Subversion with AD Groups with Linux?

Question

I try to migrate a Windows SVN Server to Linux.
I have configured Apache to validate against AD for Useraccess so only AD Users can logon.
Now i have to set permissions for repositories with authz files.
When i set permission with AD username it works, but AD groups it doesn't.

The authz file looks like the following:

[test:/]
user1=rw   #That works

[test2:/]
@usergroup=rw  #No access for the groupmembers

When I create groups inside the authz file and asign AD users, that internal group works fine, but i can't administer groups in 2 locations, there just to much changes made every day.

Has anyone an idea, how to use AD groups inside authz files?

Answer 1

You can't automatically use AD groups inside the authz files.

A possibile solution could be writing a script that query the AD for the groups and their member users and writes the correct authz file, defining also the groups themselves.

The final output shuold be something like:

[groups]
usergroup = user1, user2, user3

[test:/]
user1 = rw

[test2:/]
usergroup = rw

Answer 2

You can check this article for a possible solution.