I observed the same when authentication is enabled on an IPP Everywhere print server, the driverless Windows IPP inbox class driver keeps trying the IPP
Validate-Job operation (every 5 seconds). Using Wireshark, I observed IPP
uri-authentication-supported is never requested, nor does it respond to the HTTP 401 Unauthorized response.
To enable authentication with the driverless Windows IPP inbox class driver, I believe you'll need to write a Print Support Apps (PSA) PrintSupportExtension that does the authentication.
More about PSA design and PSA association (for Hardware Id or Compatible Id and override for enterprise customers):
Microsoft have abstracted the IPP operations in the PSA API too much so not able to do basic auth in a HTTP header using that API, so in the PrintSupportExtension, I suspect you'll need to talk directly to the IPP Everywhere print server and provide authentication before the
Validate-Job operation, in effect using a side channel.
I also observed that the IPP
requesting-user-name is often not correct, initially it correctly provides a DOMAIN\username account, but after a reboot it annoyingly switches to using a DOMAIN\computername$ account, but with no rhyme or reason it occasionally switches back to DOMAIN\username.
I didn't like the idea of writing custom PSA code and installing that on a clients' BYOD Windows laptops, so side-stepped the issue by writing custom authorization code in CUPS which queries a VPN API for the authorized user on the corresponding IP address.