesn't like that
>
>
> The DC is a samba machine and I am running winbind on it. Do I need to
> create a domain group through samba or something?
Yes! If you are using samba-3.0.x. The primary group of a domain user
needs to be a domain group. Set it using the net command:
net groupmap modify ntgroup="Domain Users" unixgroup=users
assuming that the primary group of your UNIX users is called "users".
- John T.
>
> Thanks
>
> DSP
>
> SMB.conf:
>
> [global]
>
> workgroup = TESTDOM
> netbios name = blue
> security = user
> server string = Samba Server
> winbind separator = +
> idmap uid = 10000-20000
> winbind gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> printcap name = /etc/printcap
> load printers = yes
>
> log file = /var/log/samba.log
> log level = 2
> max log size = 50000
> add machine script = /usr/sbin/useradd -n -g machines -c
> Machine -d /dev/null -s /bin/false %u
> add user script = /usr/sbin/useradd %u
>
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>
> local master = Yes
> os level = 65
> domain master = yes
> preferred master = yes
> domain logons = yes
> admin users = root
> csc policy = disable
> logon script = logon.bat
> logon path = \\%L\profiles\%U
> logon drive = H:
> printer admin = root
> printing = cups
> printcap name = cups
> username map = /etc/maps
>
> [netlogon]
> comment = Network Logon Service
> path = /home/netlogon
> guest ok = yes
> writable = no
> create mask = 0600
> directory mask = 0700
> ; share modes = no
>
>
> # Un-comment the following to provide a specific roving profile share
> # the default is to use the user's home directory
> [profiles]
> path = /home/profiles
> browseable = no
> guest ok = no
> create mask = 0600
> directory mask = 0700
> writable = yes
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> browseable = yes
> # Set public = yes to allow user 'guest account' to print
> guest ok = yes
> writable = yes
> public = yes
> printable = yes
> printer admin = root, douglas
>
> [hp7xxx]
> comment = Printer with Restricted Access
> path = /var/spool/samba_my_printer
> printer admin = root, douglas
> browseable = yes
> printable = yes
> writeable = yes
> guest ok = yes
>
>
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list