You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Paul Ossenbruggen <pa...@convoii.net> on 2004/07/19 18:12:50 UTC
Problems using AuthLDAP and ActiveDirectory
Our company has been using AuthLDAP against an ActiveDirectory server
with Subversion for a little less than 90 days, I know this because,
that is about how long it takes before we are required to change our
passwords in the Active Directory domain. During that time we had some
minor problems where, it would not authenticate properly sometimes.
Navigating around the the repository would periodically cause you to
have to retype your password but for the most part, it seemed to work.
Once I had to restart the apache server to get it working again.
Then the 90 day password change happened and all hell broke loose after
the users changed their passwords. Now it intermittently but much more
frequently does not authenticate. It fails almost 50% of each LDAP
query. We tried various things like changing the LDAPCacheEntries size
to 0. This seemed to make things worse which makes sense because it was
checking with the server more frequently. We tried restarting the
Active Directory server and the Apache server but it still is flaky..
Anyway, we are now back to a password file because it has become so
unreliable, has anyone else had similar problems? I know that
Subversion is not really involved at this level, it has more to do with
MOD_LDAP, Active Directory and Apache but it does exercise this
functionality pretty heavily.
- Paul
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Problems using AuthLDAP and ActiveDirectory
Posted by Toby Johnson <to...@etjohnson.us>.
Paul Ossenbruggen wrote:
> Then the 90 day password change happened and all hell broke loose
> after the users changed their passwords. Now it intermittently but
> much more frequently does not authenticate. It fails almost 50% of
> each LDAP query.
Have you tried using the SSPI auth module instead of auth_ldap?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org