[Samba] A working CUPS authentication now fails without change anything...
Andrey Repin
anrdaemon at yandex.ru
Mon May 4 10:50:49 MDT 2015
Greetings, Daniel Carrasco Marín!
>>> Just a moments ago i've sent a message to other user saying that I've a
>>> working server with CUPS authentication using AD groups. Well, that
>>> authentication is not working anymore and i've not changed anything...
>>>
>>> The thursday I was configuring the server to allow the management of cups
>>> with AD groups and was working perfect. After that i've added some printer
>>> alias to samba configuration and I've disabled the "load printers" option
>>> to hide the real name.
>>> Today i've tried to enter to CUPS to change the default paper size on
>>> printers but it failed (local account works). I've not changed any
>>> configuration in domain or member smb.cfg files (at least in general),
>>> then
>>> I don't know where is the problem...
>>>
>>> My smb.conf looks:
>>> [global]
>>> workgroup = Domain
>>> security = ADS
>>> realm = DOMAIN.RED
>>> dedicated keytab file = /etc/krb5.keytab
>>> kerberos method = secrets and keytab
>>> encrypt passwords = yes
>>>
>>> idmap config *:backend = tdb
>>> idmap config *:range = 10000-20000000
>>> idmap config DOMAIN:backend = ad
>>> idmap config DOMAIN:schema_mode = rfc2307
>>> idmap config DOMAIN:range = 10000-20000000
>>>
>>
>> It might help if you didn't use the same range for '*' and 'DOMAIN'
> Changed to:
> idmap config *:backend = tdb
> idmap config *:range = 40000-70000
> idmap config ND:backend = ad
> idmap config ND:schema_mode = rfc2307
> idmap config ND:range = 10000-30000
> rebooted and same problem. I've to clear any cache or something?
Check the actual syslog. And show CUPS configuration too.
May be CUPS is blocked by apparmor and unable to read necessary files (i.e.
KDC tickets).
--
With best regards,
Andrey Repin
Monday, May 4, 2015 19:49:20
Sorry for my terrible english...
More information about the samba
mailing list