RE: Ldap

Hello,

Apache will start up properly but user who belongs to domain1 are able to login but users of domain2 are not able to login.

Expected result : users of both domain should be able to login.

We are getting the below error.
GET /svn/repository_name HTTP/1.1" 401 488 "-"

Details have been mentioned below.
Apache = 2.2
SVN = 1.7

Thanks & Regards,
Anup T S

________________________________
From: Eric Johnson [mailto:eric_at_tibco.com]
Sent: 2014, October, 15 1:13 PM
To: Somashekarappa, Anup (CWM-NR)
Cc: users_at_subversion.apache.org
Subject: Re: Ldap

This is could be a question for an Apache-related mailing list.

However, it is difficult to tell, because your statement of the problem doesn't really include enough information. How is it not working? Any errors in any of the log files? What are you expecting? Are people not being authorized, or is Apache failing to start up? What versions of Apache & Subversion? What have you done to isolate the problem?

Eric

On Wed, Oct 15, 2014 at 9:14 AM, Somashekarappa, Anup (CWM-NR) <anup.somashekarappa_at_rbc.com<mailto:anup.somashekarappa_at_rbc.com>> wrote:

Hi,

We are using the below mentioned configuration for multiple ldap domain authentication but one of the domain(ldap2) is not working.

May I know what is wrong with this?

==========================================================================================

LoadModule dav_svn_module modules/mod_dav_svn.so
LoadModule authz_svn_module modules/mod_authz_svn.so

<AuthnProviderAlias ldap ldap1>
        AuthLDAPURL "ldap://domian1.company.com/DC=domain1,DC=company,DC=com?sAMAccountName?sub?(objectClass=*)<http://domian1.company.com/DC=domain1,DC=company,DC=com?sAMAccountName?sub?(objectClass=*)>"
        AuthLDAPBindDN "CN=User1,OU=Service Accounts,OU=Information Technology,OU=Administration,OU=United States,DC=domain1,DC=company,DC=com"
        AuthLDAPBindPassword "**********"
</AuthnProviderAlias>

<AuthnProviderAlias ldap ldap2>
        AuthLDAPURL "ldap://domian2.company.com/DC=domain2,DC=company,DC=com?sAMAccountName?sub?(objectClass=*)<http://domian2.company.com/DC=domain2,DC=company,DC=com?sAMAccountName?sub?(objectClass=*)>"

        AuthLDAPBindDN "CN=User1,OU=Service Accounts,OU=Information Technology,OU=Administration,OU=United States,DC=domain1,DC=company,DC=com"

        AuthLDAPBindPassword "**********"
</AuthnProviderAlias>

<Location /svn>
        DAV svn
        SVNListParentPath on
        SVNParentPath /svn/data
        SVNPathAuthz short_circuit
        SVNListParentPath on
        AuthzSVNAccessFile /svn/accessfile

        AuthzLDAPAuthoritative off
        AuthType Basic
        AuthBasicProvider ldap1 ldap2
        AuthName "Windows Credentials"
        AuthzForceUsernameCase Lower
        Require valid-user

        CheckSpelling On
</Location>

Alias /public/ "/opt/netapp-aps/apsny/www/"
<Directory "/opt/netapp-aps/apsny/www/">
    Options Indexes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<IfModule dav_svn_module>
LogFormat "%h %l %u %t %>s %b \"%{User-Agent}i\" repo:%{SVN-REPOS-NAME}e [%{SVN-ACTION}e] %B Bytes in %T Sec" svn
CustomLog logs/svn_log svn env=SVN-ACTION
</IfModule>

===========================================================================

Thanks & Regards,
Anup T S

______________________________________________________________________

This email is intended only for the use of the individual(s) to whom it is addressed and may be privileged and confidential.
Unauthorised use or disclosure is prohibited. If you receive this e-mail in error, please advise immediately
and delete the original message. This message may have been altered without your or our knowledge
and the sender does not accept any liability for any errors or omissions in the message.

Emails are monitored by supervisory personnel in jurisdictions where monitoring is permitted.
Such communications are retained and may be produced to regulatory authorities or others with legal rights to the information.
Received on 2014-10-16 12:34:10 CEST