Gerald Drouillard wrote: >> >> >>Gerald Drouillard wrote: >>| There has been a lot of activity on fixing 2.2.3a on the samba CVS log >>since >>| 3a was released. Changed have slowed in the last day or two, so maybe >>Samba >>| is close to a 2.2.3b release. I hope the Samba Crew can get a >>new version >>| out before the final Mandrake 8.2. I have been using 2.2.3a with only a >>| couple annoyances: >>| -slow printing for win2k >> >>Works for me. Slow compared to? >> > > The old Novell server replace by Samba. > Win9x machines printing to the samba server seem to be fine. This is not a > huge issue, it still prints, but with a 30 sec delay. From the samba CVS > logs, it looks like a few changes have been make to address this already.
I saw hardly any change between samba-2.2.0, samba-2.2.1a, samba-2.2.2 and samba-2.2.3a with regard to printing speed. Note that from 2.2.0 samba is using the NT-style printing mechanisms, however, I haven't seen problems here. Paper is usually coming out the printer by the time I get to it (when I run windows), which is about 15 seconds ... > > >>| -needed to add everyone to the group adm so that they could log in. >> >>This must be something with your setup. The adm group is not compiled in >>anywhere, so it can only be an issue with some permissions you have set, >>or some of the group parameters in your smb.conf file. >> >>If you want to try and resolve this, can you please send me your >>smb.conf file, and confirm that normal users have write access to the >>profiles directory, and read access to the netlogon directory. >> > > Below is the smb.conf file as it stands today. I have tried for about 3 > hours different combinations of permissions on the on netlogon and profiles. > It looks like this config file has been mangled by SWAT. I encourage everyone to look at editing the file by hand first, as there _WERE_ a lot of good hints sample configs before SWAT ate them all (since it doesn't retain comments. This is one of the reasons SWAT is now a seperate packages ... See comments inline ... Please try the suggestions below (esp the valid users in netlogon and the lpq command) and let me know if that improves things. Buchan > [global] > pam password change = Yes > domain master = True > encrypt passwords = Yes > time server = Yes > kernel oplocks = no > wins support = Yes > max log size = 50 > interfaces = 192.168.0.1/24 127.0.0.1 I hope you have got reverse lookups working for every machine, otherwise all access to this box will be slow (especially if you use "hosts allow = ". See the comment in the sample smb.conf file. > security = user > local master = Yes > printing = cups > dns proxy = No > socket options = TCP_NODELAY SO_SNDBUF=14596 SO_RCVBUF=14596 IPTOS_LOWDELAY > bind interfaces only = Yes > printcap name = lpstat > preferred master = True > admin users = @adm > writable = yes > domain logons = Yes > printer admin = @adm > unix password sync = Yes > log level = 0 > workgroup = FMT > server string = Samba Server %v > log file = /var/log/samba/log.%m > netbios name = FMTLIV > load printers = yes > os level = 64 > dos filetimes = Yes > ;logon home = \\fmtliv\%U > logon path = > logon script = %U.bat > logon drive = H: > add user script = /usr/sbin/useradd -d /dev/null -g machines -c 'Machine > Account' -s /bin/false -M %u > > [homes] > guest ok = no > comment = Home Directories > path = /home/%S > ;%H > valid users = %S These two aren't necessary, as samba picks up the users home directory, and file permissions should handle the rest ... also, if you ever have a user account with a home directory not as /home/%S this won't work, whereas the defalt samba homes share would. > read only = No > create mask = 0700 > directory mask = 0700 > #hosts allow = 192.168.0. > browseable = No > level2 oplocks = yes > oplocks = yes > dos filetimes = yes > ; preexec = echo "%u connected to %S from %m (%I)\" >>/tmp/.log > > [printers] > comment = All Printers > path = /var/spool/samba > create mask = 0700 > guest ok = Yes > printable = Yes > print command = lpr-cups -P %p -o raw %s -r # using client side printer > drivers. > lpq command = lpstat -o %p This is the wrong lpq command, it should be lpq -P %p, or just comment it out, as samba gets the right one if you have printing=cups in [global]. With it configured as you haev it, you will probably see incorrect names in the printer status window, and you wouldn't be able to delete print jobs. This was a misconfguration by Mandrake that appeared in Mandrake 8.0 and 8.1 (I think), but is fixed since somewhere arounf 2.2.2-1mdk ... > lprm command = cancel %p-%j > browseable = No > veto oplock files = /*.mdb /*.MDB /*.lbd /*.LDB /*.DBF /*.dbf /*.fpt /*.FPT > /*.CDX /*.cdx > > [public] > level2 oplocks = no > path = /home/srv/Public > writable = yes > veto oplock files = /*.mdb /*.MDB /*.lbd /*.LDB /*.DBF /*.dbf /*.fpt /*.FPT > /*.CDX /*.cdx > force directory mode = 777 > create mode = 0770 > directory mode = 0770 > force create mode = 777 > force group = nogroup > valid users = @users > oplocks = No > public = yes > force user = nobody > > [accounting] > path = /home/srv/Accounting > valid users = @accounting @adm > force group = accounting > read only = No > create mask = 0770 > directory mask = 0770 > # hosts allow = 192.168.0. > veto oplock files = /*.mdb /*.MDB /*.lbd /*.LDB /*.DBF /*.dbf /*.fpt /*.FPT > /*.CDX /*.cdx > oplocks = No > level2 oplocks = no > > [Title] > path = /home/srv/Title > valid users = @users > force group = users > read only = No > create mask = 0760 > directory mask = 0760 > veto oplock files = /*.mdb /*.MDB /*.lbd /*.LDB /*.DBF /*.dbf /*.fpt /*.FPT > /*.CDX /*.cdx > oplocks = No > level2 oplocks = no > > [print$] > path = /home/srv/printers > write list = @adm > guest ok = Yes > browseable = yes > readonly = yes > > > [netlogon] > valid users = @adm, @users Here's your problem (I think), it should be "valid users = @adm @users" I would suggest against putting too much of this stuff in smb.conf. Relying on unix permissions works quite well, although you might want to keep the write list entry. > path = /home/srv/netlogon > writable = no > share modes = no > browsable = yes > write list = @adm > comment = The domain logon service > guest ok = yes > root preexec = /home/srv/netlogon/logon.pl %U %G %L &&chmod 644 > /home/srv/netlogon/%U.bat Have you looked at ntlogon (in contribs)? We use it here, and it does all we need. See the sample configuration in the default smb.conf > public = yes > force directory mode = 777 > create mode = 0770 > directory mode = 0770 > force create mode = 777 > force group = nogroup > force user = nobody > > read only = yes > create mask = 0700 > directory mask = 0700 > level2 oplocks = yes > oplocks = yes > dos filetimes = yes > > > [www] > comment = Web Site > path = /var/www > create mode = 0755 > writeable = yes > valid users = @adm > force group = apache > [profiles] > ; guest ok = no > path = /home/srv/profiles > ; valid users = %S > ; read only = No > ; create mask = 0700 > ; directory mask = 0700 > #hosts allow = 192.168.0. > ; browseable = No > level2 oplocks = yes > oplocks = yes > ; dos filetimes = yes > [recordings] > path = /home/srv/recordings > valid users = @Recordings @adm > force group = Recordings > read only = No > create mask = 0770 > directory mask = 0770 > # hosts allow = 192.168.0. > veto oplock files = /*.mdb /*.MDB /*.lbd /*.LDB /*.DBF /*.dbf /*.fpt /*.FPT > /*.CDX /*.cdx > oplocks = No > level2 oplocks = no > [backup] > path = /mnt/windows > valid users = gerry aanderson > read only = yes > oplocks = Yes > level2 oplocks = yes > [disbursement] > path = /home/srv/disbursement > valid users = @disbursement @adm > force group = disbursement > read only = No > create mask = 0770 > directory mask = 0770 > # hosts allow = 192.168.0. > veto oplock files = /*.mdb /*.MDB /*.lbd /*.LDB /*.DBF /*.dbf /*.fpt /*.FPT > /*.CDX /*.cdx > oplocks = No > level2 oplocks = no > > -- |----------------Registered Linux User #182071-----------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/gpg.key
