ldap auth with one read-only user

From: Anja Gawlik <Anja.Gawlik_at_cib.de>
Date: Tue, 26 Jan 2010 15:12:09 +0100

Hello everybody,

I have subversion running with ldap auth against our active directory. The
normal setup with a require ldap-group worked fine. Now I shall add one
read-only user for nightly builds and it just won't work. Here is my config:

***************************************************************
<Location /test>

DAV svn
SVNPath /svn-repositories/test
#authentication defaults for our repositories
AddDefaultCharset UTF-8
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative on
AuthName "Subversion "
AuthLDAPURL "ldap://domain.us.com/ou=Users,DC=US,DC=COM?sAMAccountName?sub"
AuthLDAPBindDN CN=apache,CN=Users,DC=US,DC=COM
AuthLDAPBindPassword somepw
AuthLDAPGroupAttribute member

#<Limit GET PROPFIND OPTIONS REPORT>
require valid user
#</Limit>

<LimitExcept GET PROPFIND OPTIONS REPORT>
require ldap-group CN=intern,CN=Users,DC=US,DC=COM
</LimitExcept>

</Location>
****************************************************************

For the last 2 days have tried all combinations of Limit and
LimitExcept and require ldap-attribute sAMAccountname=nightlyuser
and all the like, but it just won't work.

Nightlyuser shall be read-only, all the other ldap-users (who are
in group intern, where nightlyuser is not a member) shall have full
access.
Can somebody help me with this?

Schönen Gruß,

Anja
Received on 2010-01-26 15:16:29 CET

This message: [ Message body ]
Next message: Lorenz: "Re: How to install on HP-UNIX and connect by TortoiseSVN client"
Previous message: Jon Foster: "RE: file *.a ignored"
Next in thread: Johan Corveleyn: "Re: ldap auth with one read-only user"
Reply: Johan Corveleyn: "Re: ldap auth with one read-only user"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]