Environment
Client for Open Enterprise Server 2 SP4 (IR3)
iPrint
Situation
In some cases, a workstation may attempt to authenticate to an iPrint appliance when such authentication is not needed or desired. The iPrint appliance exists in its own eDirectory tree, and authentication is only needed when using secure printing.
Resolution
Define the correct server for the workstation attachment by configuring SLP and/or DNS, or by using the correct server's IP address when logging in to eDirectory.
The Novell Client communicates with the server over port 524 (NCP). If necessary, stop the iPrint appliance from listening on port 524 using one of these methods:
1. Use SuSE FIREWALL
To block port 524 in the firewall using the YAST FIREWALL interface, click on "Allowed Services", then click the "Advanced" button. There, you will see a list of allowed TCP and UDP ports, including port 524. Remove 524 from both listings and save the changes. Use the appropriate command to apply the changes:
rcSuSEfirewall2 status
rcSuSEfirewall2 start
rcSuSEfirewall2 restart
Or, if you want to edit the firewall configuration file directly, edit the file /etc/sysconfig/SuSEfirewall2 and remove "524" from the following lines:
FW_SERVICES_EXT_TCP
FW_SERVICES_EXT_UDP
2. Use IPTABLES
Enter the following command at a terminal prompt:
iptables -I INPUT -p tcp --dport 524 -j DROP
To re-enable listening on port 524, enter this command:
iptables --delete INPUT -p tcp --dport -j DROP