1 |
Hi, |
2 |
I try to setup access to several SVN repositories. They are located on a |
3 |
gentoo server (will probably be moved to a solaris system though). |
4 |
Authentification should be done against our ActiveDirectory Windows |
5 |
system - i.e. the SVN users will only need windows user name and |
6 |
windows password. |
7 |
I managed such a setup (with minimal restrictions) for one |
8 |
organizational unit. BUT now we get coworkers from a DIFFERENT OU. And now |
9 |
the troubles start: |
10 |
- The Base DN MUST contain the OU part (orga1 or orga2), otherwise |
11 |
mod_auth_ldap can't find the users. |
12 |
- I can only specify one Base DN. |
13 |
- The Sub_DN config parameter doesn't work. |
14 |
- It is not described anyways if more than one Sub_DN is allowed. |
15 |
|
16 |
A possible loophole would be some apache module which says essentially |
17 |
"Try LDAP config #1 first, config #2 second if the first one fails". |
18 |
Better of cours |
19 |
would be something which does a RECURSIVE ldap lookup in the subtree |
20 |
(like the "ldapsearch" program coming with openldap). |
21 |
|
22 |
There is a "ldap" USE flag for apache2. I tried it once - and my old |
23 |
authorization didn't work anymore :-( It seems to add ANOTHER LDAP auth |
24 |
module, but it also |
25 |
somehow impedes the old one. |
26 |
I'm somewhat lost in the maze of all that modules - can someone help me? :-( |
27 |
Versions used: |
28 |
|
29 |
eix apache -I |
30 |
[I] net-www/apache |
31 |
Available versions: |
32 |
(1) 1.3.34-r14 ~1.3.37 |
33 |
(2) 2.0.58-r2 ~2.0.59-r2 [M]~2.2.4 |
34 |
Installed versions: 2.0.58-r2(2)(07:35:18 12/06/06)(apache2 -debug |
35 |
doc -ldap -mpm-itk -mpm-leader -mpm-peruser mpm-prefork -mpm-threadpool |
36 |
-mpm-worker -selinux ssl -static-modules -threads) |
37 |
Homepage: http://httpd.apache.org/ |
38 |
Description: The Apache Web Server. |
39 |
|
40 |
eix mod_auth_ldap |
41 |
[I] net-www/mod_auth_ldap |
42 |
Available versions: 3.3 |
43 |
Installed versions: 3.3(08:45:04 03/08/07)(apache2 berkdb |
44 |
-diskcache gdbm -memcache) |
45 |
Homepage: |
46 |
http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap.html |
47 |
Description: Apache module for LDAP authorization |
48 |
|
49 |
(Another question - according to the module homepage, the current module |
50 |
version is 2.16. What version is used by mod_auth_ldap)? |
51 |
|
52 |
Puzzled in Vienna, |
53 |
Wolfgang Liebich |
54 |
-- |
55 |
gentoo-user@g.o mailing list |