[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Re: ldap authentication in subversion

From: Johan Corveleyn <johan.corveleyn_at_uz.kuleuven.ac.be>
Date: Mon, 27 Apr 2009 11:52:46 +0200

Ok, so far we've established that:
A. The current problem is not related to SVN
B. The current problem is not even related to Apache or mod_authzn_ldap

Currently, I think it's just that you cannot login into your LDAP server with the credentials "CN=irfsay1,CN=Users,DC=exfo,DC=com" and password "jaba_1234" (I'm guessing either wrong user CN, wrong password (case-sensitive of course), or something with the password being locked for some reason). So I think it's best that you try to solve this with your local sysadmin/ldap administrator/ldap guru/... (or try googling for ldap related problems with the error message you've got).

I don't know whether there is much more we can do on the svn-users list to help you.

Regards,
Johan

-----Oorspronkelijk bericht-----
Van: Irfan Sayed [mailto:irfu.sayed_at_gmail.com]
Verzonden: maandag 27 april 2009 11:27
Aan: Johan Corveleyn
CC: Carlos Alberto Costa Beppler; Tyler Roscoe; users_at_subversion.tigris.org
Onderwerp: Re: Re: ldap authentication in subversion

Hi,
Thanks for correcting me. Now i am getting "invalid credential error"
though i have the correct username and password
here it is

[root_at_svntest svn]# ldapsearch -c -x -h exfo.com -p 389 -b
dc=exfo,dc=com -D "CN=irfsay1,CN=Users,DC=exfo,DC=com" -w
"jaba_1234""(&(&(objectClass=user)(objectCategory=person))(sAMAccountName=irfsay1)"
ldap_bind: Invalid credentials (49)
        additional info: 80090308: LdapErr: DSID-0C090334, comment:
AcceptSecurityContext error, data 525, vece
[root_at_svntest svn]#

please advice.

Regards
Irf

On 4/27/09, Johan Corveleyn <johan.corveleyn_at_uz.kuleuven.ac.be> wrote:
> Typo: your Apache config talks to "ldap://exfo.com...", the ldapsearch
> command to "exf0.com". Change the exf0.com after -h to exfo.com, and the
> ldapsearch command should work ... (or at least behave the same as through
> Apache)
>
> Johan
>
> -----Oorspronkelijk bericht-----
> Van: Irfan Sayed [mailto:irfu.sayed_at_gmail.com]
> Verzonden: maandag 27 april 2009 9:13
> Aan: Carlos Alberto Costa Beppler
> CC: Tyler Roscoe; users_at_subversion.tigris.org
> Onderwerp: Re: Re: ldap authentication in subversion
>
> Hi All,
>
> I have fired the command as follows.
> ldapsearch -c -x -h exf0.com -p 389 -b dc=exfo,dc=com -D
> "CN=irfsay1,CN=Users,DC=exfo,DC=com" -w
> "jaba_1234""(&(&(objectClass=user)(objectCategory=person))(sAMAccountName=irfsay1)"
> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
> [root_at_svntest logs]#
>
> but it says "cant connect to LDAP server". but through apache i am
> getting pasword mismatch error
>
> Regards
> Irf.
>
>
> On 4/24/09, Carlos Alberto Costa Beppler <beppler_at_gmail.com> wrote:
>> Try to run the following line on the unix machine shell:
>>
>> ldapsearch -x -h exf0.com -p 389 -b dc=exfo,dc=com -D
>> "CN=irfsay1,CN=Users,DC=exfo,DC=com" -w "jaba_1234"
>> "(&(&(objectClass=user)(objectCategory=person))(sAMAccountName=irfsay1)"
>>
>> It will do the binding using the same credentials passed on your
>> configuration and search for the user the same way of apache is doing.
>>
>> It will not verify the user password. It only will test the bind to
>> ldap server and the search for user being authenticated.
>>
>> On Fri, Apr 24, 2009 at 14:01, Irfan Sayed <irfu.sayed_at_gmail.com> wrote:
>>> Hi,
>>>
>>> now i have updated httpd.conf file and it looks as follows
>>>
>>>  <Location "/svn">
>>>        DAV svn
>>>        SVNParentPath /usr/local/svn
>>>        SVNListParentPath On
>>>        SVNAutoversioning On
>>>        AuthBasicProvider ldap
>>>        AuthType Basic
>>>        AuthzLDAPAuthoritative off
>>>        AuthName "My"
>>>        AuthLDAPURL
>>> "ldap://exfo.com:389/DC=exfo,DC=com?sAMAccountName?sub?(&(objectClass=user)(objectCategory=person))"
>>>        AuthLDAPBindDN "CN=irfsay1,CN=Users,DC=exfo,DC=com"
>>>        AuthLDAPBindPassword jaba_1234
>>>        AuthzSVNAccessFile /etc/subversion/acl
>>>        require valid-user
>>>       # require ldap-user
>>>
>>> </Location>
>>>
>>> but still the error is "password mismatch"
>>>
>>> please advice
>>>
>>> Regards
>>> Irf
>>>
>>> On 4/24/09, Tyler Roscoe <tyler_at_cryptio.net> wrote:
>>>> On Fri, Apr 24, 2009 at 09:42:24PM +0530, Irfan Sayed wrote:
>>>>> Please please advice
>>>>
>>>> I think bumping your own posts like this, especially after less than 1
>>>> hour, and double especially when a whole boatload of people are already
>>>> trying to help you, is pretty rude.
>>>>
>>>> I don't know anything about ldap auth so maybe you don't care about me,
>>>> but you might want to be aware of the impression you are making in the
>>>> community.
>>>>
>>>> tyler
>>>>
>>>
>>> ------------------------------------------------------
>>> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1895182
>>>
>>> To unsubscribe from this discussion, e-mail:
>>> [users-unsubscribe_at_subversion.tigris.org].
>>>
>>
>
> ------------------------------------------------------
> http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1941501
>
> To unsubscribe from this discussion, e-mail:
> [users-unsubscribe_at_subversion.tigris.org].
>

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=1943106

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
Received on 2009-04-27 11:53:38 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.