[Samba] access denied to printer auf change of dns-domain
Olav Rogall
olav.rogall at web.de
Tue Apr 25 18:49:35 GMT 2006
Guten Tag Samba-List,
I'm running here a self-compiled samba 2.2.12 on an old suse 8.0
server as a domain controller with w2ksp2- and sp4-clients.
The server also services cups, squid, postfix, bind etc.
Everything works fine fopr year's.
Last week i've changed the dns-system in my private network from
*.privatnet to *.bla.dyndns.org.
After the dns-change some accesses to my printer (hp photosmart 1000
, raw-printing with cups on the same machine) didn't work. If I open
the printer-dialog on w2k (Start/settings/printers), the status of the
printer is reported as "ready to service print-jobs", but if I try
to acccess the printer-properties, I receive the "famous"
error-message "error at adress 0x6062c92f code 0xc0000005 - some
property-pages could not be displayed"
This error is on all w2k-machines on the network, and for domain
users and domain admins.
After raising the smb-loglevel, I see this in my logfile, but it
doesn't tell me anything (the marked line is interesting):
[2006/04/25 20:03:35, 3] smbd/ipc.c:reply_trans(520)
trans <\PIPE\> data=182 params=0 setup=2
[2006/04/25 20:03:35, 3] smbd/ipc.c:named_pipe(334)
named pipe command on <> name
[2006/04/25 20:03:35, 3] smbd/ipc.c:api_fd_reply(296)
Got API command 0x26 on pipe "spoolss" (pnum 7546)free_pipe_context: destroying talloc pool of size 0
[2006/04/25 20:03:35, 3] rpc_server/srv_pipe.c:api_pipe_request(1183)
Doing \PIPE\spoolss
[2006/04/25 20:03:35, 3] rpc_server/srv_pipe.c:api_rpcTNP(1215)
api_rpcTNP: pipe 30022 rpc command: SPOOLSS_OPENPRINTEREX
checking name: \\potenzia\HP
[2006/04/25 20:03:35, 3] rpc_server/srv_spoolss_nt.c:set_printer_hnd_printertype(394)
Setting printer type=\\potenzia\HP
[2006/04/25 20:03:35, 3] lib/util_seaccess.c:se_access_check(269)
se_access_check: user sid is S-1-5-21-1655514155-2700837326-2153537488-2000
[2006/04/25 20:03:35, 3] lib/util_seaccess.c:se_access_check(273)
se_access_check: also S-1-5-21-1655514155-2700837326-2153537488-2003
[2006/04/25 20:03:35, 3] lib/util_seaccess.c:se_access_check(273)
se_access_check: also S-1-5-21-1655514155-2700837326-2153537488-1201
[2006/04/25 20:03:35, 3] lib/util_seaccess.c:se_access_check(273)
se_access_check: also S-1-1-0
[2006/04/25 20:03:35, 3] lib/util_seaccess.c:se_access_check(273)
se_access_check: also S-1-5-2
[2006/04/25 20:03:35, 3] lib/util_seaccess.c:se_access_check(273)
se_access_check: also S-1-5-11
> [2006/04/25 20:03:35, 3] rpc_server/srv_spoolss_nt.c:_spoolss_open_printer_ex(1181)
> access DENIED for printer open
[2006/04/25 20:03:35, 3] rpc_server/srv_lsa_hnd.c:close_policy_hnd(197)
Closed policy
[2006/04/25 20:03:35, 3] rpc_server/srv_pipe_hnd.c:free_pipe_context(444)
free_pipe_context: destroying talloc pool of size 60
Deleting and re-installing the printer over the network-neighborhood
was without success.
Asking mother Google ;-) for errcode 0x6062.... I read the I should
set "default devmode = no" in the printer-share-definition in my
smb.conf. This also didn't solve my printer-problem.
Has anybody here an idea, how I could re-get access to my printer?
Here's my smb.conf:
[global]
encrypt passwords = yes
guest account = Nobody
interfaces = 192.168.10.100/255.255.255.0
local master = yes
log file = /var/log/samba/%m
log level = 3
map to guest = Bad User
os level = 65
protocol = NT1
security = user
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192
time server = yes
username map = /etc/samba/smbusers
veto files = /*.eml/*.nws/*.{*}/
wins support = no
workgroup = wuerggrub
#
# Drucker-Ansteuerung
#
print command = /usr/bin/lp -d%p -oraw %s; rm %s
printing = cups
printcap name = /etc/printcap
load printers = yes
#
# Zeichensaetze und Names-Konventionen
#
case sensitive = no
character set = ISO8859-15
client code page = 850
default case = lower
mangle case = yes
mangled names = yes
preserve case = yes
short preserve case = yes
#
# PDC-Stuff
#
add user script = /usr/sbin/useradd -d /dev/null -g smbpc -c 'Maschinenkonto' -s /bin/false -M %m$
domain admin group = domadmin @domadmin
domain logons = Yes
domain master = Yes
logon drive = H:
logon home = \\%L\%U
logon path = \\%L\Profiles\%m-%U
logon script = %U.cmd
logon script = %m.cmd
preferred master = Yes
time server = Yes
#
# Share Definitionen
#
[homes]
browseable = Yes
comment = Eigene Dateien (Netzwerk)
create mask = 0600
directory mask = 0700
hide dot files = yes
public = no
writeable = yes
[netlogon]
admin users = domadmin @domadmin
comment = Network Logon Service
path = /server/netlogon
read only = no
writeable = yes
[Profiles]
admin users = domadmin @domadmin
browseable = No
comment = Network Profiles Service
create mode = 0600
directory mode = 0700
nt acl support = yes
path = /server/Profiles
read only = no
writeable = yes
[user]
admin users = domadmin @domadmin
browseable = yes
comment = Das User-Volumen
create mask = 0666
directory mask = 0777
nt acl support = yes
path = /server/freigaben/user
public = no
writeable = yes
[HP]
browseable = yes
comment = HP PhotoSmart P1000
create mask = 0777
default devmode = no
path = /tmp
printable = yes
printer name = lp
public = no
writeable = yes
--
MfG...
...Olav
FidoNet 2:240/5138
More information about the samba
mailing list