[BackupPC-users] I get the error "Only privileged users can...''

[Justin Best]

First, my congratulations to Craig for creating a truly useful and unique piece of software. I am very impressed.   My setup: VERY basic Debian Sarge with BackupPC 2.1.1-2sarge1 installed via “apt-get install backuppc”   I have used Muyiwa’s excellent tutorial on Active Directory integration at http://muyiwataiwo.com/main/book/howtos/linux_ad_integration to integrate my installation with Active Directory.  I’m getting the error I get the error “Only privileged users can...” as mentioned in the FAQ. However, the solution listed in the FAQ doesn’t resolve my problem. As advised in the FAQ, I set up printenv.cgi to see what I could see regarding the REMOTE_USER variable. It sure looks like Apache is properly passing REMOTE_USER to me: /backuppc/printenv.cgi: AUTH_TYPE="Basic"DOCUMENT_ROOT="/var/www"GATEWAY_INTERFACE="CGI/1.1"HTTP_ACCEPT="*/*"HTTP_ACCEPT_ENCODING="gzip, deflate"HTTP_ACCEPT_LANGUAGE="en-us"HTTP_CONNECTION="Keep-Alive"HTTP_HOST="10.10.20.12"HTTP_USER_AGENT="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)"PATH="/bin:/usr/bin:/usr/local/bin"QUERY_STRING=""REMOTE_ADDR="10.10.20.2"REMOTE_PORT="1823"REMOTE_USER="PDXMISSION\Administrator"REQUEST_METHOD="GET"REQUEST_URI="/backuppc/printenv.cgi"SCRIPT_FILENAME="/usr/share/backuppc/cgi-bin//printenv.cgi"SCRIPT_NAME="/backuppc/printenv.cgi"SERVER_ADDR="10.10.20.12"SERVER_ADMIN="[EMAIL PROTECTED]"SERVER_NAME="10.10.20.12"SERVER_PORT="80"SERVER_PROTOCOL="HTTP/1.1"SERVER_SIGNATURE="<ADDRESS>Apache/1.3.33 Server at 10.10.20.12 Port 80</ADDRESS>\n"SERVER_SOFTWARE="Apache/1.3.33 (Debian GNU/Linux) mod_auth_pam/1.1.1"   I then thought the problem must be in config.pl, so I tried some different combinations $Conf{CgiAdminUsers}     = 'PDXMISSION\\Administrator'; $Conf{CgiAdminUsers}     = 'PDXMISSION\Administrator'; $Conf{CgiAdminUsers}     = 'Administrator';   I even theorized that BackupPC didn’t like the backslash (as it is a special character) so I went ahead and switched my winbind separator so that I was identified as 'PDXMISSION+Administrator'… still no change (and yes, in-between each step I am restarting BackupPC and other affected services such as winbind, etc.)   OK, so much for that I thought… let’s try to get access through $Conf{CgiAdminUserGroup} $Conf{CgiAdminUserGroup} = ' backuppcadmins';   ‘backuppcadmins’ is a domain group on my Windows Server Active Directory. So, I’ll check to make sure that I’m a proper member of that group: bs-pc115:~# getent group | grep backuppcadmins backuppcadmins:x:10079:justinb,administrator   Doesn’t work, even though I’m listed. Hmm.. it doesn’t list me as PDXMISSION\Administrator… but it does list me. Maybe I need to use a local group instead of a domain group: bs-pc115:~# adduser PDXMISSION\\Administrator backuppc Adding user `PDXMISSION\Administrator' to group `backuppc'... Done.   bs-pc115:~# getent group | grep backuppc backuppc:x:104:backuppc,PDXMISSION\Administrator   $Conf{CgiAdminUserGroup} = 'backuppc';   Still nothing. I can get in, but I can’t do anything because I am not acknowledged as an administrator. I can log in as the owner of a PC (as specified in HOSTS) and then I get administrative access to that PC and others that I own.. but nothing else.   Soo… I’m stumped. This is probably something painfully obvious, I’m still somewhat green with Linux (i.e. I can install Debian, but compiling software on my own scares me… apt-get is my friend)   Sorry so long-winded. Thanks in advance!   Justin Best 503.906.7611 Voice 561.828.0496 Fax