+ Post New Thread
Results 1 to 4 of 4
*nix Thread, Samba Printer ACL in Technical; Hi, According to Samba documentation, it should be possible to use NT ACLs on printers... I've tried everything I can ...
  1. #1

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    575
    Thank Post
    38
    Thanked 115 Times in 105 Posts
    Rep Power
    46

    Samba Printer ACL

    Hi,

    According to Samba documentation, it should be possible to use NT ACLs on printers... I've tried everything I can think of, but have no luck. I open up my print server from a windows client, open printer properties, and change the security to deny another user... however, I can then still access the printer from that other user. Has anyone got this working before, or does anyone have any ideas how to resolve it. I'm basically trying to have 1 printserver for the school but block access to certain printers, so teachers/students can't print to the admin printers.

    If anyone has another suggestion for how to do this, would be gratefully received.

    smb.conf below just incase
    Code:
    [global]
    idmap gid = 10000-40000
    obey pam restrictions = yes
    dns proxy = no
    netbios name = printserve
    printing = cups
    printcap = cups
    invalid users = root
    idmap uid = 10000-20000
    workgroup = DOMAIN
    os level = 20
    printcap name = cups
    security = ads
    max log size = 1000
    winbind separator = +
    log file = /var/log/samba/log.%m
    load printers = yes
    socket options = TCP_NODELAY
    wins server = ***.***.***.***
    encrypt passwords = true
    public = yes
    realm = DOMAIN.INTERNAL
    winbind use default domain = yes
    wins proxy = no
    server string = Cups Server
    winbind enum users = yes
    password server = *
    winbind gid = 10000-20000
    winbind enum groups = yes
    winbind cache time = 180
    syslog = 0
    preferred master = no
    panic action = /usr/share/samba/panic-action %d
    winbind nested groups = yes
    
    [printers]
    printable = yes
    writable = no
    path = /var/spool/samba
    comment = All Printers
    public = no
    create mode = 0700
    
    [print$]
    comment = Printer Drivers
    path = /etc/samba/drivers
    browseable = yes
    read only = no
    guest ok = yes
    write list = administrator, @"domain admins"
    
    [pdfs]
    writeable = no
    path = /home/pykota
    browseable = yes
    read only = yes

  2. #2

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,807
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    It would probably help if you enabled ACL support.

    Code:
    nt acl support = yes
    ea support = yes

  3. Thanks to Geoff from:

    Willott (6th May 2009)

  4. #3


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    you also need to make sure the filesystem supports acl and that you have acl installed - in the fstab there should be something like:
    Code:
    /dev/VolGroup01/LogVol00 /sharename 	 ext3  defaults,acl,user_xattr 1 2

  5. #4

    Join Date
    Dec 2008
    Location
    Nottingham
    Posts
    575
    Thank Post
    38
    Thanked 115 Times in 105 Posts
    Rep Power
    46
    Thanks Geoff... I looked through loads of Samba docs and how tos... but never saw that conf line!

SHARE:
+ Post New Thread

Similar Threads

  1. Squid3 - ACL
    By Hightower in forum *nix
    Replies: 6
    Last Post: 23rd January 2009, 11:32 AM
  2. ACL
    By kevin_lane in forum Coding
    Replies: 1
    Last Post: 19th December 2008, 06:09 PM
  3. Samba / Windows ACL mapping problem.
    By Geoff in forum *nix
    Replies: 7
    Last Post: 2nd August 2008, 01:34 PM
  4. joomla acl
    By alonebfg in forum EduGeek Joomla 1.0 Package
    Replies: 1
    Last Post: 21st March 2008, 04:19 PM
  5. squid acl
    By browolf in forum *nix
    Replies: 20
    Last Post: 20th April 2007, 08:55 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •