[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Subversion and LDAP URL

From: Patricia A Moss <pmoss4_at_csc.com>
Date: Fri, 17 Apr 2009 06:55:01 -0400

> I see, from the documentation that you can specify more than one LDAP
URL,
> for apache to try; if you use the following syntax:
> AuthLDAPUrl "ldap://ldap1.example.com ldap2.example.com/dc=..."
>
> Does anyone know the syntax for this if the 2 urls are on different
domains?

The Apache docs just suggest to separate the urls by a space.
Doesn't seem to suggest that things are handled different if the
domains for the urls are different

I figured out that I didn't have the entire line enclosed in quotes. Now
I have another question:
There is a different AuthLDAPBindDN and AuthLDAPBindPassword for each
AuthLDAPURL. What is the correct syntax for those? I have them on
seperate lines, but my accounts are still not authenticating.

<Location /amertest>
dav svn
SVNPath /disk01/home/amertest
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthName "CSC Subversion Repository"
AuthLDAPBindDN FCGNET\accountname1
AuthLDAPBindPassword password1
#AuthLDAPURL ldap://servername
.com:3268/DC=fcg,DC=com?samAccountName?sub?(object
Category=person)
AuthLDAPBindDN "CN=accountname2,OU=CG Service
Accounts,OU=Cons,OU=Users,OU=Producti
on,DC=amer,DC=globalcsc,DC=net"
AuthLDAPBindPassword password2
AuthLDAPURL "ldap://servername1.com:3268/DC=fcg,DC=co ldap://servername2
.net:3268/DC=globalcsc,DC=net?samAccountName?sub?(objectCategory=person)"
Require valid-user
Options Indexes FollowSymLinks
order allow,deny
allow from all
# Allows group to have read access to the repository
<Limit GET PROPFIND OPTIONS REPORT>
 Require ldap-group CN=PRJ Test Migration,OU=U.S.,OU=Groups,DC=fcg,DC=com
 Require ldap-group CN=TEAM-G-Test Migration,OU=LS Projects,OU=All
Groups,OU=Con
s,OU=Users,OU=Production,DC=amer,DC=globalcsc,DC=net
</Limit>
# Allows group to have write access to the repository
<LimitExcept GET PROPFIND OPTIONS REPORT>
 Require ldap-group CN=PRJ Test Migration,OU=U.S.,OU=Groups,DC=fcg,DC=com
 Require ldap-group CN=TEAM-G-Test Migration,OU=LS Projects,OU=All
Groups,OU=Con
s,OU=Users,OU=Production,DC=amer,DC=globalcsc,DC=net
</LimitExcept>
</Location>

PATI MOSS
System Engineer Sr. Professional
CSC

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1765638

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-04-17 12:56:06 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.