Showing posts with label ldap. Show all posts
Showing posts with label ldap. Show all posts

Tuesday, July 5, 2011

USVN with Active Directory

to make USVN's LDAP working with Active Directory was tricky, use the following in config.ini

alwaysUseDatabaseForLogin = "admin"
authAdapterMethod = "ldap"
ldap.options.host = "domain.com"
ldap.options.port = "389"
ldap.options.username = "CN=username,CN=users,DC=domain,DC=com"
ldap.options.password = "password"
ldap.options.useStartTls = "0"
ldap.options.useSsl = "0"
ldap.options.bindDnFormat = "%s"
ldap.options.bindRequiresDn = "1"
ldap.options.baseDn = "DC=domain,DC=com"
ldap.options.accountCanonicalForm = "0"
ldap.options.allowEmptyPassword = "0"
ldap.options.optReferrals = "0"
ldap.options.accountDomainName = ""
ldap.options.accountDomainNameShort = ""
ldap.options.accountFilterFormat = "(&(objectClass=user)(sAMAccountName=%s))"
ldap.createGroupForUserInDB = "1"
ldap.createUserInDBOnLogin = "1"
Posted by at 1 comment:
Labels: ,

Saturday, February 6, 2010

Subversion userid case-sensitivie validation for Active Directory

Subversion's user authentication is case sensitive for both userid and password.  While this is the standard in the *nix world, unfortunately Windows users tend to put their userid in whatever case they feel like.  I couldn't find a configuration option for this in Subversion, also no luck from the net...  So I went into the source code and did a quick & dirty workaround since all our users are validating their accounts against Windows Active Directory which is case-insensitive for their userid.

replace strcmp with strcasecmp in the following two lines.  This is for Subverison 1.4.0.  Just search for strcmp in the same file for newer version.

./subversion/libsvn_repos/authz.c

line 156:       else if (strcasecmp(user, group_user) == 0)
line 189:       else if (strcasecmp(name, b->user) != 0)
Posted by at No comments:
Labels: ,

Friday, August 28, 2009

integrate Subversion with Windows Active Directory

apache httpd.conf

<Location /reponame>

DAV svn
SVNPath /opt/subversion/rep/reponame
AuthzSVNAccessFile /opt/subversion/rep/reponame/conf/authz
Require valid-user
AuthBasicProvider ldap
AuthType Basic
AuthName "subversion repository"
AuthLDAPURL "ldap://hostname:389/OU=Users,OU=Shire,DC=shire,DC=org?sAMAccountName?sub?(objectClass=hobbitName)" NONE
AuthLDAPBindDN "CN=Bilbo,CN=Users,DC=shire,DC=org"
AuthLDAPBindPassword "RiNg"
</Location>


authz example

[groups]
wizard = gandalf
hobbit = forodo, sam

[/]
#* = r
@wizard = rw
@hibbot = r

Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)