[samba] can't print from w2k to bsd printer

Bjarne Wichmann Petersen freebsd.nospam at mekanix.dk
Tue May 18 01:51:40 PDT 2004 

On Sunday 09 May 2004 22:07, Bjarne Wichmann Petersen wrote:

> I've spend several hours trying to get samba to play nice. I can get user
> to login from windows to their bsd-account, mount CD's etc.. But I can't
> get the users to print. I can see the printer and I can install it. But
> when I click on the installed printer I get "access denied".
>
> I've tried everything, dublicating every smb.conf I could find. Trying out
> every options. None helped. Hope someone here can spot what's wrong.
>
> My setup is a desktop PC running FBSD and a laptop with w2k. These are
> connected through a router. The printer is a laserjet and works great on
> the FBSD.

I've managed to "solve" my problems, though I'm not exactly sure on how, and 
it's not perfect yet; ie. it's slow on connecting. But my solution included a 
mixture of medling with my firewall-settings both on the server and windows 
client. And creating a "new" printer in /etc/printcap, that just passes the 
data to the printer (no filters). And perhaps some adjusted samba-setting.

In my firewall (serverside) I opened up to all trafic on port 137-139 and 445 
(I didn't know about port 445 previously).

${fwcmd} add allow tcp from any to any 137-139
${fwcmd} add allow tcp from any to any 445
${fwcmd} add allow udp from any to any 137-139
${fwcmd} add allow udp from any to any 445
${fwcmd} add allow tcp from ${net}:${mask} to me 137-139
${fwcmd} add allow tcp from ${net}:${mask} to me 445
${fwcmd} add allow udp from ${net}:${mask} to me 137-139
${fwcmd} add allow udp from ${net}:${mask} to me 445
${fwcmd} add allow tcp from me to ${net}:${mask} 137-139
${fwcmd} add allow udp from me to ${net}:${mask} 137-139
${fwcmd} add allow tcp from me to ${net}:${mask} 445
${fwcmd} add allow udp from me to ${net}:${mask} 445

The thing that nacks me about my firewall settings is, that it's possible more 
open than nessecary. Any help on what trafic-type that can be closed would be 
great.

On my windows-client I had port 445 closed, though I'm not sure I need to open 
it?

My printcap-entry for samba looks like this:

samba|HP LaserJet 1200 via samba:\
  :sh:sd=/var/spool/lpd/samba:\
  :lp=/dev/lpt0:\
  :mx#0:\

These are the relevant smb.conf entries:

[global]
        netbios name = FBSD
        server string = "Samba Server"
        security = SHARE
        encrypt passwords = Yes
        wins support = Yes
        printing = bsd
        printcap name = /etc/printcap
        load printers = Yes
        print command = lpr -r -P'%p' %s

[printers]
        comment = All printers
        path = /var/spool/samba
        guest ok = Yes
        printable = Yes
        browseable = Yes
        use client driver = Yes

To set up a printer from the w2k-client, I used the printer-wizard and chose a 
networkprinter and then searched the network for the printer (hence the 
'browseable = Yes').

Thanks for the pointers in the right direction.

Bjarne

More information about the freebsd-questions mailing list