LDAP and CUPS web auth problem (Solved)

[bartmank]

I have an interesting problem getting authorized to modify printers on my cups install.

A run down of the situation is thus:

1. install gentoo base system. use flags marked to use ldap, cups, and a few other programs.

2. Install cups 1.1.14 as that was the last version that I have gotten working.

3. Configure 2 network attached printers (Phaser7700 and a HP4si)

4. Install openldap 2.0.27, and configure it to do login authorization for users.

5. Try to configure the previously installed printer, via cups web interface, but cant seem to get root access to printer config. (Popup window with "username and password")

6. Screem bloody murder while boss says "This is why we dont use linux on the desktop"


I have 8 shell accounts that can log into the machine right now. root is _not_ in ldap, and my personal account is defined in both local files and ldap database. Everyone else is only in ldap. All shell accounts have been confirmed as working, including root.

If you need the config files posted, I'll do that in a follow-up. (Kinda long for a bb post)

[rwallace]

I have the same issues. But I'm using ldap for name service lookups and krb5 for authentication. If I modify my /etc/pam.d/system-auth to drop the krb5 modules, everything works fine and I can do administration from the web interface. Otherwise, it throws me out.

I have pam configured to try the unix module first, so it should check the passwd file first and only if that fails should ldap even come into play. I'm at work and don't have the log files around, but I seem to remember it was actually a problem with session or account settings in pam.

bartmank: Could you check the logs and post the error message pam is kicking up for you?

[bartmank]

Here is my pam config file. I followed an online howto as well as I could.

[bartmank]

Another problem I just noticed, su no longer works.

[bartmank]

I fixed it by putting the following into the file /etc/pam.d/cups: