[Samba] net rpc rights list SePrintOperatorPrivilege empty
lperoma at icloud.com
lperoma at icloud.com
Fri Nov 4 11:52:39 UTC 2022
Dear all,
My member server hosts about 12 printers, have been working flawlessly for a long time, sharing CUPS printers. This machine is also the main file server.
After a couple of days of pain, I managed to reconstruct the server (fileserver) after stupidly changing from AD to RID idmapping.
The server hosts about 12 printers, have been working flawlessly for a long time. Now some users are printing as usual, som others can not print.
\\server displays all printers like if nothing had happened. If a domain Admin (or a user) clicks on one of the printers, you get a “Windows can not connect to printer” error.
Checking with Print Management, and printers show like this:
peromarta.org/downloads/printers.png <http://peromarta.org/downloads/printers.png>
Printers are not displaying names, and when I try right click properties, I get a “You do not hace access to this printer, some of the tabs will be missing”. However, I can display the properties, and even add Domains Admins to security tab and apply. Still I can’t see names.
Divers folder look like this:
peromarta.org/downloads/drivers.png <http://peromarta.org/downloads/drivers.png>
Where as before there were populated with the drivers. (/var/lib/samba/printer_drivers/ is showing the usual driver tree, with drivers actually there in the x64 folder.)
Relevant part of smb.conf is:
# Printing
rpc_server:spoolss = external
rpc_daemon:spoolssd = fork
printing = CUPS
spoolss: architecture = Windows x64
rpcd_spoolss:idle_seconds=30
load printers = yes
[printers]
path = /var/spool/samba/
printable = yes
[print$]
path = /var/lib/samba/printer_drivers/
read only = no
smb.conf has not been tangled with. /var/spool/samba is empty
As I was writing this email, I notice
net rpc rights list SePrintOperatorPrivilege
Shows empty.
If on the server I try
net rpc rights grant "MAD\Domain Admins" SePrintOperatorPrivilege
Enter password:
Successfully granted rights.
It looks okay, but then:
net rpc rights list SePrintOperatorPrivilege
Shows empty again. Assigning privileges from a DC yields the same result - empty list. This may be the problem? If so I have no idea how to fix it.
Any help much appreciated. All the best, LP
More information about the samba
mailing list