[cups] doubt
Luiz Guilherme Nunes Fernandes
narutospinal at gmail.com
Wed Apr 19 10:22:16 PDT 2017
Well, i try with pam too, i create one configuration, look but no work in
cups, in webinterface show, "forbidden" , i test with local users work.
I use nslcd program, work with ssh protocol. No have erros in logs cups. i
look in /var/log/secure too and user command "journalctl -xe"
Any ideas?
#@include common-auth
#@include common-account
#@include common-session
#@include common-password
auth required pam_env.so
auth sufficient pam_unix.so nullok_secure
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
account required pam_unix.so
account sufficient pam_ldap.so
session required pam_limits.so
session required pam_unix.so
session optional pam_ldap.so
My cups configuration:
Listen 631
Listen /var/run/cups/cups.sock
# Show shared printers on the local network.
Browsing On
BrowseLocalProtocols dnssd
# Default authentication type, when authentication is required...
DefaultAuthType Basic
# Web interface setting...
WebInterface Yes
#SystemGroup printers
# Restrict access to the server...
<Location />
AuthType Default
Require valid-user
Order allow,deny
Allow all
Satisfy any
</Location>
# Restrict access to the admin pages...
<Location /admin>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow all
</Location>
# Restrict access to configuration files...
<Location /admin/conf>
AuthType Default
Require user @SYSTEM
Order allow,deny
Allow all
</Location>
#######
2017-04-19 14:13 GMT-03:00 Michael Sweet <msweet at apple.com>:
> Luiz,
>
> LDAP browsing support (using the custom schema) was removed many years
> ago, and is completely unrelated to LDAP authentication (which happens via
> PAM).
>
>
>
> > On Apr 19, 2017, at 1:07 PM, Luiz Guilherme Nunes Fernandes <
> narutospinal at gmail.com> wrote:
> >
> > Weel, no work, i try pam_ldap with this configurations.
> >
> > https://itsecureadmin.com/wiki/index.php/LDAP_Printing
> >
> > I installed last version of cups, this software dont work with parameters
> >
> > My part configuration:
> >
> > BrowseLocalProtocols all
> > BrowseRemoteProtocols all
> >
> > BrowseLDAPBindDN uid=cupsd,ou=people,dc=example,dc=org
> > BrowseLDAPPassword <ldap password>
> > BrowseLDAPServer ldaps://ldap-server.example.org/
> > BrowseLDAPDN dc=example,dc=org
> >
> >
> >
> >
> >
> > 2017-04-19 9:52 GMT-03:00 Michael Sweet <msweet at apple.com>:
> >
> >> Luiz,
> >>
> >> Yes, through pam_ldap. Look at the PAM configuration file for the cups
> >> server (typically /etc/pam.d/cups) and configure as needed to use
> >> pam_ldap.so.
> >>
> >>
> >>> On Apr 19, 2017, at 8:25 AM, Luiz Guilherme Nunes Fernandes <
> >> narutospinal at gmail.com> wrote:
> >>>
> >>> Hi,
> >>> i have one doubt, how i can use authentication with protocol LDAP
> in
> >>> Cups service? i need for webinterface and for add printers shared for
> >> users.
> >>>
> >>> --
> >>> <<<<<<<<<<<<<<<<<<<-----------------------------------------
> >> -------------------------->>>>>>>>>>>>>>>>>>>
> >>>
> >>> < Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem
> ao
> >>> Pai, senão por mim >
> >>> (João 14:6)
> >>>
> >>> Att.
> >>> ♪ ♫ Luiz Guilherme Nunes
> >>> Fernandes ♫ ♪
> >>>
> >>> <<<<<<<<<<<<<<<<<<<-----------------------------------------
> >> -------------------------->>>>>>>>>>>>>>>>>>>
> >>> _______________________________________________
> >>> cups mailing list
> >>> cups at cups.org
> >>> https://lists.cups.org/mailman/listinfo/cups
> >>
> >> _________________________________________________________
> >> Michael Sweet, Senior Printing System Engineer
> >>
> >> _______________________________________________
> >> cups mailing list
> >> cups at cups.org
> >> https://lists.cups.org/mailman/listinfo/cups
> >>
> >
> >
> >
> > --
> > <<<<<<<<<<<<<<<<<<<-----------------------------------------
> -------------------------->>>>>>>>>>>>>>>>>>>
> >
> > < Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem ao
> > Pai, senão por mim >
> > (João 14:6)
> >
> > Att.
> > ♪ ♫ Luiz Guilherme Nunes
> > Fernandes ♫ ♪
> >
> > <<<<<<<<<<<<<<<<<<<-----------------------------------------
> -------------------------->>>>>>>>>>>>>>>>>>>
> > _______________________________________________
> > cups mailing list
> > cups at cups.org
> > https://lists.cups.org/mailman/listinfo/cups
>
> _________________________________________________________
> Michael Sweet, Senior Printing System Engineer
>
> _______________________________________________
> cups mailing list
> cups at cups.org
> https://lists.cups.org/mailman/listinfo/cups
>
--
<<<<<<<<<<<<<<<<<<<------------------------------------------------------------------->>>>>>>>>>>>>>>>>>>
< Disse-lhe Jesus: Eu sou o caminho, e a verdade e a vida; ninguém vem ao
Pai, senão por mim >
(João 14:6)
Att.
♪ ♫ Luiz Guilherme Nunes
Fernandes ♫ ♪
<<<<<<<<<<<<<<<<<<<------------------------------------------------------------------->>>>>>>>>>>>>>>>>>>
More information about the cups
mailing list