0

I'm trying to configure Apache Subversion with active directory but the credentials of a domain user are not working. I'm new to Subversion but what I had first was:

LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNParentPath /var/www/svn AuthType Basic AuthName "Authorization Realm" AuthUserFile /etc/svn-users Require valid-user </Location>

This worked using the credentials created with htpasswd.

I have now edited the /etc/httpd/conf.d/subversion.conf file like this:

LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNParentPath /var/www/svn AuthType Basic AuthName "Authorization Realm" AuthzLDAPAuthoritative off AuthBasicProvider ldap AuthLDAPURL ldap://server.example.local/dc=example,dc=local?sAMAccountName" NONE AuthLDAPBindDN "CN=Administrator,CN=Users,DC=example,DC=com" AuthLDAPBindPassword "<password>" Require valid-user </Location>

When I check the /var/log/httpd/access_log I don't see errors, just this:

192.168.1.3 - user1 [26/Aug/2015:07:45:05 +0200] "GET /svn/project_repo HTTP/1.1" 401 479 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:10.0.12) Gecko/20130104 Firefox/10.0.12"

When I check the /var/log/httpd/error_log, I see there is a password mismatch:

[Wed Aug 26 08:05:22 2015] [error] [client 192.168.1.3] user user1: authentication failure for "/svn/project_repo": Password Mismatch

But I am sure the password is right.

Are there other logs I can check? Or is my configuration just wrong?

EDIT: Apparently the DN was wrong, I ran the dsquery user > c:\dn.txt on the AD server to get the right DN. When I try to login now, I get an Internal Server Error, but there are no errors in the /var/log/httpd/error_log file. Any other files I can check?

Improve this question
4
  • Did you reload / restart your Apache to activate the changes? Would be the most trivial explanation ... Commented Aug 26, 2015 at 6:11
  • Yes, I executed service httpd restart but I still get the same result Commented Aug 26, 2015 at 6:12
  • ok. Than you should double check your dn config. reading this servervault question your error message might be caused by wrong dn. Commented Aug 26, 2015 at 6:18
  • The DN was wrong indeed. I ran the dsquery user > c:\dn.txt command on AD and I got the following DN for the administrator user: AuthLDAPBindDN "CN=Administrator,CN=Users,DC=MPMV,DC=LOCAL" I now get an Internal Server Error but I don't see anything in the error_log.. Commented Aug 26, 2015 at 6:36

1 Answer 1

Reset to default
0

I found an answer in this link saying you should change the port number to 3268. It is working now! My /etc/httpd/conf.d/subversion.conf file looks like this now:

LoadModule dav_svn_module modules/mod_dav_svn.so LoadModule authz_svn_module modules/mod_authz_svn.so <Location /svn> DAV svn SVNParentPath /var/www/svn AuthType Basic AuthName "Authorization Realm" AuthzLDAPAuthoritative off AuthBasicProvider ldap AuthLDAPURL "ldap://server.example.LOCAL:3268/dc=example,dc=local?sAMAccountName" NONE AuthLDAPBindDN "CN=Administrator,CN=Users,DC=example,DC=local" AuthLDAPBindPassword "PASSWORD" Require valid-user </Location>
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.