Single Sign-On and the Corporate Directory, Part IV
One of the great things about CUPS is that the default settings for it allow it to discover other CUPS servers and the printers served by them. That means for Linux and OS X clients to use your new server, it's as easy as starting cupsd, waiting about 30 seconds, and you're off and running. Luckily, it's not much harder to get Windows clients up and running either, using Samba. Following are the required changes to the smb.conf file:
[global] ... load printers = Yes printing = cups printcap = cups printer admin = root [printers] comment = All Printers path = /var/spool/samba browseable = no public = yes guest ok = yes writable = no printable = yes [print$] comment = Printer Drivers path = /etc/samba/drivers browseable = yes guest ok = no read only = yes write list = root
The parameters in the global section enable CUPS printing support. The printers section makes all the printers listed in the printcap file automatically available to Windows clients. The print$ section turns on automatic driver download, or Point 'n' Print, for Windows clients. What this means is that Windows clients won't be required to install print drivers for each printer they install. When they initially connect to the printer, clients will download and install a set of generic CUPS print drivers, removing the need for the user or the administrator to worry about Windows print drivers. Save your changes and restart Samba.
Before Point 'n' Print is a reality, there are still a few more things to do. First, you should download the most recent stable CUPS drivers, version 1.1.16 as of this writing, from the Easy Software Products FTP server to your CUPS/Samba server. Untar the bundle and run the install script, cups-samba.install. If the installer puts the cups.hlp file in /usr/share/drivers, move it into /usr/share/cups/drivers with the rest of the drivers. Next, make sure the print driver share directory, /etc/samba/drivers, exists. Finally, you need to add the drivers to the Samba share. If you've removed the root Samba user out of LDAP, you'll need to re-add it for these next two steps, as you need to be a uid 0 user. Refer to Part III of this series [February 2006] if you're not sure how to do this:
# smbclient //localhost/print\$ -Uroot -c 'mkdir ↪W32X86; put /etc/cups/ppd/pr-laser.ppd ↪W32X86/pr-laser.ppd; put ↪/usr/share/cups/drivers/cupsdrvr.dll ↪W32X86/cupsdrvr.dll; put ↪/usr/share/cups/drivers/cupsui.dll ↪W32X86/cupsui.dll; put ↪/usr/share/cups/drivers/cups.hlp ↪W32X86/cups.hlp' # rpcclient localhost -Uroot -c 'adddriver ↪"Windows NT x86" "pr-laser:cupsdrvr.dll ↪:pr-laser.ppd:cupsui.dll:cups.hlp:NULL:RAW:NULL"'
These two commands refer specifically to the printer we added to LDAP above, pr-laser. You need to run these two commands for each printer served by your CUPS server that you want Windows clients to access. Adding these commands to the printer creation script might be a good idea if you have many printers.
Now, if you browse to your Samba/CUPS server from a Windows client, you'll see a Printers and Faxes share. If you choose that share, you'll see all the printers served via CUPS. If you right-click on a printer and choose Connect..., it automatically downloads and installs the drivers and connects to the printer, making it available to print from that client. That's it!
Up until now, LDAP administration has been done by hand-editing LDIF files and using the command-line OpenLDAP tools. Craig Swanson and Matt Lung give some excellent pointers in their “OpenLDAP Everywhere Revisited” article (see Resources) to some GUI utilities for managing LDAP, but they overlooked one that I think needs mentioning, GQ. Although GQ is not in active development, the 1.0 beta1 version has proved to be stable and extremely useful. If GQ keeps segfaulting, though, you probably need to apply a patch to util.c (see Resources). One of the great things about GQ is its support of SASL authentication. This allows us to make modifications to LDAP using the GUI. In addition, I've found that browsing the schema has shown me object classes and attributes I probably would never have found otherwise.
If you've been a sysadmin for more than five minutes, you know the power of scripting common tasks. LDAP administration can be rather wordy, so being able to script those common tasks is invaluable. Both Perl and Python have very powerful LDAP modules. You've already been introduced to the Perl interface from last month's article's smb-create-password.pl and smb-new-machine.pl, but Python's LDAP modules are just as useful. Perl also has interfaces for Kerberos and SASL. Instead of going into an API description of each of these modules, I'm going to show you how to use them while also showing you new and different ways to use LDAP and Kerberos.
|Nativ Disc||Sep 23, 2016|
|Android Browser Security--What You Haven't Been Told||Sep 22, 2016|
|The Many Paths to a Solution||Sep 21, 2016|
|Synopsys' Coverity||Sep 20, 2016|
|Naztech's Roadstar 5 Car Charger||Sep 16, 2016|
|RPi-Powered pi-topCEED Makes the Case as a Low-Cost Modular Learning Desktop||Sep 15, 2016|
- Android Browser Security--What You Haven't Been Told
- Nativ Disc
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- The Many Paths to a Solution
- Naztech's Roadstar 5 Car Charger
- Synopsys' Coverity
- Securing the Programmer
- RPi-Powered pi-topCEED Makes the Case as a Low-Cost Modular Learning Desktop
- NordVPN for Android
- Glass Padding
With all the industry talk about the benefits of Linux on Power and all the performance advantages offered by its open architecture, you may be considering a move in that direction. If you are thinking about analytics, big data and cloud computing, you would be right to evaluate Power. The idea of using commodity x86 hardware and replacing it every three years is an outdated cost model. It doesn’t consider the total cost of ownership, and it doesn’t consider the advantage of real processing power, high-availability and multithreading like a demon.
This ebook takes a look at some of the practical applications of the Linux on Power platform and ways you might bring all the performance power of this open architecture to bear for your organization. There are no smoke and mirrors here—just hard, cold, empirical evidence provided by independent sources. I also consider some innovative ways Linux on Power will be used in the future.Get the Guide