[cups.general] CUPS client to Windows 2003 print server

Carrie Knox knox at sgi.com
Wed Jun 16 13:41:29 PDT 2004 

>
> Okay, so, next question...does this happen from all users on this machine,
>
>or just one particular user? Are all the users on this machine users in
>Active Directory as well?
>
>john
>
> -- John C. Welch CIS johnwelch at kclife.com (816) 753-7299 x8473
>
Hello,

I was previously printing as "root" on the Fedora-c2 client.   Printing 
from another non-root account on the fedora-c2 client  resulted in the 
same behaviour and the same System and Security event log messages on 
the Windows 2003 print server.

Windows 2000 client systems can successfully print through  the Windows 
2003 server.

When printing from a Windows 2000 client system this is what is logged 
to the Windows 2003 server System event log:

Document 160, Microsoft Office Outlook - Memo Style owned by bpowers was 
printed on b4r167 via port b4r167.americas.sgi.com.  Size in bytes: 
1003112; pages printed : 1

And only two messages are logged to the Windows 2003 server Security 
event log:

-----------------------------------
Special privileges assigned to new logon:
   User Name:    bpowers        
   Domain:       AMERICAS
   Login ID:     (0x0, 0x8EBC5B8E)
   Privileges:   SeChangeNotifyPrivilege
-----------------------------------
"Successful Network Logon:
   User Name:   bpowers
   Domain:      AMERICAS
   Logon ID:    (0x0,0x8EBC5B8E)
   Logon Type:   3
   Logon Process:   NtLmSsp
   Authentication Package:   NTLM
   Workstation Name:   PC-BPOWERS  
   Logon GUID:   -
   Caller User Name:  -
   Caller Domain:       -
   Caller Process ID:   -
   Transited Services:  -
   Source Network Address:  137.38.67.35
   Source Port:   0
 
It appears that the Windows 2000 clients are not using the 
IUSER_CF--CF--006FP-2 account for authentication, but are instead 
authenticating with the user's logon domain account using different 
logon processes and authentication packages than the fedora-c2 client.

Also, I see that the Source Network Address is known and the Source Port 
is set.

Not sure what would need to happen to get the fedora-c2 client to 
authenticate with the user's logon instead of the IUSER_<servername> 
account.  I'm guessing that IUSER_<servername> is used for anonymous?

Thanks,
Carrie

More information about the cups mailing list