cacl - Developer IT

Active Directory LDAP and user issues (using apache2 for svn access)

- by CaCl

I currently have a setup where I work that lets users use their active directory domain logins and passwords to authenticate and authorize access to Subversion. Currently I need to allow application accounts the same access. So our IT group creates application accounts in the active directory for us to use. But they want to be "secure" so they set the "Workstations Allowed" to be only a limited number of workstations. So when an application account hits the apache2 server for authentication they can't login for some reason and I'm having a heck of a time trying to debug. The error logs only show me: [Tue Apr 06 11:24:25 2010] [warn] [client 24.24.24.24] [3469] auth_ldap authenticate: user appuser13 authentication failed; URI /svn [ldap_simple_bind_s() to check user credentials failed][Invalid credentials] [Tue Apr 06 11:24:25 2010] [error] [client 24.24.24.24] user appuser13: authentication failure for "/svn": Password Mismatch I've checked the password numerous times and it appears to be correct but I can't seem to get the user to authenticate properly. Below is a snippet of the apache configuration for ldap: # Auth providers # Active Directory <AuthnProviderAlias ldap ldap1> AuthBasicProvider ldap AuthLDAPURL "ldap://dmain.company.com:389/dc=dmain,dc=company,dc=com?sAMAccountName?sub?(objectClass=*)" AuthLDAPBindDN "CN=svnuser13,OU=Application Accounts,dc=dmain,dc=teradata,dc=com" AuthLDAPBindPassword secret3 </AuthnProviderAlias> # Another set of users from a different group <AuthnProviderAlias ldap ldap2> AuthBasicProvider ldap AuthLDAPURL ldap://diffldapserver:389/dc=specialusers,dc=com?uid </AuthnProviderAlias> # Another set of users from a different group <AuthnProviderAlias file file1> AuthUserFile /var/svn/auth/htpasswd </AuthnProviderAlias> <Location /svn> DAV svn SVNPath /var/svn Satisfy Any Require valid-user AuthType Basic AuthName "SVN Repository" AuthBasicProvider ldap1 file1 ldap2 AuthzSVNAccessFile /var/svn/auth/access AuthzLDAPAuthoritative on Require valid-user </Location> Any help, like tips for debugging is appreciated!

Read the article

How to get a windows domain server to recognize a linux machine by its name?

- by CaCl

In my company I ran into an issue where we have a linux machine that serves up a Subversion repository. Its hooked up via LDAP to the Active Directory. We got an account setup for an application and they set the Limited Workstations up so it didn't have full access to the network. The problem is that even though the hostname for our machine resolves correctly for me, the credentials for the application account seem to come back as not being allowed based on the name (the error was related to authorized workstations). I don't have access to any of the domain servers but it might be helpful to come at the management or high-level techs with some ideas, they don't seem to have a solution besides allowing all workstations for the user. Does anyone have any idea on how to get my linux machine to properly identify itself with the Domain machine by name?

Read the article

How can I compile GCC as a static binary?

- by CaCl

How can I compile the GCC Compiler so that I can pull the entire thing over to another system and use the program? I don't mind pulling in other files as well, but is there a way to gather all the required system libs as well? The OS and Arch will remain constant across the different systems, but one may contain Slackware where the other contains Debian.

Developer IT