[Samba] problems with print$
Chuck Theobald
chuckt at darkwing.uoregon.edu
Wed Dec 8 19:58:52 GMT 2004
Further information on this issue includes output from my smblog file:
[2004/12/08 11:48:13, 2] passdb/pdb_ldap.c:init_sam_from_ldap(485)
init_sam_from_ldap: Entry found for user: chuck
[2004/12/08 11:48:13, 2] passdb/pdb_ldap.c:init_ldap_from_sam(864)
init_ldap_from_sam: Setting entry for user: chuck
[2004/12/08 11:48:13, 2] auth/auth.c:check_ntlm_password(312)
check_ntlm_password: Authentication for user [chuck] -> [chuck] FAILED
with error NT_STATUS_WRONG_PASSWORD
[2004/12/08 11:48:22, 2] smbd/server.c:exit_server(571)
Closing connections
This is repeated ten times for each attempt to display the printer
properties dialog. I am able to see all other shares from the server, thus
my NT and LM passwords are correct, so why the refusal?
See below for permissions I have set for the print spool and print driver
directories.
Thanks,
Chuck
At 04:11 PM 12/7/2004, Chuck Theobald wrote:
>Hi All,
>
>
>I finally signed up for the list after years of using Samba successfully -
>a testament to the quality of Samba. Yet now I have a problem with the
>point-and-print functionality. I am able to authenticate against my
>server (Solaris 8, Samba 3.0.7, OpenLDAP 2.1.25) as user 'chuck' in my
>LDAP directory and browse the shares, but when I right-click on the
>printer and select Properties (on WinXP), I get a dialog:
>
>Printer properties cannot be displayed. Access is denied.
>
>And no properties dialog is shown. I googled the above message and found
>exactly one reference, the advice of which I followed (chmod 1777
>/var/spool/samba), to no avail. A bit of background information:
>
>mansfield{79}# pwd
>/usr/local/samba
>mansfield{80}# bin/testparm
>Load smb config files from /usr/local/samba/lib/smb.conf
>Processing section "[printers]"
>Processing section "[print$]"
>Processing section "[homes]"
>Processing section "[netlogon]"
>Processing section "[profiles]"
>Processing section "[htdocs]"
>Processing section "[data]"
>Loaded services file OK.
>Server role: ROLE_DOMAIN_PDC
>Press enter to see a dump of your service definitions
>
># Global parameters
>[global]
> workgroup = LCNI-MAN
> server string = Mansfield Server
> passdb backend = ldapsam:ldap://mansfield.uoregon.edu
> password level = 8
> username level = 8
> log level = 2 winbind:10
> log file = /var/adm/samba/smblog.%m
> max log size = 500
> add user script = /usr/local/samba/sbin/smbldap-useradd -m "%u"
> delete user script = /usr/local/samba/sbin/smbldap-userdel "%u"
> add group script = /usr/local/samba/sbin/smbldap-groupadd -p "%g"
> delete group script = /usr/local/samba/sbin/smbldap-groupdel "%g"
> add user to group script = /usr/local/samba/sbin/smbldap-groupmod
> -m "%u" "%g"
> delete user from group script =
> /usr/local/samba/sbin/smbldap-groupmod -x "%u" "%g"
> set primary group script = /usr/local/samba/sbin/smbldap-usermod
> -g "%g" "%u"
> add machine script = /usr/local/samba/sbin/smbldap-useradd -w "%u"
> domain logons = Yes
> os level = 33
> preferred master = Yes
> domain master = Yes
> dns proxy = No
> ldap admin dn = cn=smbadmin,ou=people,dc=lcni,dc=uoregon,dc=edu
> ldap delete dn = Yes
> ldap group suffix = ou=group
> ldap machine suffix = ou=people
> ldap passwd sync = Yes
> ldap suffix = dc=lcni,dc=uoregon,dc=edu
> ldap ssl = start tls
> ldap user suffix = ou=people
> printer admin = @sysadmin, chuck, root, LCNI-MAN\chuck
> printing = bsd
> print command = /usr/ucb/lpr -r -P'%p' %s
> lpq command = /usr/ucb/lpq -P'%p'
> lprm command = /usr/ucb/lprm -P'%p' %j
>
>[printers]
> path = /var/spool/samba
> printable = Yes
> browseable = No
>
>[print$]
> comment = Print Driver Area
> path = /usr/local/samba/lib/printers
> write list = @sysadmin, chuck, root, LCNI-MAN\chuck
> browseable = No
>
>[homes]
> comment = Home Directories
> read only = No
> browseable = No
>
>[netlogon]
> comment = Domain Logon
> path = /usr/local/samba/lib/netlogon
> browseable = No
>
>[profiles]
> comment = Roaming Profiles
> path = /var/lib/samba/profiles
> read only = No
> create mask = 0600
> directory mask = 0700
>
>[htdocs]
> comment = Web Server Files
> path = /var/www/htdocs
> read only = No
>
>[data]
> comment = Basic Data Storage
> path = /data
> read only = No
>mansfield{81}# ls -l /var/spool
>total 14
>drwxr-xr-x 4 root sys 512 Oct 8 2003 cron
>drwxr-xr-x 2 uucp uucp 512 Nov 29 17:51 locks
>drwxrwxr-x 7 lp lp 512 Dec 6 16:20 lp
>drwxr-x--- 2 root bin 512 Dec 7 15:55 mqueue
>drwxrwxrwt 4 root bin 512 Oct 9 2003 pkg
>drwxr-xr-x 2 root lp 512 Oct 8 2003 print
>drwxrwxrwt 2 root other 512 Dec 7 10:38 samba
>mansfield{83}# ls -ld /usr/local/samba/lib/printers
>drwxrwxr-x 4 root sysadmin 512 Dec 7 14:42
>/usr/local/samba/lib/printers
>mansfield{84}#
>
>The sysadmin group is a native posix group on my server (not just an LDAP
>group), and chuck is listed as a user in /etc/group. I am trying to work
>from chapter 17 of the Samba-3 HOW-TO, but so far little joy except that
>of knowing I am not dealing with M$AD.
>
>I will try the above with a native Unix user and see how that goes. Any
>advice on doing this with an LPAP user would be appreciated.
>
>Thanks,
>
>Chuck Theobald
>System Administrator
>The Robert and Beverly Lewis Center for Neuroimaging
>University of Oregon
>P: 541-346-0343
>F: 541-346-0345
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: http://lists.samba.org/mailman/listinfo/samba
Chuck Theobald
System Administrator
The Robert and Beverly Lewis Center for Neuroimaging
University of Oregon
P: 541-346-0343
F: 541-346-0345
More information about the samba
mailing list