Den onsdag 4.jan kl. 22:29 skrev Auke Jilderda:
> I'm trying to hook up Subversion and Apache2 to Microsoft Active
> Directory
> but am struggling a bit with exactly what is and is not possible at
> present. I was hoping you can help me clarify this.
>
> I know Apache2 with Subversion can authenticate against a Microsoft
> Active
> Directory service using the SSPI or NTLM module when running Apache on
> Windows respectively UNIX. The SSPI module is currently not actively
> maintained but the TortoiseSVN documentation includes a section on
> how to
> configure it [1] while the NTLM project's home page [2] describes
> how to
> configure the module.
>
> This works although it leaves the challenge of getting clients
> other than
> Microsoft Internet Explorer to actually ask for credentials. This
> can be
> accomplished by having Apache use basic authentication for fetching
> the
> credentials before using SSPI or NTLM for authenticating against
> Microsoft
> Active Directory, adding the 'SSPIOfferBasic On' respectively
> "NTLMBasicAuth On" directive. Hence, configuring the NTLM module
> for the
> SVN location as follows works:
> AuthType NTLM
> AuthName "Bogus Repository"
> NTLMAuth On
> NTLMAuthoritative On
> NTLMDomain MSAD01
> NTLMserver wdc1
> NTLMBasicAuth On
>
> So far so good but this naturally leads to a next question: Can I
> define
> who has access to what using the user accounts and groups defined
> in the
> Microsoft Active Directory?
use authz for that.
JonB
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Jan 4 23:15:52 2006