| View previous topic :: View next topic |
| Author |
Message |
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
 Posted: Sun Jan 05, 2014 5:17 pm Post subject: basic basic printer sharing |
 |
|
I don't know what I am missing here. I am trying to share a printer to other non-linux machines.
Here is the cupsd.conf:
| Code: |
LogLevel warn
# Allow remote access
Port 631
Listen /run/cups/cups.sock
# Share local printers on the local network.
Browsing On
BrowseLocalProtocols
DefaultAuthType Basic
WebInterface Yes
<Location />
# Allow shared printing...
Order allow,deny
Allow @LOCAL
</Location>
<Location /admin>
Order deny,allow
</Location>
<Location /admin/conf>
AuthType Default
Order deny,allow
Require user @SYSTEM
</Location>
<Policy default>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default CUPS-Get-Devices>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
<Policy authenticated>
JobPrivateAccess default
JobPrivateValues default
SubscriptionPrivateAccess default
SubscriptionPrivateValues default
<Limit Create-Job Print-Job Print-URI Validate-Job>
AuthType Default
Order deny,allow
</Limit>
<Limit Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job Cancel-My-Jobs Close-Job CUPS-Move-Job CUPS-Get-Document>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After Cancel-Jobs CUPS-Accept-Jobs CUPS-Reject-Jobs>
AuthType Default
Require user @SYSTEM
Order deny,allow
</Limit>
<Limit Cancel-Job CUPS-Authenticate-Job>
AuthType Default
Require user @OWNER @SYSTEM
Order deny,allow
</Limit>
<Limit All>
Order deny,allow
</Limit>
</Policy>
|
The printers look like (note shared is yes):
| Code: |
<Printer foo>
UUID urn:uuid:00000000-0000-0000-0000-000000000000
Info foo
MakeModel Generic foo Printer
DeviceURI usb://foo
State Idle
StateTime 1000000000
Type 0000000
Accepting Yes
Shared Yes
JobSheets none none
QuotaPeriod 0
PageLimit 0
KLimit 0
OpPolicy default
ErrorPolicy stop-printer
</Printer>
|
But if I go to: http://localhost:631/printers/ and click on foo, I see "foo (Idle, Accepting Jobs, Not Shared)"
And of course (far more important), other machines on the network can't see the printers
No doubt I am missing something painfully obvious, but I just can't see it.
Last edited by curmudgeon on Mon Jan 06, 2014 1:11 am; edited 2 times in total |
|
| Back to top |
|
 |
lexflex
Guru
Joined: 05 Mar 2006
Posts: 363
Location: the Netherlands
|
| Posted: Sun Jan 05, 2014 5:48 pm Post subject: |
|
|
Hi,
Maybe you can try to allow some specific IP range ( like Allow 192.168.0.* ) or IP address to test ( instead of @local) just to see if that works. I had some problems with defining 'allow' ranges myself some time ago ( but cant remember the details).
Alex. |
|
| Back to top |
|
|
dmpogo
Advocate
Joined: 02 Sep 2004
Posts: 3267
Location: Canada
|
| Posted: Mon Jan 06, 2014 12:15 am Post subject: |
|
|
I don't like your empty BrowseLocalProtocols statement, although if you use cups >= 1.6 and want to use any protocol but DNSSD (i.e avahi/bonjour), you need to run separate cups-browsed daemon, and all BrowseLocalProtocols CUPS directives go into cups-browsed.conf, with something like
BrowseLocalProtocols CUPS,DNSSD
Actually, I am not sure that web interface is aware about separate cups-browsed nowdays.
BrowseProtocols statements are useless in cupsd.conf, since cupsd itself only supports and always uses DNSSD. But empty string may preclude browsing, comment it out. |
|
| Back to top |
|
|
666threesixes666
Veteran
Joined: 31 May 2011
Posts: 1248
Location: 42.68n 85.41w
|
| Posted: Mon Jan 06, 2014 1:13 am Post subject: |
|
|
| if they are doze machines maybe its the samba printer sharing you be looking for? |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
| Posted: Mon Jan 06, 2014 3:36 am Post subject: |
|
|
| dmpogo wrote: | I don't like your empty BrowseLocalProtocols statement, although if you use cups >= 1.6 and want to use any protocol but DNSSD (i.e avahi/bonjour), you need to run separate cups-browsed daemon, and all BrowseLocalProtocols CUPS directives go into cups-browsed.conf, with something like
BrowseLocalProtocols CUPS,DNSSD |
I am confused. I thought that cup-browsed was for searching for remote printers. Is it also necessary for broadcasting local printers?
Actually, I guess I am confused with the whole terminology of "sharing" a printer. Does that mean broadcasting its existence or simply allowing remote printing (I can probably live with the later assuming I can specify printers correctly on remote machines). |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
| Posted: Mon Jan 06, 2014 3:53 am Post subject: |
|
|
| 666threesixes666 wrote: | | if they are doze machines maybe its the samba printer sharing you be looking for? |
I thought that was the "old" way to do it. :)
For example:
https://wiki.archlinux.org/index.php/CUPS_printer_sharing
"The preferred way to connect a Windows client to a Linux print server is using IPP. It's a standard printer protocol based on HTTP, allowing you all ways to profit from port forwarding, tunneling etc. The configuration is very easy and this way is less error-prone than using Samba. IPP is natively supported by Windows since Windows 2000." |
|
| Back to top |
|
|
666threesixes666
Veteran
Joined: 31 May 2011
Posts: 1248
Location: 42.68n 85.41w
|
| Posted: Mon Jan 06, 2014 4:06 am Post subject: |
|
|
yeah, this is the new way
http://assets.sbnation.com/assets/3006205/office-space-printer-beat-down-gif.gif
im pretty sure the computer printing has to have the printer drivers on it. last time i had a networked printer it was wifi aware and it was like that.... i think what you're trying to do is similar only with a nix box between the two.
as original post says "Not Shared" doze boxes wont like that, switch it to shared... and make doubly sure that the doze boxes have the printer drivers. |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
| Posted: Mon Jan 06, 2014 5:04 am Post subject: |
|
|
| 666threesixes666 wrote: | | m pretty sure the computer printing has to have the printer drivers on it. last time i had a networked printer it was wifi aware and it was like that.... i think what you're trying to do is similar only with a nix box between the two. |
I did install the printer driver on the client machine, so that shouldn't be the problem.
| 666threesixes666 wrote: | | as original post says "Not Shared" doze boxes wont like that, switch it to shared... and make doubly sure that the doze boxes have the printer drivers. |
Well , that is what I am trying to figure out how to do. :) I don't know how to make cups see the printer as "shared." |
|
| Back to top |
|
|
666threesixes666
Veteran
Joined: 31 May 2011
Posts: 1248
Location: 42.68n 85.41w
|
|
| Back to top |
|
|
dmpogo
Advocate
Joined: 02 Sep 2004
Posts: 3267
Location: Canada
|
| Posted: Mon Jan 06, 2014 6:27 am Post subject: |
|
|
| curmudgeon wrote: | | dmpogo wrote: | I don't like your empty BrowseLocalProtocols statement, although if you use cups >= 1.6 and want to use any protocol but DNSSD (i.e avahi/bonjour), you need to run separate cups-browsed daemon, and all BrowseLocalProtocols CUPS directives go into cups-browsed.conf, with something like
BrowseLocalProtocols CUPS,DNSSD |
I am confused. I thought that cup-browsed was for searching for remote printers. Is it also necessary for broadcasting local printers?
Actually, I guess I am confused with the whole terminology of "sharing" a printer. Does that mean broadcasting its existence or simply allowing remote printing (I can probably live with the later assuming I can specify printers correctly on remote machines). |
Yes, you need cups-browsed also for broadcast if you want to broadcast printers with any protocol other than DNSSD
'Sharing' was not CUPS terminology, and in Windows world it meant to make printers visible on the network as well as allow remote access to them.
It is easy to see what 'sharing button' does at localhost:631 - web interface simply rewrites cupsd.conf, so you can compare cupsd.conf with and without this button checked. I suspect it just sets Browsing directive to 'on'.
I don't have CUPS nearby, but I suspect that, regretfully, localhost:631 web interface will not modify cups-browsed.conf (simply because that web interface is still in Apple hands who do not care about existence of cups-browsed). But I may be mistaken. |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
| Posted: Thu Jan 16, 2014 2:43 pm Post subject: |
|
|
I am getting absolutely nowhere with this.
I do have cups-browsed running, and all of the other linux machines on the network see all of the printers every time a print dialog box pops up, even though the cups printer page still says "not shared" (yes, the other linux machines can actually print to it).
But I still can't get the printer installed on windows.
On the windows machine, the internet printing client (windows features) is turned on (not sure I really need that, but I have been trying absolutely everything).
On the windows machine, In advanced sharing settings, network discovery is turned on.
When I go to "add printer" / "add a network, wireless, or bluetooth printer" / " the printer that i want isn't listed", and then enter the printer in the "select a shared printer by name" box, I immediately get:
"Connect to Printer
Windows couldn't connect to the printer. Check the printer name and try again. If this is a network printer, make sure that the printer is turned on, and the the printer address is correct."
I entered as the printer "http://10.0.0.10:631/printers/printer"
Pasting the printer string in a browser on the windows machine connects to the printer page on the linux machine immediately.
The linux machine with the printer is 10.0.0.10, and the windows machine is 10.0.0.20.
Running a tcpdump on the linux machine produces these packets (when I press the "next" button):
| Code: |
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on net0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:00:00.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 68
00:00:01.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 68
00:00:02.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 68
00:00:03.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:00:04.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:00:05.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:00:06.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:00:07.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:00:08.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
|
So tcpdump does not even see an attempted connection from the windows machine.
I also tried "browse for a printer" just to see what packets I could see, and got this:
| Code: |
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on net0, link-type EN10MB (Ethernet), capture size 65535 bytes
00:01:00.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:01:01.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:01:02.000000 IP 10.0.0.20.netbios-ns > 10.0.0.255.netbios-ns: UDP, length 50
00:01:03.000000 IP 10.0.0.20.52501 > 239.255.255.250.3702: UDP, length 713
00:01:04.000000 IP 10.0.0.20.52501 > 239.255.255.250.3702: UDP, length 713
00:01:05.000000 ARP, Request who-has 10.0.0.3 tell 10.0.0.20, length 46
00:01:06.000000 ARP, Request who-has 10.0.0.4 tell 10.0.0.20, length 46
00:01:07.000000 ARP, Request who-has 10.0.0.5 tell 10.0.0.20, length 46
00:01:08.000000 ARP, Request who-has 10.0.0.6 tell 10.0.0.20, length 46
00:01:09.000000 ARP, Request who-has 10.0.0.7 tell 10.0.0.20, length 46
00:01:10.000000 ARP, Request who-has 10.0.0.8 tell 10.0.0.20, length 46
00:01:11.000000 ARP, Request who-has 10.0.0.9 tell 10.0.0.20, length 46
00:01:12.000000 ARP, Request who-has 10.0.0.10 tell 10.0.0.20, length 46
00:01:12.000000 ARP, Reply 10.0.0.10 is-at 00:11:22:33:44:55 (oui Unknown), length 28
00:01:12.000000 IP 10.0.0.20.52503 > 10.0.0.10.snmp: GetNextRequest(23) 43
00:01:12.000000 IP 10.0.0.10 > 10.0.0.20: ICMP 10.0.0.10 udp port snmp unreachable, length 74
00:01:13.000000 ARP, Request who-has 10.0.0.11 tell 10.0.0.20, length 46
00:01:14.000000 ARP, Request who-has 10.0.0.12 tell 10.0.0.20, length 46
00:01:15.000000 ARP, Request who-has 10.0.0.13 tell 10.0.0.20, length 46
[...]
|
I am wondering if the "udp port snmp unreachable" means anything important.
I don't have a clue about that (and I am hoping someone here does). :) |
|
| Back to top |
|
|
cwr
Veteran
Joined: 17 Dec 2005
Posts: 1969
|
| Posted: Sat Jan 18, 2014 11:29 am Post subject: |
|
|
It might be worth running wireshark on the _Linux_ machine while trying
to load a printer from the _Windows_ machine; that will tell you exactly
what the Windows machine is trying to do, right down to the packet leve,
and you can take it from there.
Will |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
| Posted: Sun Jan 19, 2014 2:37 am Post subject: |
|
|
| cwr wrote: | It might be worth running wireshark on the _Linux_ machine while trying
to load a printer from the _Windows_ machine; that will tell you exactly
what the Windows machine is trying to do, right down to the packet leve,
and you can take it from there. |
Maybe I am stupid, but what packets are wireshark going to see that tcpdump doesn't (they both use libpcap)?
There basically aren't any packets (maybe I should run wireshark on the windoze machine). |
|
| Back to top |
|
|
cwr
Veteran
Joined: 17 Dec 2005
Posts: 1969
|
| Posted: Mon Jan 20, 2014 8:44 am Post subject: |
|
|
Well, if no packets are arriving at the Linux machine the Windows machine isn't
transmitting any; at a guess, they are being stopped by the Windows firewall,
which I've had problems with before.
Will |
|
| Back to top |
|
|
curmudgeon
Veteran
Joined: 08 Aug 2003
Posts: 1741
|
| Posted: Mon Jan 20, 2014 11:53 am Post subject: |
|
|
| cwr wrote: | Well, if no packets are arriving at the Linux machine the Windows machine isn't
transmitting any; at a guess, they are being stopped by the Windows firewall,
which I've had problems with before. |
I have windows firewall completely turned off
Wireshark reveals that the windows machine is seeing the ipp packets from the linux server (including the URL of the printer I am trying to connect to), but it is sending absolutely nothing when I push the "next" button to add the printer. Windows is just not trying to connect at all, and I have no idea why. |
|
| Back to top |
|
|
linuxfan
n00b
Joined: 18 Apr 2014
Posts: 2
|
| Posted: Fri Apr 18, 2014 12:34 pm Post subject: |
|
|
Has anybody found a solution for this? I have the same problem and it is driving me crazy. I even tried to fiddle with the Windows 7 registry as hinted by:
http://ubuntuforums.org/showthread.php?t=1824426
but alas, to no avail.  [/url]
Will try, if I can at least print from another linux client. |
|
| Back to top |
|
|
linuxfan
n00b
Joined: 18 Apr 2014
Posts: 2
|
| Posted: Sat Apr 19, 2014 3:15 pm Post subject: |
|
|
In the meantime I have been able to test it with a second machine running sabayon. I just added the print-server in /etc/cups/client.conf and accessed via IPP.
No problem. So I doubt it is a general cupsd configuration problem. |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
