The company for which I work recently acquired two Xerox DP90 printers, each with its own Sun Blade 150 print server, which present themselves to the network as LPR devices.
The company's data processing system is mostly built in-house and is fully Windows-based: Win NT 4.0, Windows 2000, XP, and some Windows Server 2003.
After two weeks of fighting with the Windows servers and workstations in an effort to get them to print consistently - not to mention just printing full jobs - I wound up testing a Linux (Knoppix 3.6) system quickly set up as a printing workstation.
For printing hundreds of PDF files this worked flawlessly. It's been in use for more than a week; I've received only compliments and no emails questioning my genetic heritage
I'm now installing SuSE 9.2 on one of our data center servers to let it take the place of the local workstation.
Samba maps the desired network shares correctly and the printers still work exquisitely.
I now need to be able to prove to those at pay grades higher than my own (my immediate supervisor fully approves of this, by the way; he has a long UNIX background) that the security on my system is at least equal (their term) to that of the Windows systems.
Even though the system is running under my domain login, I'd like to be able to restrict the permissions available to the imported shared directories at the local machine.
Basically, while the users of the system will need to be able to print files, view files, close and open the shared directories, I need to absolutely prevent any file deletion via this machine by the non-root users. 'sudo' will not be available to them, as well.
(File deletions are carried out only via the console of the machine(s) from which the files are being deleted.)
I did look through the SuSE administration guide and skimmed the Samba man pages but didn't come across anything that looked like the solution.
Thanks for any advice!