Are your general users and admin users in the same ldap database ?
 
If so, I just tried these settings on our CentOS 5, BackupPC 3.1 and Apache 2.2 machine which works.
 
<Location "/cgi-bin/BackupPC_Admin">
   SSLRequireSSL
   AuthType Basic
   AuthName "BackupPC"
   AuthBasicProvider ldap
   AuthLDAPGroupAttributeIsDN off
   AuthLDAPGroupAttribute memberUid
   AuthLDAPURL ldap://localhost/dc=example,dc=com
   AuthzLDAPAuthoritative off
   require valid-user
</Location>
 
and in our config.pl
 
$Conf{CgiAdminUserGroup} = 'Admins';
$Conf{CgiAdminUsers} = '';
Dale

 
From: D P
Sent: Sunday, April 27, 2008 11:54 PM
To: Dale Renton
Cc: backuppc-users@lists.sourceforge.net
Subject: Re: [BackupPC-users] Backup PC Ldap groups.

Hi Dale

I have this but it does not work to identify administrative users. It only gives general user access.

<Directory       /usr/share/BackupPC/sbin/>
  order deny,allow
  AuthType Basic

  AuthLDAPVersion 2
  AuthLDAPurl "ldap://foo:389/bar"
  AuthName "BackupPC"

  require valid-user

</Directory>.

To make administrative users work I had to add this to my config.pl.

$Conf{CgiAdminUserGroup} = '';
$Conf{GgiAdminUsers} = '';
{
    # Use results of ldapsearch in /etc/crontab
    open(LDAP,"/etc/BackupPC/admingroup");
    $Conf{CgiAdminUsers} = <LDAP>;
    close LDAP;
}

I'm open to suggestions for a better way to do this.

-Dex


2008/4/26 Dale Renton <dale_renton@hotmail.com>:
Are you able to configure Apache to do your ldap authentication ?
 
Here is what I have in my httpd.conf :
 
<Location "/cgi-bin/BackupPC_Admin">
   AuthType Basic
   AuthName "BackupPC"
   AuthLDAPGroupAttributeIsDN off
   AuthLDAPGroupAttribute memberUid
   AuthLDAPURL ldap://ldap.example.com/dc=example,dc=com
   require group cn=Admins,ou=Groups,dc=example,dc=com
</Location>

 

Dale
 

From: D P
Sent: Tuesday, April 15, 2008 1:23 AM
Subject: [BackupPC-users] Backup PC Ldap groups.

I'm trying to populate config.pl with the following.

$Conf{CgiAdminUsers} = '';
{
        my @ldapresults = `ldapsearch -x -P2 -b ou=SOMEGROUP,ou=SOMEDIVISION group='BackupPCAdmin' objectclass=webuser`;
        die "ldapsearch failed: $!" unless $0 == 0;
        my $ldapgroup = join (' ', grep { defined $_ } map{ m/username=([^,]+)/; $1 } @ldapresults);
        $Conf{CgiAdminUsers} = $ldapgroup;
}


Basically its a way of determining administration users via LDAP but it fails with the following error.

Error: Unable to read config.pl or language strings!!

Is there a way to make this work or is there some other facility to use?

-Dex


-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone


_______________________________________________
BackupPC-users mailing list
BackupPC-users@lists.sourceforge.net
List:    https://lists.sourceforge.net/lists/listinfo/backuppc-users
Wiki:    http://backuppc.wiki.sourceforge.net
Project: http://backuppc.sourceforge.net/