I am having mixed results with iPrint authentication. Some users are
working, and some are not. Below is output from a dstrace and apache
debug. Both users have Unique ID's. The iPrint server is NW 6.5 SP6 with
the iPrint client 4.26.

A DSTRACE of the LDAP server shows:

Non-working
LDAP: [2007/05/07 11:11:51] DoSearch on connection 0x8295b760
LDAP: [2007/05/07 11:11:51] Search request: base:
"CN=username1,OU=Administration,O=clc" scope:0 derefence:3 sizelimit:0
timelimit:0 attrsonly:0 filter:
"(&(objectClass=user)(uid=*))"
LDAP: [2007/05/07 11:11:51] Sending operation result 0:"":"" to connection
0x8295b760 LDAP: [2007/05/07 11:11:51] DoSearch on connection 0x8295b760
LDAP: [2007/05/07 11:11:51] Search request:
base: ""
scope:2 derefence:3 sizelimit:0 timelimit:0 attrsonly:0 filter:
"(&(objectClass=user)(uid=CN=username1,OU=Administ ration,O=clc))"
LDAP: [2007/05/07 11:11:51] Sending operation result 0:"":"" to connection
0x8295b760

Working
LDAP: [2007/05/01 11:22:16] Search request: base: "o=clc" scope:2 derefence:3 sizelimit:0 timelimit:0 attrsonly:0
filter: "(&(objectClass=user)(uid=username2))"
LDAP: [2007/05/01 11:22:16] Sending search result entry
"cn=username2,ou=ts,o=clc" to connection 0x82775460
LDAP: [2007/05/01 11:22:16] Sending operation result 0:"":"" to connection
0x82775460
LDAP: [2007/05/01 11:22:17] DoBind on connection 0x82775460

Apache2 debug shows:

[Mon May 07 11:12:23 2007] [debug] mod_auth_ldapdn.c(457): [client
10.0.18.36] [4] auth_ldapdn authenticate: using URL
ldaps://X.X.X.X:636/???(objectClass=user)

[Mon May 07 11:12:23 2007]
[debug] mod_auth_ldapdn.c(478): [client 10.0.18.36] [4] auth_ldapdn
authenticate: filter: (&(objectClass=user)(uid=*))

[Mon May 07 11:12:23 2007] [warn] [client 10.0.18.36] [4] auth_ldapdn
authenticate: user CN=username1,OU=Administration,O=clc authentication
failed; URI /ipps/W222_Canon_C2880 [User not found][No such object]
[Mon May 07 11:12:23 2007] [debug] mod_auth_ldapdn.c(457): [client
10.0.18.36] [4] auth_ldapdn authenticate: using URL
ldaps://134.29.212.1:636/???(objectClass=user)

[Mon May 07 11:12:23 2007][debug] mod_auth_ldapdn.c(478): [client 10.0.18.36] [4] auth_ldapdn
authenticate: filter:
(&(objectClass=user)(uid=CN=username1,OU=Administr ation,O=clc))

[Mon May 07 11:12:23 2007] [warn] [client 10.0.18.36] [4] auth_ldapdn
authenticate: user CN=username1,OU=Administration,O=clc authentication
failed; URI /ipps/W222_Canon_C2880 [User not found][No such object]

[Mon May 07 11:12:23 2007] [error] [client 10.0.18.36] no acceptable
variant: SYS:/apache2/error/HTTP_UNAUTHORIZED.html.var


My IPP.CONF looks like:

# this is the default config for secure printing
<IfModule mod_ipp.c>
<Location /ipp>
Order deny,allow
Allow from all
</Location>

<Location /ipps>
Require valid-user
Order deny,allow
Allow from all
AuthType Basic
AuthName "CLC_ALPHA"
AuthLDAPURL "ldaps://X.X.X.X:636/???(objectClass=user)"
AuthLDAPRemoteUserIsDN on
<IfModule mod_auth_ldap.c>
AuthLDAPEnabled off
</IfModule>
AuthLDAPDNAuthoritative on
AuthLDAPAllowDNAuth on
</Location>
</IfModule>