Hi Charles,
I've found it works when I don't use the Trac plugin and instead use the
Apache for the LDAP authentication against AD. I've been authenticating
against Microsoft AD for the last month or so. You also want to make sure
you
have a dummy account to initiate the connection between your LDAP server
and the Apache server where users log in and need LDAP Authentication..
This is something like what I have for LDAP Authentication.
<LocationMatch "^(/TracInstance)?/TracInstance/login">
AuthType Basic
AuthName "Secret login area"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL
"ldaps://someADServer.ad.net/DC=,DC=,DC=?sAMAccountName"
AuthLDAPBindDN SomeAccountSomewhereToTalkToLDAP
AuthLDAPBindPassword ************
Require valid-user
</LocationMatch>
Make sure you fill out the DC= portions respectively.. I think you can
just have this be your Domain somewhere.
Does this help?
Thanks,
Joe
From:
"Doyal, Charles T CIV NSWCDD, K94" <[email protected]>
To:
<[email protected]>
Date:
02/06/2012 11:13 AM
Subject:
[Trac] Authenticating Trac users against MS Windows domain controller
Sent by:
[email protected]
I am a brand-new Trac user and had a sys-admin install Trac 0.12 about two
weeks ago using Easy-Install for a MS Windows environment. The install
was uneventful and I have been creating users and tickets to get a feel
for Trac and using htpasswd. I have set up two projects with 1 Trac
install. Users will run Trac via a local internet.
I am unsuccessfully trying to authenticate Trac users via the information
at http://trac.edgewall.org/wili/TracOnWindows/Advanced about
'Authenticating Trac users against MS Windows domain controller'. I
suspect either I did not place the plug-in in the right location or
improperly, or I did not modify the files sufficiently for my install.
The error I am getting is ...
"The Apache service named reported the following error: >>> Invalid
command 'SSPIAuth', perhaps misspelled or defined by a module not included
in the server configuration ."
I downloaded the module indicated by the 'here' link. I then unzipped the
file mod_auth_sspi-1.0.4 and copied the entire director structure to
c:\Program Files\BitNami Trac Stack\apache2\modules\mod_auth_sspi-1.0.4.
I also modified the information for httpd.conf first by what was in the
downloaded file, then by what is included in the wiki information
indicated above.
The new httpd.conf information, which I placed at the end of the file
is...
<LocationMatch /http://vms5/trac/[^/]+/login>
AuthName "A Protected Place"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain SOI.DAHLGREN.LOCAL
Require valid-user
</LocationMatch>
Could you please provide additional information regarding this issue? I
would also like this 'password pass-through' to work for subversion also.
Respectfully,
Charles
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en.
