[Samba] unable to upload printer driver
L.P.H. van Belle
belle at bazuin.nl
Tue Dec 6 14:51:37 UTC 2016
Hai,
I suggest start with.
1) backup you smb.conf
2) cleanup your smb.conf
About the "access is denied".
Which brother printer is it ? you didnt tell us that.
Which printer driver,please post a link.
Did you set the SePrivileges?
Did you configure the share with "POSIX" or WINDOWS rights. ?
And in the folder /srv/samba/Printer_drivers/
make this symlink. : ls -s x64 X64
And this is my smb.conf
[global]
workgroup = NTDOM
security = ADS
realm = SOME.REALM.TLD
preferred master = no
domain master = no
host msdfs = no
interfaces = 192.168.0.5 127.0.0.1
bind interfaces only = yes
dns proxy = yes
server signing = mandatory
ntlm auth = yes
tls enabled = yes
tls keyfile = /etc/ssl/xxxxxxxxxxxx.key.pem
tls certfile = /etc/ssl//xxxxxxxxxxxx..cert.pem
tls cafile = /etc/ssl/certs/company-ca.pem
idmap_ldb:use rfc2307 = yes
idmap config * :backend = tdb
idmap config * :range = 2000-9999
idmap config NTDOM : backend = ad
idmap config NTDOM : schema_mode = rfc2307
idmap config NTDOM : range = 10000-3999999
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
winbind refresh tickets = yes
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind offline logon = yes
winbind expand groups = 4
username map = /etc/samba/samba_usermapping
usershare path =
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
veto files = /.bash_logout/.bash_profile/.bash_history/.bashrc/
hide unreadable = yes
rpc_server:spoolss = external
rpc_daemon:spoolssd = fork
spoolss:architecture = Windows x64
load printers = yes
enumports command = /etc/samba/bin/show-ports.sh
[print$]
comment = Printer Drivers
path = /home/samba/printing/drivers
acl_xattr:ignore system acl = yes
browseable = yes
writable = yes
guest ok = no
write list = root, administrator, @"Domain Admins", @lpadmin, @"Print Operators"
[printers]
comment = All Printers
path = /home/samba/printing/spool
acl_xattr:ignore system acl = yes
browseable = yes
printable = yes
printing = CUPS
note on the Write list for print$.
Im use Debian Jessie, with samba 4.4.5 ( debian stretch rebuild )
To stay inline with other Debian settings im using the write list also.
You need to add the needed SePrivileges on "Domain Admins" and "Print Operators"
And the best tip i can give.
Add on both shares : acl_xattr:ignore system acl = yes
And configure ONLY WINDOWS ACL !
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Heinz Hölzl via
> samba
> Verzonden: dinsdag 6 december 2016 15:27
> Aan: samba at lists.samba.org
> Onderwerp: [Samba] unable to upload printer driver
>
> Hi list,
>
> i have a samba member-server in a samba4-AD with cups.
> cups works fine, i can print the testpage from cups and from a
> windowsclient.
> but, i am not able to upload a printer driver to a samba4 print-server:
>
> i followed this howto:
> https://wiki.samba.org/index.php/Configuring_Point%27n%27Print_automatic_p
> rinter_driver_deployment
>
>
> in printmanagement.msc i can add the server, and i can see the printer
> configuerd in cups.
> Then when i try to upload the driver, i get a "access is denied" on
> windows and on the server i can see this :
>
> in the syslog:
> Dec 06 15:05:38 pagh smbd[1127]: [2016/12/06 15:05:38.360276, 0]
> ../source3/rpc_server/spoolss/srv_spoolss_nt.c:8474(_spoolss_AddPrinterDri
> verEx)
> Dec 06 15:05:38 pagh smbd[1127]: _spoolss_AddPrinterDriverEx: level 8
> not yet implemented
> Dec 06 15:05:38 pagh smbd[1121]: [2016/12/06 15:05:38.377745, 0]
> ../source3/printing/nt_printing.c:1039(move_driver_file_to_download_area)
> Dec 06 15:05:38 pagh smbd[1121]: move_driver_file_to_download_area:
> Unable to rename [x64/bribmf03] to [x64/3/BRIBMF03]:
> NT_STATUS_OBJECT_NAME_NOT_FOUND
>
>
> smb.conf:
> [global]
> bind interfaces only = Yes
> interfaces = lo eth0
> netbios name = PAGH
> security = ADS
> workgroup = KLINGONS
> realm = KLINGONS.GVCC.NET
> #log file = /srv/samba/var/samba/%m.log
> log level = 3
> #dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> winbind refresh tickets = yes
> #vfs objects = recycle
> #recycle: repository = .recycle/%U
> #recycle: keeptree = yes
> #recycle: versions = yes
> #recycle: touch = yes
> #recycle: exclude = *.tmp|*.temp|*.o|*.obj|~$*|*.lnk
> winbind trusted domains only = no
> winbind use default domain = yes
> winbind enum users = no
> winbind enum groups = no
> #winbind nss info = rfc2307
> winbind nss info = template
> template homedir = /home/%U
> template shell = /bin/bash
>
> # idmap config used for your domain.
> # Choose one of the following backends fitting to your
> # requirements and add the corresponding configuration.
> # - idmap config ad
> # - idmap config rid
> # - idmap config autorid
> idmap config *: backend = tdb
> idmap config *:range = 300000-400000
> idmap config KLINGONS : backend = ad
> idmap config KLINGONS : schema_mode = rfc2307
> idmap config KLINGONS : range = 500-290000
> #allow insecure wide links = yes
> unix charset = utf8
> hosts allow = localhost, 100.0.0.0/255.0.0.0,
> 172.27.0.0/255.255.0.0, 172.20.0.0/24
> logon path =
> logon home = \\%N\%U
> logon drive = k:
> hide unreadable = no
> read only = no
> store dos attributes = yes
> dos filemode = yes
> map readonly = no
> map system = no
> map hidden = no
> map archive = no
> create mode = 0770
> force create mode = 0770
> directory mask = 0770
> force directory mode = 2000
> inherit acls = yes
> rpc_server:spoolss = external
> rpc_daemon:spoolssd = fork
> load printers = yes
> printing = cups
> printcap name = cups
> auth methods = guest sam winbind
>
>
>
> [printers]
> path = /srv/samba/var/spool
> printable = yes
> printing = CUPS
> #guest ok = Yes
> #browseable = No
>
> [print$]
> path = /srv/samba/Printer_drivers/
> comment = Printer drivers
> writeable = yes
> read only = no
> admin users = root, Administrator, @Domain Admins
> acl group control= yes
> force directory mode= 0755
> directory mask= 0755
> force create mode= 0644
> create mask= 0644
>
> ls -l /srv/samba/Printer_drivers
> total 0
> drwxrwsr-x 9 root domain admins 94 Dec 6 15:16 ./
> drwxr-xr-x 5 root root 52 Dec 6 08:39 ../
> drwxr-sr-x 2 root domain admins 6 Dec 6 15:16 IA64/
> drwxr-sr-x 2 root domain admins 6 Dec 6 15:16 W32ALPHA/
> drwxr-sr-x 2 root domain admins 6 Dec 6 15:16 W32MIPS/
> drwxr-sr-x 2 root domain admins 6 Dec 6 15:16 W32PPC/
> drwxr-sr-x 2 root domain admins 6 Dec 6 15:16 W32X86/
> drwxr-sr-x 2 root domain admins 6 Dec 6 15:16 WIN40/
> drwxrwsr-x 3 root domain admins 14 Dec 6 15:15 x64/
>
> What went wrong on my setup?
>
> Thanks,
> Heinz
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list