Software and Files
Start with a working Samba member server, then install the following packages:aptitude install cups
aptitude install hplip# HP laserjet PPDs for just about every HP LJ made.
# Don't bother if you are not setting up an HP queue, of course.
If you aren’t setting up an HP printer, get a PPD for Windows NT/2000 for your printer and put it on your print server. You can use NT PPDs with CUPS without problems. You will need to get the following files from a Windows client, located in %WINDIR%\SYSTEM32\SPOOL\DRIVERS\W32X86\3 or %WINDIR%\SYSTEM32\SPOOL\DRIVERS\X64\3 on a 64 bit client:
ps5ui.dll pscript.hlp pscript.ntf pscript5.dll
You will also need to get the following from http://www.cups.org/software.php, located in the cups-windows-6.0-source.tar.gz package (in the i386 folder):
Place all of those files, the CUPS and the Windows ones, in /usr/share/cups/drivers.cups6.inf (from www.cups.org) cups6.ini (from www.cups.org) cupsps6.dll (from www.cups.org) cupsui6.dll (from www.cups.org)
Set Up the Queues
CUPS can be left the way it is. As long as you are going to use samba for the front end, you don’t need to reconfigure CUPS to be available on the local network. By default, it listens on localhost only and that works just fine. There are two ways to set up CUPS print queues, the command line or the web interface. The web interface makes it ridiculously easy, so I recommend that method. I went to the Ken Han School of System Administration (“GUIs are for desktops, not servers”), so I use lynx:lynx localhost:631Then just click on links and select options from the drop down menus until you get your queue set up. There is are examples on proper entries for how you connect to your printer and a help page that gives more info. Most likely, you have an HP LaserJet with an embedded JetDirect , so you would enter
socket://192.168.1.10:9100
on the page that asks for how you connect to your printer. For a directly-connected USB printer, it should show up. If not, use lpinfo from the command line to get a list of available devices:
See that file cups-pdf:/ entry? There is a cups-pdf package you can install so your clients can print to pdf and have the resulting file placed in some folder. That’ll be a future write up, but it is a pretty cool feature.bullet:/home/matt# lpinfo -v network socket network beh file cups-pdf:/ direct hal direct hp:/usb/deskjet_5100?serial=ABC123456 direct hpfax direct hp:/usb/HP_LaserJet_1022?serial=ABC123X35 network http network ipp network lpd direct parallel:/dev/lp0 direct scsi serial serial:/dev/ttyS0?baud=115200 network smb
If you placed a Windows PPD on your server, you will need to enter the path to it on the page that asks you for the Manufacturer.
Check that you can send a test page to the printer once the queue has been set up. If the printer and server are in different VLANs, get the appropriate firewall port opened up. You will definitely need from the server to the printer, and may need to get SNMP from the printer to the server. I haven’t set up the latter, but I think it’s possible to get status reports from the printers that way.
smb.conf Entries
There is a link on the Administration page to Export to Samba. Don’t do this yet. Make sure your smb.conf has the following two sections in it:[printers]
comment = All Printers
path = /var/spool/samba
printer admin = root, "DOMAIN\yourauthorizeddomainuser"
guest ok = Yes
printable = Yes
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
admin users = root, "DOMAIN\yourauthorizeddomainuser"
write list = root, "DOMAIN\yourauthorizeddomainuser"
The first is the share your clients get the print queues from, the second is a hidden share that holds the drivers. Check that the paths exist on your filesystem or change them to something more appropriate. You may not want the guest ok = Yes and you may want to make the printers share browseable, so make the appropriate changes. Save it then run testparm to make sure you haven’t messed up the config file.
Stop winbind, restart samba (smbd and nmbd), restart winbind.
Using rpcclient
Now to see if samba sees the queues.rpcclient mysambabox -U DOMAIN\\myauthorizeddomainuser
In the description, the second entry is blank. That’s where the driver is listed after exporting the printer to samba via cupsaddsmb. At this stage, if you type in ‘enumdrivers’ at the rpcclient prompt you’ll get an error message. Type ‘exit’ to get out of the rpcclient prompt and go back to the CUPS web interface. Click on the Administration link, then click on Export Printers to Samba. Use the check boxes to select the printers you want to share, enter your DOMAIN\youraccount and password, click Export Printers to Samba and cross your fingers. If it failed, you go to a page that said the action was unsuccessful and a link to a less than useful log of what happened. Upon success, or partial success, you get a very encouraging page. Don’t believe it until you go back to the rpcclient prompt and verify everything was registered properly.Password: rpcclient $> enumprinters flags:[0x800000] name:[\\sambabox\hpljuh054] description:[\\sambabox\hpljuh054,,HP LaserJet P3005] comment:[HP LaserJet P3005] flags:[0x800000] name:[\\sambabox\hpljuh052] description:[\\sambabox\hpljuh052,,HP LaserJet 2430] comment:[HP LaserJet 2430]
It's extremely important to use either a root account (if your samba server is part of a samba domain) or set the permissions on the print directories to be writable by the domain account used when exporting printers. It is also necessary to grant printing privileges to the account being used to export printers. Having insufficient rights will cause unhelpful error messages to be generated and lots of frustration.
rpcclient $> enumprinters
flags:[0x800000]
name:[\\sambabox\hpljuh054]
description:[\\sambabox\hpljuh054,hpljuh054,HP LaserJet P3005]
comment:[HP LaserJet P3005]
flags:[0x800000]
name:[\\sambabox\hpljuh052]
description:[\\sambabox\hpljuh052,hpljuh052,HP LaserJet 2430]
comment:[HP LaserJet 2430]
Now the driver name appears in the description. Check for the registered drivers with
rpcclient $> enumdrivers
[Windows NT x86]
Printer Driver Info 1:
Driver Name: [UH054-LaserJet]
Printer Driver Info 1:
Driver Name: [UH054LaserJet]
Printer Driver Info 1:
Driver Name: [hpljuh054]
Printer Driver Info 1:
Driver Name: [UH052LaserJet]
Printer Driver Info 1:
Driver Name: [hpljuh052]
Printer Driver Info 1:
Driver Name: [UH054-LaserJet]
Now you are ready to connect from a client. Connect to the share name listed above from a domain client and you should see a queue window pop up after a short delay. Drivers are downloaded automagically to the client with this set up, just like on a real Windows server.
Comments
This is the part where I warn you that you may follow the directions here and at the links below and still have issues. I think that samba sometimes emulates a Windows server too well and takes time for some things to register, which isn’t typical of a *nix service. I had a really hard time with exporting the queues from CUPS to samba. After moving on to another project for a few days and then finally getting back to finishing this one, it Just Worked(tm). I can’t tell you exactly what wasn’t working before or what made it work correctly in the end, as I just picked up where I left off and started the procedure fresh with success.Update: I've since done this again on a completely different system and found that cupsaddsmb expects you to use a root/admin account in order to create /var/lib/samba/drivers/W32X86/3/ directory structure. Seems obvious as it's consistent with samba to require the linux and Windows permissions to be correct, but it's easy to forget that your account on a Windows domain that has print admin privileges is not allowed to create directories. This became very obvious when the LDAP root/admin account was deactivated and a Domain Admin account was unable to add printers.
This how-to gets you a pretty decent print server with basic features like auto driver download. Quotas can be established, delegated administrators can be declared for particular queues, and some other stuff can be done (like custom CUPS filters that reject jobs in certain formats, like .psd that students insist on plugging up queues with.)
Future Notes
Setting up quotas is next. The CUPS line is like this:lpadmin -p myprinter -o job-quota-period=6048000 -o job-page-limit=150
The above can only be run after the queue is set up in CUPS as it modifies an existing queue. You can specify all of that stuff when you make the queue if you do it from the command line, but it is a hassle. The -p specifies the queue to modify and the -o flags set options on the queue. The job-quota-period is specified in seconds, so the above would be ten weeks, and the page-limit is of course per page. I have not tested this yet, when I do I’ll write up anything odd that needs to be done besides the above line.
There are a few things to keep in mind. Quotas apply to every user on a particular queue, you cannot specify one quota for faculty and one for students. For accurate page accounting, the job has to pass through the pstops filter. An image file typically goes through the imagetops filter and gets a default count of ’1.’ This isn’t terrible, as most images are one page anyway, but if someone manages to split an image file across multiple pages the count will be incorrect. Lastly, the print server does not give a very useful message when a user has reached their limit, something to the effect of ‘error sending job’ or something equally cryptic.
Resources
Samba Cups How-Tocupsaddsmb man page
PostScript
No comments:
Post a Comment