SVN Authentication with LDAP and Active Directory

Posted by Alex Holsgrove on Server Fault See other posts from Server Fault or by Alex Holsgrove
Published on 2012-06-21T08:59:40Z Indexed on 2012/09/24 9:39 UTC
Read the original article Hit count: 297

Filed under:
|
|

I am having a few problems getting SVN authentication to work with LDAP / Active Directory. My SVN installation works fine, but after enabling LDAP in my apache vhost, I just can't get my users to authenticate.

I can use a selection of LDAP browsers to successfully connect to Active Directory, but just can't seem to get this to work.

  • SVN is setup in /var/local/svn
  • Server is svn.domain.local
  • For testing, my repository is /var/local/svn/test

My vhost file is as follows:

<VirtualHost *:80>
        ServerAdmin [email protected]
        ServerAlias svn.domain.local
        ServerName svn.domain.local
        DocumentRoot /var/www/svn/

        <Location /test>
                DAV svn
                #SVNListParentPath On
                SVNPath /var/local/svn/test
                AuthzSVNAccessFile /var/local/svn/svnaccess
                AuthzLDAPAuthoritative off
                AuthType Basic
                AuthName "SVN Server"
                AuthBasicProvider ldap
                AuthLDAPBindDN "CN=adminuser,OU=SBSAdmin Users,OU=Users,OU=MyBusiness,DC=domain,DC=local"
                AuthLDAPBindPassword "admin password"
                AuthLDAPURL "ldap://192.168.1.6:389/OU=SBSUsers,OU=Users,OU=MyBusiness,DC=domain,DC=local?sAMAccountName?sub?(objectClass=*)"
                Require valid-user
        </Location>

        CustomLog /var/log/apache2/svn/access.log combined
        ErrorLog /var/log/apache2/svn/error.log
</VirtualHost>

In my error.log, I don't seem to get any bind errors (should I be looking elsewhere?), but just the following:

[Thu Jun 21 09:51:38 2012] [error] [client 192.168.1.142] user alex: authentication failure for "/test/": Password Mismatch, referer: http://svn.domain.local/test/

At the end of "AuthLDAPURL", I have seen people using TLS and NONE but neither seem to help in my case.

I have the ldap modules loaded and have checked as much as I know, so any help would be most welcome. Thanks

© Server Fault or respective owner

Related posts about svn

Related posts about active-directory