[Samba] How the program spoolss works ?
L.P.H. van Belle
belle at bazuin.nl
Fri Feb 7 15:04:11 UTC 2020
Hai,
Well, now i also see, from the first mail.
name_to_sid: KILIMANDJARO\NOBODY << user nobody (guest) as "Domain user"..
Thats not good.
/usr/sbin/winbindd: name_to_sid: KILIMANDJARO\NOBODY for domain KILIMANDJARO
/usr/sbin/winbindd: name_to_sid: failed to lookup name: NT_STATUS_NONE_MAPPED
Looks like someone is trying to print but is not AD-Domain Authenticated.
Is the pc used member of the domain and is this use logged on to the domain?
Now. Your using also 4.9.5, which normaly is fine, but there where a lot of bugfixes after that.
You might want to upgrade it also.
Or use latest from bullseye or use my repo, or if you need support (paid), get a sernet subscripton.
My repo. http://apt.van-belle.nl
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: Nathalie Leclercq [mailto:nathalie.ramat at univ-littoral.fr]
> Verzonden: vrijdag 7 februari 2020 15:41
> Aan: L.P.H. van Belle
> CC: samba at lists.samba.org
> Onderwerp: Re: [Samba] How the program spoolss works ?
>
> hello,
>
> I had already tried to follow your url . I modify my smb.conf
> with only only 2 commandes rpc_server: spoolss = external and
> rpc_daemon: spoolssd = fork
> but with no succes .
>
> I change my smb.conf as yours but i have always my errors.
>
> If i put
>
> rpc_server:spoolss = external
> rpc_daemon:spoolssd = fork
> # Most are default, i just find it handy to see it on my
> print server.
> spoolss:architecture = Windows x64
> spoolssd:prefork_min_children = 5 # Minimum
> number of child processes
> spoolssd:prefork_max_children = 25 # Maximum
> number of child processes
> spoolssd:prefork_spawn_rate = 5 # Start
> (fork) x new childs if one connection comes in (up to
> prefork_max_children)
> spoolssd:prefork_max_allowed_clients = 100 # Number of
> clients, a child process should be responsible for
> spoolssd:prefork_child_min_life = 60
>
> or i don't put it - I have the same logs .. I don't understand .
> yet i see smbd and the subprocess with the command ps axf
>
> after rowland modifications and yours , i put my new
> smb.conf. I have problably forget something
>
> thanks for your help
>
> # Global parameters
> [global]
> netbios name = BUSTERSERVERSAM
> realm = KILIMANDJARO.CALAIS.FR
> server role = active directory domain controller
> server services = s3fs, rpc, nbt, wrepl, ldap, cldap,
> kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
> workgroup = KILIMANDJARO
> idmap_ldb:use rfc2307 = yes
> log level = 3
> log file=/var/log/samba/log.%M
> max log size = 1000
>
> # host msdfs = no
> # vfs objects = acl_xattr
> # map acl inherit = yes
> # store dos attributes =yes
>
> # deactivation imprimante +spoolss
>
> # load printers = no
> # printing = bsd
> # printcap name = /dev/null
> # disable spoolss =yes
>
>
> # enabling spoolssd
> rpc_server:spoolss = external
> rpc_daemon:spoolssd = fork
>
> # Most are default ,i just find it handy on my print server
>
> spoolss:architecture = Windows x64
> spoolssd:prefork_min_children = 5
> spoolssd:prefork_max_children = 25
> spoolssd:prefork_spawn_rate = 5
> spoolssd:prefork_max_allowed_clients = 100
> spoolssd:prefork_child_min_life = 60
>
>
> load printers = yes
> # printing = cups
> # printcap name = cups
>
>
> # security = user
>
> # winbind use default domain = yes
> winbind separator = /
> # winbind enum groups =yes
> # winbind enum users = yes
>
>
>
> [netlogon]
> path = /var/lib/samba/sysvol/kilimandjaro.calais.fr/scripts
> read only = No
> writable = yes
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = no
> browseable =yes
>
> [homes]
> path=/home/KILIMANDJARO/%G/%U
> writable = yes
> create mask = 0644
>
> [profiles]
> path=/resultats/profiles
> writable = yes
> browseable = yes
>
>
> [printers]
> comment = all printers
> path=/var/spool/samba
> acl_xattr:ignore system acl = yes
> browseable =yes
> printable = yes
> guest ok = yes
> printing = CUPS
>
>
>
> [print$]
> comment = Point and Print privers drivers
> path= /var/lib/samba/printers
> acl_xattr:ignore system acl = yes
> browseable = yes
> writable = yes
> guest ok =no
> write list =root,administrator,@"Domain
> Admins", at lpadmin,@"Print Operators"
>
>
>
> ----- Mail original -----
> De: "L.P.H. van Belle via samba" <samba at lists.samba.org>
> À: samba at lists.samba.org
> Envoyé: Vendredi 7 Février 2020 13:56:51
> Objet: Re: [Samba] How the program spoolss works ?
>
> So after Rowland's adviced changes.
>
> I use this part for printing.
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Print_Server
>
> I added this to the smb.conf for my print server (note, i use
> a member server).
> I use cups - raw so my clients generate the print job.
>
> ##### PRINT SERVER PART #######
> #enable asu support = yes
>
> ## Enabling spoolssd
> rpc_server:spoolss = external
> rpc_daemon:spoolssd = fork
> # Most are default, i just find it handy to see it on my
> print server.
> spoolss:architecture = Windows x64
> spoolssd:prefork_min_children = 5 # Minimum
> number of child processes
> spoolssd:prefork_max_children = 25 # Maximum
> number of child processes
> spoolssd:prefork_spawn_rate = 5 # Start
> (fork) x new childs if one connection comes in (up to
> prefork_max_children)
> spoolssd:prefork_max_allowed_clients = 100 # Number of
> clients, a child process should be responsible for
> spoolssd:prefork_child_min_life = 60 # Minimum
> lifetime of a child process (60 seconds
> # is the
> minimum, even a lower value has been configured)
> load printers = yes
>
> # Windows clients look for this share name as a source of downloadable
> # printer drivers
> [print$]
> comment = Printer Drivers
> path = /var/lib/samba/printers
> acl_xattr:ignore system acl = yes
> browseable = yes
> writable = yes
> guest ok = no
> # Uncomment to allow remote administration of Windows print drivers.
> # You may need to replace 'lpadmin' with the name of the group your
> # admin users are members of.
> # Please note that you also need to set appropriate Unix permissions
> # to the drivers directory for these users to have write rights in it
> write list = root, administrator, @"Domain Admins",
> @lpadmin, @"Print Operators"
>
> [printers]
> comment = All Printers
> path = /var/spool/samba
> acl_xattr:ignore system acl = yes
> browseable = yes
> printable = yes
> printing = CUPS
>
>
> Do note..
> My setup only asumes windows clients so i set :
> acl_xattr:ignore system acl = yes
> And then i configure the shares exact the same as on a
> windows server.
> Once configure, DONT change/use chmod/setfacl of anything else.
> Then you most probely have to re-configure the shares again.
>
>
>
>
> > -----Oorspronkelijk bericht-----
> > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > Rowland penny via samba
> > Verzonden: vrijdag 7 februari 2020 11:08
> > Aan: samba at lists.samba.org
> > Onderwerp: Re: [Samba] How the program spoolss works ?
> >
> > On 07/02/2020 09:54, nathalie ramat via samba wrote:
> > > Hello,
> > >
> > > In my directory /var/lib/samba/printers I have
> > >
> > > COLOR color IA64 W32ALPHA W32MIPS W32PPC W32X86 WIN40 x64
> > >
> > > I delete the directory COLOR and restart samba
> > You deleted the wrong one, you should have deleted 'color'
> > >
> > > but I have always the same error .
> > > I have perahps a problem of rights. the owner of the directory
> > > /var/lib/samba/printers is root.
> > >
> > >
> > > Thanks for your help .
> > >
> > > That is my smb.conf
> > >
> > >
> > > # Global parameters
> > > [global]
> > > netbios name = BUSTERSERVERSAM
> > > realm = KILIMANDJARO.CALAIS.FR
> > > server role = active directory domain controller
> > > server services = s3fs, rpc, nbt, wrepl, ldap, cldap,
> > kdc, drepl,
> > > winbindd, ntp_signd, kcc, dnsupdate
> > > workgroup = KILIMANDJARO
> > > idmap_ldb:use rfc2307 = yes
> > > log level = 3
> > > log file=/var/log/samba/log.%M
> > > max log size = 1000
> > >
> > > host msdfs = no
> > > vfs objects = acl_xattr
> > > map acl inherit = yes
> > > store dos attributes =yes
> > >
> > > load printers = yes
> > > printing = cups
> > > printcap name = cups
> > >
> > >
> > > security = user
> > >
> > > winbind use default domain = yes
> > > winbind separator = /
> > > winbind enum groups =yes
> > > winbind enum users = yes
> > >
> > OK, this is from a Samba AD DC, so remove these lines, they have no
> > place in a DC smb.conf:
> >
> > host msdfs = no
> > vfs objects = acl_xattr
> > map acl inherit = yes
> > store dos attributes =yes
> > security = user
> > winbind use default domain = yes
> >
> > I would also remove these:
> >
> > winbind enum groups =yes
> > winbind enum users = yes
> >
> > They only make 'getent passwd' and 'getent group' work
> > without supplying
> > a username or groupname, they can also slow things down.
> >
> > Rowland
> >
> >
> >
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions: https://lists.samba.org/mailman/options/samba
> >
> >
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list