Require group directives not working
Logan Anteau
logan.anteau at eng.utoledo.edu
Mon May 9 08:01:04 PDT 2011
> On May 5, 2011, at 12:51 PM, Logan Anteau wrote:
> > I work for college computing for the College of Engineering at our University and I'm trying to migrate our printing server from the Solaris print server to CUPS. I want to use the CUPS web interface, and require authentication to use it. The problem is all of our users are not local users, they are LDAP users.
> >
> > I tried to use a Require user @mygroup or Require group mygroup for the /admin location. My user is part of "mygroup" yet I get a 403 Forbidden error when I authenticate. I'm assuming this is because "mygroup" is an LDAP group, not a system group. However, what I find interesting is that 'Require user <myuser>" does work when I authenticate. So CUPS recognizes LDAP users but not LDAP groups?
>
> First check your /etc/nsswitch.conf file to make sure that ldap is listed for the group: line.
>
> Second check whether the named group is also a local group on the system; if so, there is a CUPS bug tracking this (currently not targeted for a release since we don't have a good fix). The workaround for this is to list ldap first for the groups, e.g.:
>
> group: ldap files
>
> ________________________________________________________________________
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
>
>
>
Thanks Michael. My nsswitch.conf did have files ldap listed. I did realize there was also a local group of the same name, therefore it was only checking the local group, not the LDAP one. I deleted the local group because it was no longer needed and then it started checking the LDAP group and working correctly. Thanks again.
Logan Anteau
More information about the cups
mailing list