svn AD authentication
Stümpfig, Thomas
Hi everybody,
we are using svn in our company and authenticate against Microsoft Active Directory. We are quite happy since years now.
We are working worldwide and hence multi language. Some passwords may have german umlaut, $, and other characters.
Users that have these characters in their passwords do not authenticate. Can anybody give me a hint where to start searching.
(Apache, MS AD, OS).
Thomas Stümpfig
Global Sales & Services
Siemens Industry Sector
Siemens Industry Software GmbH & Co. KG
Franz-Geuer-Str. 10
50823 Cologne, Germany
Tel. :+49 (2153) 9107117
Fax :+49 (221) 20802 988
Mobile :+49 (175) 2205 712
-----------------
Siemens Industry Software GmbH & Co. KG; Anschrift: Franz-Geuer-Str. 10, 50674 Köln;
Kommanditgesellschaft: Sitz der Gesellschaft: Köln; Registergericht: Amtsgericht Köln, HRA 28227;
Geschäftsführung und persönlich haftender Gesellschafter: Siemens Industry Software Management GmbH;
Geschäftsführer: Urban August, Daniel Trebes; Sitz der Gesellschaft: Köln; Registergericht: Amtsgericht Köln, HRB 70858
Pavel Lyalyakin
> are using svn in our company and authenticate against Microsoft Active
> Directory. We are quite happy since years now.
>
> We are working worldwide and hence multi language. Some passwords may have
> german umlaut, $, and other characters.
>
> Users that have these characters in their passwords do not authenticate. Can
> anybody give me a hint where to start searching.
>
> (Apache, MS AD, OS).
supported in plain-text Basic Authentication. For details check this
mailing list thread:
http://mail-archives.apache.org/mod_mbox/subversion-users/201204.mbox/%3C87obqp...@stat.home.lan%3E
In order to use special characters in passwords you should consider
advanced authentication methods that do not store and transfer
plain-text passwords over HTTP. As your network is based on Active
Directory the solution would be to setup Single Sign-On / Integrated
Windows AD authentication via Kerberos and/or NTLM.
You may want to try VisualSVN Server Enterprise Edition that perfectly
integrates in Active Directory and provides Single Sign-On out of the
box without any additional configuration.
Integrated Windows Authentication:
http://www.visualsvn.com/server/features/windows-auth/#integrated
VisualSVN Server Features list: http://www.visualsvn.com/server/features/
Thank you.
--
With best regards,
Pavel Lyalyakin
VisualSVN Team
Stümpfig, Thomas
most users use tortoisesvn. What are the drawbacks of NTLM, SSPI, for Tortoisesvn users? I read some articles about 401 errors etc...
Also, I do not have the AD under control and it would not be easy for me to ask for changes in the AD. Btw. we are using the free version of Visualsvn and I hope to be able to test 1.8rc2 soon.
Thomas Stümpfig
Global Sales & Services
Siemens Industry Sector
Siemens Industry Software GmbH & Co. KG
Franz-Geuer-Str. 10
50823 Cologne, Germany
Tel. :+49 (2153) 9107117
Fax :+49 (221) 20802 988
Mobile :+49 (175) 2205 712
thomas.s...@siemens.com
www.siemens.com/plm
Pavel Lyalyakin
> most users use tortoisesvn. What are the drawbacks of NTLM, SSPI, for Tortoisesvn users? I read some articles about 401 errors etc...
NTLM/Negotiate over SSPI is harmless and does not lead to issues with
TortoiseSVN.
> Also, I do not have the AD under control and it would not be easy for me to ask for changes in the AD. Btw. we are using the free version of Visualsvn and I hope to be able to test 1.8rc2 soon.
you to customize or adjust Active Directory settings. Some AD
user/group management can be required to setup authorization rules though.
BTW we've just released VisualSVN Server 2.6.0-RC1, release candidate
built against Subversion 1.8-RC2. It's a good occasion to test SVN 1.8
as well as new features of VisualSVN Server 2.6. We hope you'll like
it! :)
You can download and check the VisualSVN Server 2.6-RC1 changes at
http://www.visualsvn.com/server/download/pre-release/
Thank you!