How to enable printer browsing

Browsing problems

  1. TUN-based VPN network does not support broadcasts, so we use polling.
  2. Host names set by ServerName directive in cupsd.conf should be primary DNS host names. Otherwise receiving site will detect both advertised and DNS-normalized name and two printers will be registered, e.g. PDF and [email protected].
  3. CUPS does not inherit user-level protection (-u) and error policy settings upon browsing. Imported printer will allow access from all users and will retry failed jobs upon error. And the error will be job rejected by exported printer due not user not authorized. This is hard to detect because lpq does not show error status, it only reflects job being active (however, lpinfo -p shows the status). THe solution is to add prninters manually, like lpadmin -v ipp://REMOTEHOST/printers/REMOTEPRINTER -o printer-error-policy=abort-job -u allow:root,remroot,@printlords -o printer-is-shared=true
  4. CUPS in RHEL4 does not by default update printcap, so we configure this explicitly
  5. The Listen directive in cupsd.conf does not let set listening on interface, only on address. Thus configuration file would be different between clients if we wanted to say listen only on tun0 (i.e. local LAN). Will set it to *:631 for now, though that less secure.

cupsd.conf on RHEL

cupsd.conf on Ubuntu