On Wed, Mar 31, 2010 at 2:25 PM, Stefan Sperling <stsp_at_elego.de> wrote:
> On Wed, Mar 31, 2010 at 12:40:13PM -0700, Aaron Turner wrote:
>> On Wed, Mar 31, 2010 at 12:23 PM, Lee Kaufman
>> <lee.kaufman_at_transmetric.com> wrote:
>> > I have been set the task of setting up SVN and connecting Authentication and
>> > Authorization to our MS Active Directory system. The SVN is now running on
>> > a Debian Linux server. I have successfully set up Authenticated to
>> > authenticate users who have access to the SVN system based on a Security
>> > Group in our AD.
>> >
>> > The next task is where I am encountering the difficulty is in Authorizing
>> > individual users to read and write to the individual repositories. From
>> > what I have seen I need I to do this I need a AuthzSVNAccessFile file.
>> > However I have not been able to find any documentation on how to accomplish
>> > this using AD groups. Below is a simple example.
>>
>> Last time I checked, you can't do authorization via LDAP/AD. Just
>> authentication. Hence the lack of documentation on the subject.
>
> Various wrapper scripts exist which generate an authz rules file
> from data pulled from LDAP/AD directories. I agree that it would
> be nice to have built-in support for this in mod_authz_svn though.
Do you have a link to such a script? I've occasionally looked for one
and never found it... was planning on writing one someday, but no
point in reinventing the wheel.
--
Aaron Turner
http://synfin.net/ Twitter: @synfinatic
http://tcpreplay.synfin.net/ - Pcap editing and replay tools for Unix & Windows
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety.
-- Benjamin Franklin
"carpe diem quam minimum credula postero"
Received on 2010-03-31 23:29:42 CEST