[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Re: Integrating Subversion/Apache with Windows Active directory (LDAP)

From: Samay <getafix123_at_hotmail.com>
Date: 2005-12-09 23:45:45 CET

for AD + LDAP (Apache native) .. refer to this
http://thomas-howard.com/Reference/Articles/Apache+AD/ and say @
and at http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html

alternatively, you may wish to use Kerberos (mod_auth_kerb).

http://modauthkerb.sourceforge.net and excellent instructions at

you also get "single sign on" .. (with Neon 0.25.x as part of svn 1.3.x) if
using kerberos



----- Original Message -----
From: "Durden, Paul" <Paul.Durden@avocent.com>
To: "Lafond, Pascal" <PascalLafond@SierraSystems.com>
Cc: <users@subversion.tigris.org>
Sent: Saturday, December 10, 2005 3:07 AM
Subject: RE: Re: Integrating Subversion/Apache with Windows Active directory

The module in the Apache 2.0.55 did not work for me either (didn't know
about trying the 2.0.50).

I was able to use the LDAP module I found at

If you use this, then make sure you head over to Sun and get v5.08 of
the LDAP C SDK. You'll need the DLLs form this one.

This module allows you to turn on debug to see what's going on inside
the module.

Good luck!

-----Original Message-----
From: Greg Thomas [mailto:thomasgd@omc.bt.co.uk]
Sent: Thursday, December 01, 2005 5:57 PM
To: Lafond, Pascal
Cc: users@subversion.tigris.org
Subject: Re: Integrating Subversion/Apache with Windows Active directory

On Thu, 1 Dec 2005 15:52:34 -0600, "Lafond, Pascal"
<PascalLafond@SierraSystems.com> wrote:

>I have been unable to get my subversion install to work with Windows
>active directory
>When I try to set up LDAP security with httpd.conf file detailed below.
>- Apache dies (stops)
><Location /svn>
> DAV svn
> # any /svn/foo URL will map to a repository C:/svn/foo SVNParentPath

> C:/svn AuthType Basic AuthName "Subversion repository"
> AuthLDAPUrl ldap://servername/OU=WPG,DC=domain,DC=com
> Require valid-user

http://support.microsoft.com/default.aspx?scid=326690 suggests "By
default, anonymous Lightweight Directory Access Protocol (LDAP)
operations to Active Directory, other than rootDSE searches and binds,
are not permitted in the Windows Server 2003 family").

So, unless you've explicitly enabled anonymous login, you will need to
supply the AuthLDAPBindDN and AuthLDAPBindPassword directives in order
for mod_auth_ldap to access the AD and authenticate the user.



This post represents the views of the author and does not necessarily
accurately represent the views of BT.
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Dec 9 23:51:38 2005

This is an archived mail posted to the Subversion Users mailing list.