samba

I have found that Samba < 3.0.9 has a few permissions issues with CUPS when using the printing tools from Windows desktops. It turns out that there is a few issues with CUPS permissions and Samba but these apparently have been fixed in Samba versions 3.0.12 onwards.
In the interim to fix the issue you must edit the cupsd.conf file and comment out a few lines so that you have the following:

<Location /admin>
#  AuthType BasicDigest
#  AuthClass Group
#  AuthGroupName sys
  Order Deny,Allow
  Deny From All
  Allow From 127.0.0.1
</Location>

I have put up a script that allows customisation of the batch file run when a Windows user logs into a Samba PDC. This script creates a unique login script based on the user's name and the groups they belong to. It ties nicely into any authentication method (file/LDAP/NIS/Kerebos/Samba) as long as PAM has been configured to pull user and group details from that source. The tutorial is online here:

Customised Netlogon scripts for Samba Howto

When logging into a Windows domain there is the option to run a script on the desktop to setup drives, synchronize time and anything else that maybe required.

Unfortunately the power of these scripts are reduced by the limited functionality of the client side scripting language and Samba's inability to produce tailored batch files for each user.

Today I finished a howto that goes through the steps to setup a Samba Primary Domain Controller (PDC) with an OpenLDAP backend on SuSE. The tutorial draws together a lot of the things I have learnt over the last few weeks working with Samba and OpenLDAP. If anyone reads it through and finds errors (both practical and grammatical) then please get in touch.

This problem could have been a real pain if I had not stumbled on the solution quickly thanks to Google. A client got in touch with a complaint that the print dialog box in Windows XP Service Pack 2 took a long time to appear when printing to a Samba3/CUPS based printer. Printing the document itself was fine but making any changes to the default print setup caused long pauses in between applying the changes.

It turns out the issue is specific to Windows XP SP2 and the source of the problem lies within the Windows Registry (surprise, surprise). It can be fixed by opening up REGEDIT, browsing to HKEY_CURRENT_USER/Printers and removing any references to DevModes, DevModes2 and DevModePerUser. Nobody on the Net seems quite sure what these entries do (apart from slow down Samba printing). On each of the desktops I applied the change to the print dialog box responsiveness improved markedly after a restart. More than likely this issue will be resolved in a future release of Samba but in the meantime it is just something you have to watch out for in XP SP2.

Over the last week I have been doing quite a bit of work with SuSE, Samba3 and OpenLDAP. I must say although difficult to setup the first time it is really nice to have all your user accounts managed from one central location. I have just installed a new SuSE server running this combination into a clients office and it is looking very good indeed. All of the basic work is done all that needs to happen now is get all the Windows machines bound the domain and install the printer drivers onto the server for painless printer adding.

Some useful links I have found to help set all this up are: