Setting up and maintaining a print service is a major task of a system administrator. In some large organizations a full time printing administrator plans, configures, monitors, maintains, and troubleshoots the printing service, not to mention adding paper and toner when needed. For background information on printing services see How Printing Works. In this project you will set up your server to use the Windows networked printer located in the classroom as your server's default printer.
You will configure the CUPS print system on your
The default print system for some (older) Unix/Linux systems is
not CUPS (common Unix print system).
However, CUPS is the default on more modern Linux and
Unix systems so that is the system you need to know.
A good source for documentation is
In order to configure CUPS you will need to make sure
LPRng print system daemon
is configured not to start automatically.
In addition the various print system commands (such as
have two versions,
The commands such as
lpr are really
symlinks on Fedora, to one set of commands
or the other.
By default on your system the links may refer to the
set of commands rather than the CUPS versions.
If so this must be changed so that the various user and administrator
commands refer to the CUPS versions.
Finally the CUPS print server
must be set to start automatically, and must be manually turned on now
(if not already running) in order to configure any printers.
To complete your printer setup you will need to gather information about the actual printer to be used, and any networking configuration information.
Printing should work using either the
lpr command, a
“Printer” icon on the desktop, or a “print...” menu
choice from some GUI application.
The default printer name historically (that is, for
lp and lpr systems) is
lp”, so you can name
your printer that.
However you can have several names (aliases) for each
printer, by modifying the printer configuration file
/etc/printcap for LPR,
/etc/cups/* for CUPS) directly.
(The current version of CUPS doesn't allow this
functionality from the GUI tool yet, but there are
command line tools you can use, or other GUI
In CUPS, printer names are not case-sensitive,
and can contain any characters except white-space.
Beside the GUI interface (and the Red Hat
the CUPS print system can be configured through
a number of command line utilities.
Printers, classes, and servers can be managed with
(Note the older LPRng command
lpc doesn't do much with
CUPS, but is provided with limited functionality.)
System default options for printers can be set using
Note that regular users can also use
to set their own options that over-ride the system defaults.
Finally printing can be configured by directly editing the
/etc/printcap (the configured
printers database) and the CUPS configuration files
It is not recommended to edit these files directly, especially
/etc/printcap, as these files are re-written when the
various administration utilities are used.
This project can only be completed at HCC. Although some time may be provided in class to work on this project, it is likely you will need to schedule extra time outside of class to come to HCC and complete the printing setup. (Do not try to print anything when the class is working on something else!)
Many print servers use TCP, so your default firewall setup will work fine for that (allowing any outgoing TCP connection, and allowing the replies for open connections.)
A Windows print service may rely on some UDP services too, so to communicate with a Windows print server you may need to open additional firewall holes. (You don't need to do this for our classroom setup, but you should understand how.)
To talk SMB to a
Windows print server you may need to open firewall
holes for ports
TCP/445, and possibly
ports UDP/137, UDP/138, and
This can be done by running the
(which will open a hole until the next reboot):
iptables -I RH-Firewall-1-INPUT -p tcp -m tcp --dport 445 -j ACCEPT
Or by editing the iptables configuration file.
On Fedora/Red Hat systems that is the file
Add the following near the middle somewhere to make a hole:
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 445 -j ACCEPT
Repeat if needed for the other three ports (137–139), used for older Windows servers. To view the current list of iptables rules:
iptables -L -v --line-numbers
It might be easier just to turn off iptables or firewalld temporarily when testing out your printer setup:
If you still have trouble running a daemon, it may be an SE Linux
If SE Linux is set to ldquo;Enforcing”,try running the
service with it set to “Permissive”.
(The commands to use are
Using the standard CUPS GUI administration tool, the information in your textbook, and the configuration information provided below, create a default printer setup for your computer that will print to the HP laser printer in our classroom.
That printer is attached to a Windows server.
You could therefore use the
to connect to the Windows server.
In order to connect to the Windows server and use the printer,
you would need to provide your HCC network username
However this printer is networked,
so we will bypass the Windows server and send print jobs to
the printer directly.
Samba isn't required.
Nonetheless, you will do some of the steps needed to setup for
a Windows-attached printer, for the learning experience.
Answer all of the following questions, and perform the following tasks:
setenforce. If the default is enforcing, for the classroom computer is should be safe enough to change that, so it boots in permissive mode. Edit the file
/etc/selinux/configto change that. (The correct fix is to change SE Linux's policy, but you don't know how to do that yet.)
ps -ef”. Is either
lpdrunning now? If
lpdis running you must stop it. (Note that Fedora 10 and newer uses CUPS and not lprNG.) Exactly what command did you use to stop this service?
lpdor CUPS services configured to start automatically? Use the
systemctlcommand(s) to find out; if using
systemd, find the
cups.servicefile and look in the “
[Install]” section for the value of the “
systemctlto do this. In which run-levels or targets is CUPS now configured to start?
/usr/bin/lprand others are actually symlinks (or symbolic links or soft links). The reason is that there are often two versions of these commands, one set for the
LPRngprint system and one for the CUPS print system. To facilitate the switching from one system to another Red Hat (including Fedora) has adopted the
alternativessystem. For example the
lprsymlink points to another symlink,
/etc/alternatives/print, which in turn points to either
/usr/bin/lpr.cups. What is the ultimate command (e.g., non-symlink) executed on your system now for the
LPRngto CUPS. To switch all the printing related symlinks at once you should use the
alternatives --config printcommand. Here's a sample session:
[root@YborStudent root]# cd /etc/alternatives [root@YborStudent alternatives]# ls -l print lrwxrwxrwx 1 root root 17 Apr 10 2003 print -> /usr/bin/lpr.LPRng [root@YborStudent alternatives]# alternatives --config print There are 2 programs which provide 'print'. Selection Command ----------------------------------------------- 1 /usr/bin/lpr.cups *+ 2 /usr/bin/lpr.LPRng Enter to keep the default[*], or type selection number: 1 [root@YborStudent alternatives]# ls -l print lrwxrwxrwx 1 root root 17 Nov 6 19:09 print -> /usr/bin/lpr.cups [root@YborStudent alternatives]#
/dev/lp0), or by forwarding the print job to another print server that manages the printer (this may be a Windows/SMB print service, a CUPS service, or something else).
In some cases the printer contains its own internal printer server; this is called a networked printer. Many Hewlett-Packard (“HP”) models contain a print server known as a “Jet Direct” card. CUPS can control local printers and talk to remote print servers to forward print jobs, but it will need the correct driver to talk to that printer. CUPS calls these drivers “back-ends”. You need to determine how your host will communicate to the printer or remote print server, and make certain the correct back-end is installed.
Fortunately for you, the current version of CUPS pre-installs many commonly used back-ends for you. However, you still need to know which back-end to use.
In order for CUPS to be able to use Samba's SMB to
communicate with Windows servers, you must verify the
smb backend for CUPS is
(Note this isn't required for our class printer, but you can go through
these steps anyway, for the experience.)
Run the command
Which backends are your version of CUPS
configured to use?
smb is not listed, you can add it
if you've installed the Samba package, by running the following commands:
which smbspool # This command verifies you have samba installed on # your system. If this doesn't locate the file you # must install the samba packages before proceeding. ln -s `which smbspool` /usr/lib/cups/backend/smb
ps -ef” again. Is CUPS running? (Look for the actual command of
cupsd, which you can determine by examining the systemd unit file for that service.) Examine the system log with the command “
tail -50 /var/log/messages”. What messages (if any) appear related to printing?
Previously this printer was managed by a Windows print server
In January 2007 the printer in DTEC-461 was moved
to a new subnet (i.e., network LAN).
In April 2014, it was moved to yet another LAN.
While in theory it is still possible to connect via Samba
dmtec2 Windows print server,
in practice the firewall between
dmtec2 and our
classroom LAN makes such access difficult from our
Fortunately, it is possible to connect directly to the printer,
so that's what you will do for this project.
But how to connect? It would depend on the type of print server installed in that printer (if any) and it's configuration. It is useful to know how to figure out this sort of information, as this type of situation occurs more frequently than you might suspect.
A physical examination of this printer should tell you:
PCL”, so this printer supports PCL. (A PostScript printer would be your default guess, especially if the LCD display shows “PostScript” or “PS”. Even if nothing showed, you can guess PostScript first and if that doesn't work try PCL next.)
After making sure the printer is powered on, run
nmap Printer's IP
(You may have to install
What port(s) are open on the printer?
grepfor the port numbers on the file
/etc/services. You can also Google for information with a query similar to “port number 12345”. What type of print servers are available (if any) on this printer?
Note that every so often, the CUPS GUI changes. So the steps shown here may not exactly match what you see.
Now configure the printer and print a test page, using the following steps. (See the Troubleshooting Hints below if you have a problem.)
Printers” tab to view the screen that shows your configured printers. This should show “No printers” for now.
rootpassword for your system to configure printing.
LPRnetworked connection, a USB port, etc. You can select only the devices for which you have a backend installed. Scroll through the list that appears and you should see a choice for the type of print server controlling the printer. (If it doesn't appear on your system, make sure networking is up and running!) enter the device for the protocol you decided to use (from among the ones supported by the printer).
Note that newer versions of CUPS may have a network printer discovery function, and this may auto-detect our printer. If so, you can use that to automatically configure the printer. However, you should practice the steps needed when a printer isn't automatically discovered on the network. So continue the steps below for manually configuring your printer. (If you give up at some point and use the auto-detected configuration, make sure you note all the relevant information in your journal.)
smb://username:password@domain/server/sharewhere the username and password are your valid HCC network user ID and password. The remaining parts of the URI can be found in the table provided below. For a JetDirect print server at IP address
18.104.22.168the correct back-end is called “AppSocket/HP JetDirect”, and the correct URI is “
socket://22.214.171.124” or “
socket://126.96.36.199:9100”, with the correct IP address of course. What URI did you use?
If you try to use a printer unsupported with the current version of CUPS, you can find an different installation of CUPS you may be able to copy the PPD file needed. (You can try to find a free one on the Internet using Google; maybe you'll have more luck than I did!) If no exact matching PPD file is available you need to use the nearest match. Which PPD files (print drivers) show on the list that you would consider as possible PPDs to use for a LaserJet III Si printer? (Don't forget to consider the non-HP “generic” PPD files available, such as one for any “PostScript 3 printer” or for any “PCL 6 printer”.)
Of course the real answer is not to use a 15+ year old printer, or to pay for the correct PPD, or to write (or hire a consultant to write) a custom PPD. If no models listed seem a reasonable choice, choose a generic “PostScript” printer.
lprcommand to print a copy of your system's
/etc/passwdfile. You can use the
prcommand to format the printing of the
/etc/passwdfile, including a page header with the date and your name in it. You can either pipe the output of
lpr, or use special
lproptions to set a header. See the
prman pages for details. What error message(s) did you get when you tried this?
lpoptionscommand. What was the exact command used to set your default printer? In what file is that option recorded?
lpoptions(changes made using this command as root don't set the root user's defaults but the system-wide defaults), go back to the CUPS web page, select your printer from the “Printers” tab, and make it the default using the “Administration” drop-down list of commands. What file gets modified when you set system-wide CUPS defaults this way? Verify the default works by printing something. (As before, make sure no one else is printing when you try this, and remember to recycle and not discard used paper.)
The last step is to determine a maintenance schedule, and to order the correct supplies (replacement parts for the printer elements that wear out after a certain number of pages have been printed, toner, cleaning supplies, etc.) in a timely fashion.
After trying to locate the information you may come to the Hewlett-Packard support site for this printer. You should be able to find manuals describing the use and setup of the printer, and maintenance information. (In reality, older printer models may not have the information available. You can try the Internet Archive and try to locate an archived version of the information you need.)
A printout of the CUPS test page that you produced,
a printout of your
/etc/passwd file, and a
printout of your system journal entries describing
in detail the printing setup on your system
and the answers to the questions above.
Make sure your name is clearly printed at the top of each page and
remember to staple all the pages together.
You can submit project questions to . Please see your syllabus for more information about submitting projects.
Make sure no one else is printing a test page at the same time you are, since there is no way to tell whose setup worked and whose didn't when only one page prints!
If you ever need to use the SMB protocol to print
to a Windows print server (and you won't for this project),
you will not need to start the
Samba server is used to make your Linux system
appear in the Network Neighborhood of other computers,
as if it were another Windows server.
You don't need the server on the local system to be running to use
SMB or the
Samba client tools to print to a Windows
(You only would need this if you wanted to offer print services to
Be careful when entering in the information, it is easy to make a
typo when entering the URIs.
One common problem is using the wrong type of slash (use
forward slashes (“/”) not backslashes).
Some problems that can occur if using SMB include
using a Windows account that was never activated (or that
has been deactivated), using the wrong Windows password, using a
Windows password that contains special characters (shell
metacharacters such as
*, ?, \, !, $, ', ",
a space, etc.), and using a password that is too long.
To print to an HCC Windows printer you will need a valid HCC Windows network username and password. You can learn your HCC network ID by using WebAdvisor. Even if you are certain your HCC network ID and password are fine, you should walk to the open lab and attempt to log in using that username and password on one of the Windows computers. If you have any problems with your HCC ID, consult with a lab tech.
A Windows Share name is the unique UNC (Universal Naming Convention) name of a shared resource such as a printer, in the form “//server_name/printer_name” or (as in our case) “//domain_name/server_name/printer_name”.
If the correct printer driver is selected the resulting printout should appear fine for either text or PostScript. However your version of CUPS may not ship with the exact printer driver for some printer models. To fix this you can upgrade the printing packages on your system which will (hopefully) include the correct printer driver. If you can't find the one you need, experiment a bit with printer drivers for similar printers. You will usually find one that works pretty well. If all else fails you can use the generic “PostScript” or “PCL” printer.
If the first driver you select doesn't work and you go to change it, Using the standard CUPS GUI tool you must go through the wizard again. All the old information is preserved so all you need to is to click “continue” at each step, until you come to the driver choice (where you will make a new selection). However, for security reasons the username and password don't appear in the displayed “URI”. I've learned that if you just click continue to get to the driver selection page, the information that is showing replaces the information that was stored. In short, the username and password will vanish if you just hit “continue” on that page! The fix is easy, just re-enter your username and password into the URI that shows.
If all else fails, after attempting to print a test page
check the log files for errors, especially
In the table below is the specific information needed to configure a printer on Linux for remote printing to the printer in room 461. This printer is attached to a Windows server. To use the Windows print server, you would need to use Samba and your HCC network user ID and password to use this printer via the Windows print server. However it is not necessary to use that Windows print server; you can print directly to the printer. But if multiple hosts print to the printer at the same time, it is difficult to know who printed what.
Most of the information used is case-sensitive, so be sure to enter it exactly as shown. Some of the data in the table (shown in gray) would only be needed to connect to a Windows print server, and is for informational use only.
|Domain (Workgroup) Name|
|Note:||if you don't see this exact model listed, try to find the closest match possible. You may have to try more than one if the first driver you try doesn't work.|