You can implement both user and group mapping through the EasySpooler Security window. You can create a user map that maps documents submitted by a particular user to another user and/or group and you can create a group map that maps documents submitted by a particular group to a particular user and/or group.
When searching for a user map, EasySpooler looks for the real user, not a user set on the command line with the -u option or a user set with the environment variable LPOVERRIDE, LPS_USER, or LPOPTION. With three exceptions, the real user is the user who submitted the document. The three exceptions are as follows:
For documents received from a trusted external host via a Rhapsody or an EasySpooler destination, the real user is the user in the incoming queue record.
For documents received from a trusted external host through lpr, the real user is the user in the lpr control record.
For documents spooled by the llpd directory monitoring program, the real user is the user who starts the llpd monitoring program, usually the EasySpooler administrator.
When searching for a group map, EasySpooler looks for the primary group of the real user. It looks up the primary group for the real user on the host on which the mapping is done. If the user does not exist on that host or if the file $LPSDIR/adm/.nogetgrgid exists on that host, it cannot determine the primary group and therefore ignores all group maps.
Mapping can also set document permissions. For example, you might create a map that sets permissions so that a certain user, say the Production Manager, has ownership privileges for all documents submitted by the Production group. This mapping provides security because only the Production Manager can look at the documents. It also allows the Production Manager to control the printing of documents, for instance restarting the printing of a document interrupted by a paper jam.
You can also configure a default mapping to map documents submitted by users who are not defined in a user map or a group map. In addition, you can configure a remote mapping to map documents submitted by users on a remote system that is untrusted.
See User Mapping or Group Mapping for more information.
See Default Mapping or Remote Mapping for more information.
CAUTION: If you use the environment variable LPOVERRIDE to set any options, these settings take precedence over mapping definitions.