[Samba] problems with print$

Chuck Theobald chuckt at darkwing.uoregon.edu
Wed Dec 8 00:11:44 GMT 2004 

Hi All,


I finally signed up for the list after years of using Samba successfully - 
a testament to the quality of Samba.  Yet now I have a problem with the 
point-and-print functionality.  I am able to authenticate against my server 
(Solaris 8, Samba 3.0.7, OpenLDAP 2.1.25) as user 'chuck' in my LDAP 
directory and browse the shares, but when I right-click on the printer and 
select Properties (on WinXP), I get a dialog:

Printer properties cannot be displayed. Access is denied.

And no properties dialog is shown.  I googled the above message and found 
exactly one reference, the advice of which I followed (chmod 1777 
/var/spool/samba), to no avail.  A bit of background information:

mansfield{79}# pwd
/usr/local/samba
mansfield{80}# bin/testparm
Load smb config files from /usr/local/samba/lib/smb.conf
Processing section "[printers]"
Processing section "[print$]"
Processing section "[homes]"
Processing section "[netlogon]"
Processing section "[profiles]"
Processing section "[htdocs]"
Processing section "[data]"
Loaded services file OK.
Server role: ROLE_DOMAIN_PDC
Press enter to see a dump of your service definitions

# Global parameters
[global]
         workgroup = LCNI-MAN
         server string = Mansfield Server
         passdb backend = ldapsam:ldap://mansfield.uoregon.edu
         password level = 8
         username level = 8
         log level = 2 winbind:10
         log file = /var/adm/samba/smblog.%m
         max log size = 500
         add user script = /usr/local/samba/sbin/smbldap-useradd -m "%u"
         delete user script = /usr/local/samba/sbin/smbldap-userdel "%u"
         add group script = /usr/local/samba/sbin/smbldap-groupadd -p "%g"
         delete group script = /usr/local/samba/sbin/smbldap-groupdel "%g"
         add user to group script = /usr/local/samba/sbin/smbldap-groupmod 
-m "%u" "%g"
         delete user from group script = 
/usr/local/samba/sbin/smbldap-groupmod -x "%u" "%g"
         set primary group script = /usr/local/samba/sbin/smbldap-usermod 
-g "%g" "%u"
         add machine script = /usr/local/samba/sbin/smbldap-useradd -w "%u"
         domain logons = Yes
         os level = 33
         preferred master = Yes
         domain master = Yes
         dns proxy = No
         ldap admin dn = cn=smbadmin,ou=people,dc=lcni,dc=uoregon,dc=edu
         ldap delete dn = Yes
         ldap group suffix = ou=group
         ldap machine suffix = ou=people
         ldap passwd sync = Yes
         ldap suffix = dc=lcni,dc=uoregon,dc=edu
         ldap ssl = start tls
         ldap user suffix = ou=people
         printer admin = @sysadmin, chuck, root, LCNI-MAN\chuck
         printing = bsd
         print command = /usr/ucb/lpr -r -P'%p' %s
         lpq command = /usr/ucb/lpq -P'%p'
         lprm command = /usr/ucb/lprm -P'%p' %j

[printers]
         path = /var/spool/samba
         printable = Yes
         browseable = No

[print$]
         comment = Print Driver Area
         path = /usr/local/samba/lib/printers
         write list = @sysadmin, chuck, root, LCNI-MAN\chuck
         browseable = No

[homes]
         comment = Home Directories
         read only = No
         browseable = No

[netlogon]
         comment = Domain Logon
         path = /usr/local/samba/lib/netlogon
         browseable = No

[profiles]
         comment = Roaming Profiles
         path = /var/lib/samba/profiles
         read only = No
         create mask = 0600
         directory mask = 0700

[htdocs]
         comment = Web Server Files
         path = /var/www/htdocs
         read only = No

[data]
         comment = Basic Data Storage
         path = /data
         read only = No
mansfield{81}# ls -l /var/spool
total 14
drwxr-xr-x   4 root     sys          512 Oct  8  2003 cron
drwxr-xr-x   2 uucp     uucp         512 Nov 29 17:51 locks
drwxrwxr-x   7 lp       lp           512 Dec  6 16:20 lp
drwxr-x---   2 root     bin          512 Dec  7 15:55 mqueue
drwxrwxrwt   4 root     bin          512 Oct  9  2003 pkg
drwxr-xr-x   2 root     lp           512 Oct  8  2003 print
drwxrwxrwt   2 root     other        512 Dec  7 10:38 samba
mansfield{83}# ls -ld /usr/local/samba/lib/printers
drwxrwxr-x   4 root     sysadmin     512 Dec  7 14:42 
/usr/local/samba/lib/printers
mansfield{84}#

The sysadmin group is a native posix group on my server (not just an LDAP 
group), and chuck is listed as a user in /etc/group.  I am trying to work 
from chapter 17 of the Samba-3 HOW-TO, but so far little joy except that of 
knowing I am not dealing with M$AD.

I will try the above with a native Unix user and see how that goes.  Any 
advice on doing this with an LPAP user would be appreciated.

Thanks,

Chuck Theobald
System Administrator
The Robert and Beverly Lewis Center for Neuroimaging
University of Oregon
P: 541-346-0343
F: 541-346-0345

More information about the samba mailing list