Are your general users and admin users in the same ldap database ?
If so, I just tried these settings on our CentOS 5, BackupPC 3.1 and Apache 2.2
machine which works.
<Location "/cgi-bin/BackupPC_Admin">
SSLRequireSSL
AuthType Basic
AuthName "BackupPC"
AuthBasicProvider ldap
AuthLDAPGroupAttributeIsDN off
AuthLDAPGroupAttribute memberUid
AuthLDAPURL ldap://localhost/dc=example,dc=com
AuthzLDAPAuthoritative off
require valid-user
</Location>
and in our config.pl
$Conf{CgiAdminUserGroup} = 'Admins';
$Conf{CgiAdminUsers} = '';
Dale
From: D P
Sent: Sunday, April 27, 2008 11:54 PM
To: Dale Renton
Cc: backuppc-users@lists.sourceforge.net
Subject: Re: [BackupPC-users] Backup PC Ldap groups.
Hi Dale
I have this but it does not work to identify administrative users. It only
gives general user access.
<Directory /usr/share/BackupPC/sbin/>
order deny,allow
AuthType Basic
AuthLDAPVersion 2
AuthLDAPurl "ldap://foo:389/bar";
AuthName "BackupPC"
require valid-user
</Directory>.
To make administrative users work I had to add this to my config.pl.
$Conf{CgiAdminUserGroup} = '';
$Conf{GgiAdminUsers} = '';
{
# Use results of ldapsearch in /etc/crontab
open(LDAP,"/etc/BackupPC/admingroup");
$Conf{CgiAdminUsers} = <LDAP>;
close LDAP;
}
I'm open to suggestions for a better way to do this.
-Dex
2008/4/26 Dale Renton <[EMAIL PROTECTED]>:
Are you able to configure Apache to do your ldap authentication ?
Here is what I have in my httpd.conf :
<Location "/cgi-bin/BackupPC_Admin">
AuthType Basic
AuthName "BackupPC"
AuthLDAPGroupAttributeIsDN off
AuthLDAPGroupAttribute memberUid
AuthLDAPURL ldap://ldap.example.com/dc=example,dc=com
require group cn=Admins,ou=Groups,dc=example,dc=com
</Location>
Dale
From: D P
Sent: Tuesday, April 15, 2008 1:23 AM
To: backuppc-users@lists.sourceforge.net
Subject: [BackupPC-users] Backup PC Ldap groups.
I'm trying to populate config.pl with the following.
$Conf{CgiAdminUsers} = '';
{
my @ldapresults = `ldapsearch -x -P2 -b ou=SOMEGROUP,ou=SOMEDIVISION
group='BackupPCAdmin' objectclass=webuser`;
die "ldapsearch failed: $!" unless $0 == 0;
my $ldapgroup = join (' ', grep { defined $_ } map{
m/username=([^,]+)/; $1 } @ldapresults);
$Conf{CgiAdminUsers} = $ldapgroup;
}
Basically its a way of determining administration users via LDAP but it fails
with the following error.
Error: Unable to read config.pl or language strings!!
Is there a way to make this work or is there some other facility to use?
-Dex
------------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
------------------------------------------------------------------------------
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List: https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki: http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/
