Hello,
My setup is as follows: I have twelve Red Hat 7.3 boxes that need to
print to a Windows 2000 print server. On the print server we are
running a program called Print Manager Plus which is used to set and
keep track of users print quotas. This program also allows access to
our printers only to people in our department. On the Red Hat boxes I
have the default installation of LPRng which already has Kerberos 5
support compiled in. Also on these boxes we have implemented single
sign-on capability using Kerberos tickets which are retrieved from a KDC
outside of our departments control. This works just fine.
What I'm trying to do is allow users to print to the print server using
the ticket that they received when they logged in to the machine. The
problem I'm having is that the print server does not appear to be
accepting my ticket.
The following is an attempt by a regular user to send a print job to one
of the printers:
[xxxxxxx@tux08 unix]$ lpr -Dnetwork+3 launch.txt
lw449: getconnection: START host xxxx, timeout 10, connection_type 1
lw449: getconnection: fqdn found xxxx.kc.umkc.edu, h_addr_list count 1
lw449: getconnection: unix_socket_path /var/run/lprng
lw449: Link_dest_port_num: port 515 = 515
lw449: getconnection: destination IP 'xxx.xxx.xxx.xxx' port 515
lw449: getconnection: Originate_port_DYN '512 1023' minportno 1023,
maxportno 512
lw449: getconnection: minportno 0, maxportno 0, range 0, port_number 0
lw449: getconnection: AGAIN port 0, min 0, max 0, count 0, connects 0
lw449: getconnection: protocol 2, connection_type 1
lw449: getconnection: socket 3
lw449: getconnection: trying connect to 'xxxx', timeout 10
lw449: getconnection: connect sock 3, status 0, err 'No Error', timedout
0
lw449: getconnection: sock 3, src ip xxx.xxx.xxx.xxx, port 34333
lw449: getconnection: dest ip xxx.xxx.xxx.xxx, port 515
lw449: Set_linger: SO_LINGER socket 3, value 10
lw449: getconnection: connection to 'xxxx' socket 3, errormsg 'No Error'
lw449: Link_send: host 'xxxx' socket 3, timeout 6000
lw449: Link_send: str '^H449-LW C xxxxxxx kerberos 268
', count 30, ack 0xbfffc1d4
lw449: Link_send: final write status 0
lw449: Link_send: ack required
lw449: Link_send: read status '1'
lw449: Link_send: read 1, status NONZERO RFC1179 ERROR CODE FROM SERVER,
ack=ACK_STOP_Q
lw449: Link_send: final status NONZERO RFC1179 ERROR CODE FROM SERVER
Status Information:
sending job 'xxxxxxx@localhost+540' to 449-LW@xxxx
connecting to 'xxxx', attempt 1
connected to 'xxxx'
[xxxxxxx@tux08 unix]$ klist
Ticket cache: FILE:/tmp/krb5cc_1195_n8QExi
Default principal: [EMAIL PROTECTED]
Valid starting Expires Service principal
11/21/02 09:26:27 11/21/02 19:26:27 [EMAIL PROTECTED]
renew until 11/21/02 19:26:27
My printcap is as follows:
# /etc/printcap
#
# DO NOT EDIT! MANUAL CHANGES WILL BE LOST!
# This file is autogenerated by printconf-backend during lpd init.
#
# Hand edited changes can be put in /etc/printcap.local, and will be
included.
.common:sd=/var/spool/lpd/%P
:sh:mx=0:force_localhost@
lw449:cm=Default Printer, Forward to remote
:auth=kerberos5
:tc=.common
:filter=/usr/share/printconf/util/mf_wrapper
:db=database+2,lpr+2
:lf=log
:lp=449-LW@xxxx
########################################################################
#######
## Everything below here is included verbatim from /etc/printcap.local
##
########################################################################
#######
printcap (END)
And the following is my lpd.conf file:
default_remote_host=xxxx
default_printer=449-LW
force_localhost@
lpd.conf (END)
Any help with this would be greatly appreciated. I also want to
apologize in advanced if it turns out that the answer is staring me
right in the face. I'm still a green sys admin...
Thank you,
Liz McQueeny
-----------------------------------------------------------------------------
YOU MUST BE A LIST MEMBER IN ORDER TO POST TO THE LPRNG MAILING LIST
The address you post from MUST be your subscription address
If you need help, send email to [EMAIL PROTECTED] (or lprng-requests
or lprng-digest-requests) with the word 'help' in the body. For the impatient,
to subscribe to a list with name LIST, send mail to [EMAIL PROTECTED]
with: | example:
subscribe LIST <mailaddr> | subscribe lprng-digest [EMAIL PROTECTED]
unsubscribe LIST <mailaddr> | unsubscribe lprng [EMAIL PROTECTED]
If you have major problems, send email to [EMAIL PROTECTED] with the word
LPRNGLIST in the SUBJECT line.
-----------------------------------------------------------------------------
