Announcement

Collapse
No announcement yet.

How to configure uberSVN for LDAP (Active Diretory) authentication

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to configure uberSVN for LDAP (Active Diretory) authentication

    Hi *,

    Today I was searching for hours about how to successfully set-up the use of an Active Directory for user authentication - and finally succeeded. With this post I would like to share my knowledge.

    - LDAP authentication only works on repository level - not for the uberSVN management console.
    - For each repository this can be configured individually.

    1. Open Administration/Default LDAP and enter the default settings for an LDAP connection (this data is not uses at runtime, but quite helpful when configuring a repository).
    - Auth Name: this name is used to be shown as an information to the user about what authentication to use
    - LDAP URL: for me the following works:
    ldap://<ip address>:389/CN=Users,DC=<domain1>;DC=<domain2>?sAMAccountName? sub?(objectClass=*)
    - AuthBasicProvider: ldap
    - leave the next settings unchanged
    - LDAP Bind DN: <your ldap user name>
    - LDAP Bind Password: <your ldap password>[/INDENT]

    2. Click test to see if the connection works (especially the connection to the server - the attributes are not tested)
    3. Save the configuration.
    4. Open Repositories and select your repository which should be connected to an LDAP
    5. Click on Authentication
    6. Select "LDAP / AD Authentication"
    7. Click on "Load Default" to load the defaults you've just entered at #1
    8. Click on "Save" and make sure to click the red link in the upper right of the page below "Support Center" which restarts Apache
    9. Open Permissions and add users to the repository
    - the user name has to match the LDAP user name (without domain)
    10. Open Browse and login to see if everything works.

    This information was quite helpful to me: http://www.jejik.com/articles/2007/0...ive_directory/


    Michael

  • #2
    Thank you for taking the time out to post this, tocosonic. AD can be a tricky feature to work with, at the best of times

    Comment


    • #3
      Thanks for the information.

      I just do a modification on the filter to include just the users in a subgroup (SVNUsers)

      ldap://DOMAIN.EXAMPLES.COM:389/CN=Users,DC=DOMAIN,DC=EXAMPLES,DC=COM?sAMAccountNa me?sub?(&(objectClass=user)(memberOf=CN=SVNUsers,C N=Users,DC=DOMAIN,DC=EXAMPLES,DC=com))

      However, I would like to like make it works with SSL (ldaps://DOMAIN.EXAMPLES.COM:636/.....)

      If anyone know how, please provide answer.

      Thanks

      Comment

      Working...
      X