2

Decided recently to switch VisualSVN from local users to AD users, so we could easily add other employees. I added myself, gave Read/Write privileges across the whole repo, and then tried to log in. Whether I'm using tortoisesvn or the web client, I get a 403 Forbidden error:

You don't have permission to access /svn/main/ on this server.

I Googled a bit, but only found mention of phantom groups in the authz file. I don't have any of those. Any ideas?

It works just fine with local accounts.

EDIT: Don't know why I didn't try this earlier, but adding the domain before the username makes it work, ie MAIN/Bob. This normally only works when there are conflicting usernames...one local, one in AD, but for whatever reason it works here too. Kinda silly, but I can live with it.

1 Answers1

0

When you utilize AD for authentication the username formats are always required to be in the following format, unless you have a single domain that can auto-resolve, but even then its not good practice.

We try to train our users on using one of two formats when logging in, it makes everyones lives much easier:

  1. DOMAIN\username <- Old School NT format, old and busted
  2. username@domain.ext <- New UPN Hotness

The UPN looks like an e-mail to most people, you can even create additional UPN suffixes in AD to create custom and easy to use usernames.

Brent Pabst
  • 6,069
  • 2
  • 24
  • 36