Home of Devon Schreiner and Skewed Motion Media

My Experience With LDAP, AD and SVN

At work I was tasked with migrating an SVN server from one failing server to another, livelier one. I’ll be honest, I didn’t know what an SVN was before I started this project. But I did a little reading and was off to a good start before long.

I found out that the old server was using Collabnet’s Subversion software so I downloaded the newest version of that. Of course there were a couple differences so I had to figure those out, but nothing to hard. Then came the authentication through Active Directory.

I thought this was going to be the easy part. Type in the AD server to redirect the authentication requests to it and bam! But it wasn’t that easy. I spent way to many hours looking at the httpd.conf file below that Collabnet had given me. I played with these settings until my fingers were numb. What did I get out of it? Nothing.

<Location "/svn">
  DAV svn
   SVNParentPath C:\svn_repository
   SVNPathAuthz off
   SVNListParentPath on
   Allow from all
   SetHandler ldap-status
   AuthLDAPAuthoritative off
   AuthType Basic
   AuthName "Subversion"
   AuthLDAPBindDN CN=user,OU=Group,DC=domain,DC=com
   AuthLDAPBindPassword aPassword123
   AuthBasicProvider ldap
   AuthLDAPURL "ldap://servername.domain.local:389/OU=Group,dc=domain,dc=com?sAMAccountName?sub?(objectClass=*)"
   Require valid-user

Every time I tried to log onto the server I either received:

[LDAP: ldap_simple_bind_s() failed][Server Down]


[LDAP: ldap_simple_bind_s() failed] [Invalid credentials]

Neither of which I liked.

On Monday when I started fresh on this project, it hit me. Every time I attempted a login to the server, I was greeted with the default “Collabnet Subversion Server” greeting and not the detailed title I had placed in the AuthName field. I deduced that the server was not pulling information from this httpd.conf file. I later found this line:

Include "C:\csvn\data/conf/svn_viewvc_httpd.conf"

I quickly commented it out, tried the server again and rejoiced! The prompt was now pulling the information from the default httpd.conf file that I had been working with for so long. It was finally using my file instead of this other one. Everything works!

Just thought I would share this little story, maybe it will help someone out. It sure would have been nice to know for me.

Leave a comment

Your email address will not be published. Required fields are marked *