From owner-freebsd-questions@FreeBSD.ORG Tue May 18 01:51:40 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2CBED16A4CE for ; Tue, 18 May 2004 01:51:40 -0700 (PDT) Received: from pfepa.post.tele.dk (pfepa.post.tele.dk [195.41.46.235]) by mx1.FreeBSD.org (Postfix) with ESMTP id 33DAF43D1D for ; Tue, 18 May 2004 01:51:36 -0700 (PDT) (envelope-from freebsd.nospam@mekanix.dk) Received: from [192.168.1.14] (0x50a16a15.boanxx13.adsl-dhcp.tele.dk [80.161.106.21]) by pfepa.post.tele.dk (Postfix) with ESMTP id E2BA547FE1C; Tue, 18 May 2004 10:51:31 +0200 (CEST) From: Bjarne Wichmann Petersen To: freebsd-questions@freebsd.org Date: Tue, 18 May 2004 10:52:58 +0200 User-Agent: KMail/1.6.2 References: <200405092207.37061.freebsd.nospam@mekanix.dk> In-Reply-To: <200405092207.37061.freebsd.nospam@mekanix.dk> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200405181052.58531.freebsd.nospam@mekanix.dk> Subject: Re: [samba] can't print from w2k to bsd printer X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 08:51:40 -0000 On Sunday 09 May 2004 22:07, Bjarne Wichmann Petersen wrote: > I've spend several hours trying to get samba to play nice. I can get user > to login from windows to their bsd-account, mount CD's etc.. But I can't > get the users to print. I can see the printer and I can install it. But > when I click on the installed printer I get "access denied". > > I've tried everything, dublicating every smb.conf I could find. Trying out > every options. None helped. Hope someone here can spot what's wrong. > > My setup is a desktop PC running FBSD and a laptop with w2k. These are > connected through a router. The printer is a laserjet and works great on > the FBSD. I've managed to "solve" my problems, though I'm not exactly sure on how, and it's not perfect yet; ie. it's slow on connecting. But my solution included a mixture of medling with my firewall-settings both on the server and windows client. And creating a "new" printer in /etc/printcap, that just passes the data to the printer (no filters). And perhaps some adjusted samba-setting. In my firewall (serverside) I opened up to all trafic on port 137-139 and 445 (I didn't know about port 445 previously). ${fwcmd} add allow tcp from any to any 137-139 ${fwcmd} add allow tcp from any to any 445 ${fwcmd} add allow udp from any to any 137-139 ${fwcmd} add allow udp from any to any 445 ${fwcmd} add allow tcp from ${net}:${mask} to me 137-139 ${fwcmd} add allow tcp from ${net}:${mask} to me 445 ${fwcmd} add allow udp from ${net}:${mask} to me 137-139 ${fwcmd} add allow udp from ${net}:${mask} to me 445 ${fwcmd} add allow tcp from me to ${net}:${mask} 137-139 ${fwcmd} add allow udp from me to ${net}:${mask} 137-139 ${fwcmd} add allow tcp from me to ${net}:${mask} 445 ${fwcmd} add allow udp from me to ${net}:${mask} 445 The thing that nacks me about my firewall settings is, that it's possible more open than nessecary. Any help on what trafic-type that can be closed would be great. On my windows-client I had port 445 closed, though I'm not sure I need to open it? My printcap-entry for samba looks like this: samba|HP LaserJet 1200 via samba:\ :sh:sd=/var/spool/lpd/samba:\ :lp=/dev/lpt0:\ :mx#0:\ These are the relevant smb.conf entries: [global] netbios name = FBSD server string = "Samba Server" security = SHARE encrypt passwords = Yes wins support = Yes printing = bsd printcap name = /etc/printcap load printers = Yes print command = lpr -r -P'%p' %s [printers] comment = All printers path = /var/spool/samba guest ok = Yes printable = Yes browseable = Yes use client driver = Yes To set up a printer from the w2k-client, I used the printer-wizard and chose a networkprinter and then searched the network for the printer (hence the 'browseable = Yes'). Thanks for the pointers in the right direction. Bjarne