Welcome to the Linux Foundation Forum!

Apache subversioning with Active Directory groups integration

Hello there



I had the task of creating a svn server with active directory authentication on linux.

The users connect to the repo using Tortoise Svn.

I have successfully integrated active directory groups for authentication on the repos.



I can set access permissions to different groups to different repos.





The problem is that all the members of the group that has access, have Read/Write access to a repo.

I wish to grant Read Only rights to some groups but I have not been able to do this.



The repos are defined in /etc/apache2/mods-available/dav-svn.conf



The definition of a repo looks like this.

 


<Location /svn/mysvnrepo> DAV svn SVNPath /var/lib/svn/mysvnrepo SVNListparentPath on SVNAutoversioning on AuthType Basic SVNReposName "Repotest" AuthName “mysvnrepo” AuthBasicProvider ldap AuthLDAPURL "ldap://10.10.1.1:389/DC=example,DC=local?sAMAccountName?sub?(objectClass=*)" <Limit GET PROPFIND OPTIONS REPORT> Require ldap-group CN=test,OU=tests,OU=S test,DC=example,DC=local </Limit> AuthLDAPBindDN "CN=svn bind,OU=tests,OU=S test,DC=example,DC=local" AuthLDAPBindPassword somepasswd </Location>

I really need to grant some groups Read Only access. Right now everybody has either full access or no access.

Thank you

Categories

Upcoming Training