info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CVS and Active Directory


From: Ganesh 2 Subramanian
Subject: RE: CVS and Active Directory
Date: Fri, 29 Aug 2008 10:12:52 -0500


Hi,

Thanks for your inputs. It is very helpful.

Need some more details about the options you mentioned.

1) Is there a documentation or manual available which explains in detail about authentication via Microsoft Active directory for CVSNT server?. From
your email we understand that if we go for this approach it would be a login free solution, how can we control access to repositories then?.


2) We are also looking for a guide that would explain in detail about the Migration steps from CVS to CVSNT. We would want to know how easy/difficult it is.


Thanks,
>  >  >  >  >  >  >  >
 
Ganesh Subramanian | Tech Lead - Software Engineering Tools Support
Technology Infrastructure & Strategy
Ameriprise Financial
 
Ameriprise Financial, Inc.
5193 Ameriprise Financial Center | Minneapolis, MN 55474
Office: 612.678-5013 | Mobile: 612-242-5520
address@hidden
ameriprise.com
 

We shape financial solutions for a lifetime®


"Arthur Barrett" <address@hidden>

08/29/2008 08:31 AM

To
"Ganesh 2 Subramanian" <address@hidden>, <address@hidden>
cc
"SE Tools Answers" <address@hidden>
Subject
RE: CVS and Active Directory





Ganesh,

There are two approaches - one uses CVS and PServer (which is what you are asking about) and the other uses CVSNT (yes it runs on Solaris) and a protocol called SSPI.  

The SSPI technique results in encrypted "login free" transactions from Windows/PC clients (same as "net use" does) by passing the login token of the logged in user to the server.

Wiith the PServer technique you will need to use "cvs login" which usually results in the password being stored in a file (or in the case of windows the registry) in an insecure/trivially encoded format).

If you are looking for a "login free" solution then you will need to switch to CVSNT on your Solaris server and Windows/PC clients (you probably already are using CVSNT on the Windows PC clients) and direct your questions to the CVSNT newsgroup.  I've personally used this on Linux but not on Solaris though it should work identically.

According to google search (search for "cvs pam site:ximbiot.com" without the quotes) the PAM support in CVS 1.12.13 (the unstable version) is experimental.  PAM support (for CVS PSERVER access) as well as SSPI support has been in stable CVSNT releases for a few years at least.

CVSNT Newsgroup details are on cvsnt.org/wiki

Regards,


Arthur Barrett



-----Original Message-----
From:                 address@hidden on behalf of Ganesh 2 Subramanian
Sent:                 Fri 8/29/2008 6:54 AM
To:                 address@hidden
Cc:                 SE Tools Answers
Subject:                 CVS and Active Directory

Hi,

We are trying to setup authentication of CVS against Active Directory.

I did a google , from what I understand, that the CVS can be authenticated
against
active directory by modifying the PAM settings (pam.conf) for CVS. I would
like to know in detail the steps/settings change we need to follow to make
this work.


Current CVS set up

CVS Version - 1.11.21 (client/server)

OS - CVS installed in Sun solaris server.

Authentication - Uses pserver mechanism  for authentication. Passwords are
currently stored in passwd file.


Please provide us the changes/modifications needed for the current set up
to authenticate against Active directory.

Thanks in advance!
>  >  >  >  >  >  >  >

Ganesh Subramanian
®

-----------------------------------------
******************************************************************************

"This message and any attachments are solely for the intended
recipient and may contain confidential or privileged information.
If you are not the intended recipient, any disclosure, copying,
use, or distribution of the information included in this message
and any attachments is prohibited. If you have received this
communication in error, please notify us by reply e-mail and
immediately and permanently delete this message and any
attachments. Thank you."

******************************************************************************



******************************************************************************

"This message and any attachments are solely for the intended recipient and may contain
confidential or privileged information. If you are not the intended recipient, any disclosure,
copying, use, or distribution of the information included in this message and any attachments is
prohibited. If you have received this communication in error, please notify us by reply e-mail and
immediately and permanently delete this message and any attachments. Thank you."

******************************************************************************
reply via email to

[Prev in Thread] Current Thread [Next in Thread]