From: Dale R. <dal...@ho...> - 2008-04-29 16:15:59
|
Are your general users and admin users in the same ldap database ? If so, I just tried these settings on our CentOS 5, BackupPC 3.1 and Apache 2.2 machine which works. <Location "/cgi-bin/BackupPC_Admin"> SSLRequireSSL AuthType Basic AuthName "BackupPC" AuthBasicProvider ldap AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute memberUid AuthLDAPURL ldap://localhost/dc=example,dc=com AuthzLDAPAuthoritative off require valid-user </Location> and in our config.pl $Conf{CgiAdminUserGroup} = 'Admins'; $Conf{CgiAdminUsers} = ''; Dale From: D P Sent: Sunday, April 27, 2008 11:54 PM To: Dale Renton Cc: bac...@li... Subject: Re: [BackupPC-users] Backup PC Ldap groups. Hi Dale I have this but it does not work to identify administrative users. It only gives general user access. <Directory /usr/share/BackupPC/sbin/> order deny,allow AuthType Basic AuthLDAPVersion 2 AuthLDAPurl "ldap://foo:389/bar" AuthName "BackupPC" require valid-user </Directory>. To make administrative users work I had to add this to my config.pl. $Conf{CgiAdminUserGroup} = ''; $Conf{GgiAdminUsers} = ''; { # Use results of ldapsearch in /etc/crontab open(LDAP,"/etc/BackupPC/admingroup"); $Conf{CgiAdminUsers} = <LDAP>; close LDAP; } I'm open to suggestions for a better way to do this. -Dex 2008/4/26 Dale Renton <dal...@ho...>: Are you able to configure Apache to do your ldap authentication ? Here is what I have in my httpd.conf : <Location "/cgi-bin/BackupPC_Admin"> AuthType Basic AuthName "BackupPC" AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute memberUid AuthLDAPURL ldap://ldap.example.com/dc=example,dc=com require group cn=Admins,ou=Groups,dc=example,dc=com </Location> Dale From: D P Sent: Tuesday, April 15, 2008 1:23 AM To: bac...@li... Subject: [BackupPC-users] Backup PC Ldap groups. I'm trying to populate config.pl with the following. $Conf{CgiAdminUsers} = ''; { my @ldapresults = `ldapsearch -x -P2 -b ou=SOMEGROUP,ou=SOMEDIVISION group='BackupPCAdmin' objectclass=webuser`; die "ldapsearch failed: $!" unless $0 == 0; my $ldapgroup = join (' ', grep { defined $_ } map{ m/username=([^,]+)/; $1 } @ldapresults); $Conf{CgiAdminUsers} = $ldapgroup; } Basically its a way of determining administration users via LDAP but it fails with the following error. Error: Unable to read config.pl or language strings!! Is there a way to make this work or is there some other facility to use? -Dex ------------------------------------------------------------------------------ ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ------------------------------------------------------------------------------ _______________________________________________ BackupPC-users mailing list Bac...@li... List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/ |