If you want to allow public printing via iPrint, and thought about setting up a user without a password on the account you will run into a snag.
At the backend, iPrint authenticates the client against eDirectory via LDAP. (If you know look at the ipp.conf file for Apache, you will see a line that specifies which server to do the LDAP queries against).
If you enable DStrace with -ALL +LDAP options you should be able to see some of the events happening. (You may need to use ConsoleOne to enable the Screen options on the LDAP server Group object first. Specifically the display Search requests).
The reason an account with no password is an issue, is due to a 'feature' of the LDAP specification. LDAP considers a bind with a DN (Username) but no password, the same as an anonymous bind.
So even though you pass it a DN, iPrint tries to validate you as an anonymous bind. Which will not allow the account to print.
Your best bet is to create a service account that you can tell everyone the password for.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.