[Samba] More print server woes
Luke Barone
lukebarone at gmail.com
Tue Aug 1 21:55:50 UTC 2023
I'm setting up a new print server on Debian Bookworm using the latest
repo-version of Samba. I got to the point in my documentation where I'm
supposed to add printer drivers, but I'm failing. The error happens at the
last step of the "Add Drivers" wizard, asking me to specify the location of
all the driver files - but no matter what folder I choose, it says it can't
copy the file. I have tried copying from the user's desktop as well as from
a file server, no change.
Below is the log.winbindd file (which I think is where the issue lies):
[2023/08/01 14:46:24.187665, 1]
../../source3/winbindd/wb_lookupsid.c:102(wb_lookupsid_recv)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.187768, 1]
../../source3/winbindd/wb_lookupsids.c:667(wb_lookupsids_recv)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.187812, 1]
../../source3/winbindd/wb_sids2xids.c:765(wb_sids2xids_recv)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.187848, 1]
../../source3/winbindd/winbindd_sids_to_xids.c:113(winbindd_sids_to_xids_recv)
Could not convert sids: NT_STATUS_INVALID_SID
[2023/08/01 14:46:24.187889, 1]
../../source3/winbindd/wb_sids2xids.c:368(wb_sids2xids_lookupsids_done)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.216875, 1]
../../source3/winbindd/wb_lookupsid.c:102(wb_lookupsid_recv)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.217000, 1]
../../source3/winbindd/wb_lookupsids.c:667(wb_lookupsids_recv)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.217055, 1]
../../source3/winbindd/wb_sids2xids.c:765(wb_sids2xids_recv)
Failed with NT_STATUS_INVALID_SID.
[2023/08/01 14:46:24.217100, 1]
../../source3/winbindd/winbindd_sids_to_xids.c:113(winbindd_sids_to_xids_recv)
Could not convert sids: NT_STATUS_INVALID_SID
[2023/08/01 14:46:24.217150, 1]
../../source3/winbindd/wb_sids2xids.c:368(wb_sids2xids_lookupsids_done)
Failed with NT_STATUS_INVALID_SID.
Below is the sanitized smb.conf file:
[global]
# Printing
rpcd_spoolss:idle_seconds=30
printing = CUPS
spoolss: architecture = Windows x64
printcap name = /var/run/cups/printcap
printcap cache time = 60
server role = member server
security = ADS
workgroup = EXAMPLE
realm = EXAMPLE.AD.EXAMPLEORG.CA
interfaces = lo enp1s0
bind interfaces only = yes
log file = /var/log/samba/%m.log
log level = 1 auth_json_audit:5
# Default ID mapping configuration for local BUILTIN accounts
# and groups on a domain member. The default (*) domain:
# - must not overlap with any domain ID mapping configuration!
# - must use an read-write-enabled back end, such as tdb.
idmap config * : backend = tdb
idmap config * : range = 70000-99999
# Use idmap_rid for domain accounts
idmap config EXAMPLE : backend = rid
idmap config EXAMPLE : range = 100000-199999
# Configure winbind
winbind nss info = template
template shell = /bin/false
template homedir = /home/ronb/%U
winbind separator = /
winbind use default domain = yes
# Enable extended ACLs globally
vfs objects = acl_xattr
map acl inherit = yes
store dos attributes = yes
client signing = mandatory
server signing = mandatory
# Turn off NetBIOS, since our clients don't need it
disable netbios = yes
[printers]
path = /var/spool/samba/
printable = yes
[print$]
path = /usr/local/share/printer_drivers/
read only = no
This is running on Version 4.17.9-Debian. I have granted the Domain
Administrator the SeDiskOperatorPrivilege and SePrintOperatorPrivilege
rights (through the "domain admins" group).
What am I missing?
More information about the samba
mailing list