On 2005-03-17 08:49:19 -0500, Brian Fohl wrote:
> I did have to do a bit of tinkering to get the LDAP authentication to
> work properly. I would appreciate it if you could shared what worked
> for you, as well. Here's what I came up with that works (aside from
> the first commit failing):
We have almost exactly the same config, except that I use a regular user
account to bind LDAP and DOMAIN\user instead of a CN= string. I'm not
sure I can be of any more help.
One thing that I did notice though is that your SVNParent path appears
to point at a network share. Hopefully you're using FSFS and not BDB
style repositories....
<Location /ec-svn>
DAV svn
SVNPath "/usr/local/svn/ec-svn/repo"
AuthzSVNAccessFile "/usr/local/svn/ec-svn/auth/access.ini"
SVNIndexXSLT /xslt/svn-index.xsl
AuthLDAPURL ldap://hoth/CN=Users,DC=isolution,DC=idx,DC=com?sAMAccountName?sub?(objectClass=user)
AuthLDAPBindDN "ISOLUTION\danello"
AuthLDAPBindPassword XXXXXXXXXXXXXXXXXXX
AuthType Basic
AuthName "eCommerce svn repository"
<LimitExcept MERGE>
Require valid-user
</LimitExcept>
</Location>
>
> <Location /svn>
> DAV svn
> SVNParentPath "//svrintranet01/RDrive/Subversion"
> SVNAutoversioning on
> SVNPathAuthz off
>
> # For any operations other than these, require an authenticated user.
> <LimitExcept GET PROPFIND OPTIONS REPORT>
> SetHandler ldap-status
> Order deny,allow
> Allow from all
> AuthLDAPEnabled on
> AuthLDAPURL
> ldap://svr-dc1/CN=Users,DC=mycompany,DC=com?sAMAccountName?sub?(Objectclass=user)
> AuthLDAPBindDN "CN=BrowserAccount,OU=Service Accounts,DC=mycompany,DC=com"
> AuthLDAPBindPassword "XXXXXXXXXXXXXXXXXXXXXXX"
> AuthLDAPAuthoritative on
> require valid-user
> AuthType Basic
> AuthName "Subversion Read-only Repository"
> </LimitExcept>
> </Location>
>
--
I felt that we two might commit some act so atrocious that the world,
seeing us, would find it irresistible.
- application/pgp-signature attachment: stored
Received on Thu Mar 17 22:02:12 2005