On 2004-02-16 09:32:52 -0600, Justin Johnson wrote:
> I don't doubt that it may work well. The lack of support is more what
> I'm concerned about. From my research it seemed the code wasn't
> maintained by anyone anymore. Also, I'd prefer to run the server on a
> UNIX box.
>
> Thanks for the info though.
> -Justin
> On Mon, 16 Feb 2004 16:09:33 +0100, "Carsten Schurig"
> <cs-ml-0110031013@ebz-dresden.de> said:
> > Justin Johnson <mailto:justinjohnson@fastmail.fm> wrote on Monday,
> > February 16, 2004 3:56 PM:
> >
> >
> > > I'm looking for the easiest way to manage (add/remove) subversion
> > > users. I was hoping to find some way to hook into their NT login and
> > > password via the domain controllor, but the current method (sspi,
> > > etc) seems rather unsupported/unmaintained, so I don't feel
> > > comfortable going in that direction.
> >
> > I'm using this option and it works well. For that I've installed apache
> > on our Win2K server. I configured it to listen for https:// on a
> > non-standard port and not to listen on any other ports. I don't know if
> > you can setup apache on a Linux or any other unix machine and do a
> > password lookup on a windows DC.
> >
> > Cheers,
> > Carsten
Funny, I just solved this problem this morning using LDAP.
You have to be running an ActiveDirectory domain for this to work.
Configure apr-util --with-ldap and apache with --enable-ldap and
--enable-ldap-auth (I built apr/apr-util separately from CVS and linked
both svn and apache against the same apr).
Then put something like this into httpd.conf
<Location /svn>
DAV svn
SVNPath /path/to/repo
AuthLDAPURL ldap://myserver/CN=Users,DC=isolution,DC=idx,DC=com?sAMAccountName?sub?(objectClass=user)
AuthLDAPBindDN "ISOLUTION\danello"
AuthLDAPBindPassword XXXXXX
AuthType Basic
AuthName "LDAP Test"
Require valid-user
</Location>
In this example, isolution.idx.com is the ActiveDirectory domain,
ISOLUTION is the NT domain, and myserver is the ActiveDirectory server
for my domain. The user danello has permissions to browse the
ActiveDirectory.
Good luck!
-Dominic
- application/pgp-signature attachment: stored
Received on Mon Feb 16 21:03:58 2004