Problem: Creation of driver store (or any other print object) fails with following error:
Internal Server Error
IPP Error: 0xF01F4
HTTP Error: 500
This occurs when a user tries to create a print object that does not exist in the base context set for the LDAP search in the iPrint configuration file.
Assume that two or more peer containers exist at the top, such as, o=abc and o=xyz, and the tree admin exists in the o=abc as shown below:
TREE |__ o=abc |__cn=admin,o=abc |__ o=xyz
When you setup a DSfW name-mapped forest root domain in o=xyz by using the tree admin (cn=admin,o=abc) and try configuring iPrint by using the domain administrator (o=xyz), you get this error while creating the driver store in o=xyz.
Why It Happens: The iPrint installer takes the root context of the user installing iPrint (o=abc) and sets it as default base context for the LDAP search. When you try to create a driver store as a domain administrator of the o=xyz container, the LDAP search fails to find the user creating the driver store. Creating the drive store with the tree admin cn=admin,o=abc succeeds.
Solution: The base context for LDAP search is stored in the /etc/opt/novell/iprint/httpd/conf/iprint_ssl.conf as mentioned below:
AuthLDAPDNURL "ldaps://frd.xyz.com:1636/o=abc???(objectClass=user)"
The above configuration limits the LDAP search to o=abc. Removing the base context completely allows the LDAP search to start from the tree root, as shown below:
AuthLDAPDNURL "ldaps://frd.xyz.com:1636/???(objectClass=user)