This guide is by no means definitive and is simply my notes that I made as I went through the installation and overcame any obsticles.
I will probably do a fresh install on a VM following my notes so that I can improve on them slightly and maybe make them slightly more coherent and comprehensive
Anyway... here you go!
I like the grey boxes
Thank you, I'll probably be using this in the near future - but any chance of wikifying it, I'm sure others can add their experiences
@CyberNerd: I will do once I have decided what is and isn't necessary... these are my installation notes and so will require refinement before being torn apart by the general public.
Couple of things popped into my head reading that:
- You don't mention configuring NTP. This is required for the proper functioning of Kerberos and thus Samba.
- You don't need the /etc/krb5.conf file with recent versions of MIT Kerberos. In a properly configured Active Directory environment you can remove the file and Kerberos will look up all the info it needs in DNS. Just like Windows does.
- There's an error in your samba config. You have root setup as a printer admin (a depreciated option btw) plus specified as a user that can write to the print$ share. Yet you've specified root as being an invalid user, meaning the account can never login.
- This is a minor niggle, but you've allowed guest logins on your print$ share. In a domain environment there is no such thing as a guest login. The configuration setting is meaningless.
- You've specified a wins server in smb.conf but failed to add 'wins' to the /etc/nsswitch.conf hosts line. Do you use wins or not?
@Geoff: Those steps are purely what I did to make it work... as I said, they need refinement.
1. NTP was already configured on my box
2. It still works
3. & 4. I had to play about with access permissions initially when trying to install the printers to the Samba share and I probably forgot to remove some settings
5. I don't need WINS but I don't not need it so why not do it half-heartedly? :P
Are you saying that Pykota users need to be added individually? can this be done asAdd a user to PyKota using the pkusers command – for example Joey who will be charged for printing and given an initial allowance of £2
# pkusers -a -l balance -b 2 joeyto add all users? what about group membership? can users print without quotas - for logging printjobs? Sorry I haven't RTFM yet, I'm just looking into whether this would be feasible for us.Code:pkusers -a -l balance -b 2 `wbinfo -u`
sorry I meant something like
having a thick momentCode:for i in `wbinfo -u`; do pkusers -a -l balance -b 2 $i ; done;
@CyberNerd: They don't need to be added individually and the accounts can be autocreated on first use too. I was purely testing so it was a stock install.
Once I have re-tested those notes, I will publish a better guide with instructions for setting up the production environment... it all boils down to time.
Due to my print server insisting that one of my printers use labels, I have had to switch over to the CUPS box sooner than planned for that queue. As a result, I have sussed the automagic addition of users that is needed in /etc/pykota/pykota.conf...
If you want a default balance you could edit it so that it reads something like...Code:policy : external(pkusers --add --skipexisting --limitby noquota $PYKOTAUSERNAME && edpykota --add --skipexisting --printer $PYKOTAPRINTERNAME $PYKOTAUSERNAME)
Code:policy : external(pkusers --add --skipexisting --limitby balance --balance 2 $PYKOTAUSERNAME && edpykota --add --skipexisting --printer $PYKOTAPRINTERNAME $PYKOTAUSERNAME)
I have just done a similar set up in Beaumont School, St. Albans, Hertfordshire.
We have two Pykota servers running CUPS on Ubuntu 6.10. (Two because we have a one way trusted cross forest policy). I have a complete set of notes installing all dependencies and setting up servers from a blank install of Ubuntu. If anyone is interested please email me. They are pretty much in my shorthand but list all files and changes necessary! I have spent weeks getting them perfect and working out the small glitches. We don’t actually have Kerberos set up on the two machines as with a cross forest policy running, it doesn’t normally authenticate on either domain. It is still however joined with samba in the ADS mode to our two windows2003 domain controllers (One on each domain).
I have also tried the CUPS 6.0 windows drivers and after a week or so decided against then. I get my Linux box's to distribute/push out the original PCL drivers from manufactures. this means no horrible issues if a certain printer doesn’t support postscript (i.e. Brother 5140's) and no horrible Ghost Script issues (GS takes postscript code and makes it into an image file for non postscript printers to print... It doesn’t however work very well with the CUPS windows drivers). You an actually use windows to configure this part!
I’m now working on some more advanced Pykota handling, such as sending jobs to different printers based on content or size, or alerting users when they print a ridiculously large file.
I’ve also included a self written PHP management tool that can use LDAP to manage pupils from AD. It allows searching, home folder viewing, Pykota quota management and password changing functionality over SSL. At the moment it is purely for our school and written to match our OU structure. If any one is interested in this also let me know as I have been meaning to make a generic version. (We decided to try and replace the non functional functionality of Viglen Classlink... and this is what we came up with!)
Ric_ is correct with his external policy. Ours auto creates users and assigns them a balance. There is a script in place to try and query there email address from AD... but to be honest it doesn’t yet work!
The work of a technician is never finished! :twisted:
Willott (13th November 2009)
We use the much simplerOriginally Posted by Ric_We give each user 10 units per week, and charge then 1 unit per page for b/w and 3 units per page for colourCode:policy : external(/usr/bin/autopykota --initbalance 10.0)
OK... now migrated across all my printers.
Unfortunately, I have had to give up on hardware accounting for the time being as it seems to make things INCREDIBLY slow.
I now have a better way for creating new users (so that I can charge the little darlings and simply monitor the staff - who will then be invoiced :twisted: )
The CGIs also work (although authentication isn't sorted yet).
I also haven't had chance to do the proper check of some of my config files.
I have updated my docs a bit... the config should now be a bit cleaner and some of the niggles are ironed out.
Feel free to comment or make suggestions on how to improve things. All I know is that this works, even if it is not the best config.
BTW Geoff... is this how you did it in the end?
There are currently 1 users browsing this thread. (0 members and 1 guests)