Troubleshooting iPrint Driver Store Errors
Novell Cool Solutions: Tip
By Jeffry Sleddens
|
Digg This -
Slashdot This
Posted: 7 Sep 2007 |
Problem:
Getting the following errors when trying to create an iPrint driver store:
Authorization Required IPP Error: 0xF0191 HTTP Error: 401 Error: "HTTP 401 - Unauthorized." when uploading drivers to the Broker. Unable to access secure page https://ipaddress/ipps
Solution:
The default Apache iPrint configuration is set up to do an anonymous bind LDAP search to verify the user credentials. This will obviously fail when you have restricted public access to your tree. So to solve this problem we added two lines to the iPrint SSL apache configuration to make it use an authenicated bind to lookup user details and authenticate the user.
In /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf we added the following lines just below the AuthName line:
AuthName "your tree name" AuthLDAPBindDN cn=username,o=novell AuthLDAPBindPassword userpassword
The user used in the AuthLDAPBindDN needs to have browse privileges and read rights on the uniqueID attribute of user objects in your tree.
EXAMPLE:
The complete configuration file should look like this:
<IfModule mod_ipp.c>
<LocationMatch ^/(ipps|idss|[Pp][Ss][Mm][Ss][Tt][Aa][Tt][Uu][Ss])($|/)>
#SSLRequireSSL
Require valid-user
Order deny,allow
Allow from all
AuthType Basic
AuthName "HR_TREE"
AuthLDAPBindDN cn=<LDAPUSER>,o=novell
AuthLDAPBindPassword <PASSWORD>
AuthLDAPURL "ldaps://localhost/o=hr???(objectClass=user)"
AuthLDAPRemoteUserIsDN on
<IfModule mod_auth_ldap.c>
AuthLDAPEnabled Off
</IfModule>
AuthLDAPDNAuthoritative On
AuthLDAPAllowDNAuth On
</LocationMatch>
</IfModule>
Environment:
Novell OES/Linux SP2
Novell iPrint 5.1
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com