Team System posted a tutorial on how to install and configure Subversion under Windows, while this article describes how to create both the repository and your projects while running on Windows or Linux.
Team System posted a tutorial on how to install and configure Subversion under Windows, while this article describes how to create both the repository and your projects while running on Windows or Linux.
It is pretty much a run through of how to use TortiosSVN on you windows machine with a local repository. It is a great article and now that SF has switched to using Subversion this control system is really going to take off.
How useful this would have been a year ago! Still nice.
Anyone know if it is possible to have subversion auth against AD ?
Anyone know if it is possible to have subversion auth against AD ?
Hmmmm, arghhhhh, pain.
It is possible to authenticate through Windows authentication, NTLM, using a plugin for Apache that is no longer maintained but is around on the net. It is also possible to use LDAP authentication to query AD with, but since AD’s schemas are not exactly standard I’d think there would be a fair bit of painful tweaking involved.
If you can do it through Apache though, you can authenticate Subversion with the same method if you use Apache as a http front-end for it.
Edited 2006-03-15 21:49
Use Apache as the Subversion server using WebDAV:
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html
Then configure Apache to use ActiveDirectory as an LDAP authentication server
http://thomas-howard.com/Reference/Articles/Apache+AD/
or else authenticate using Kerberos
http://support.microsoft.com/?id=555092
I’ve never actually tried this, so I don’t know if it’ll work or not, but it’s somewhere to start.
As for setup described in the article, it’s what we use at work. It’s nice and simple, but not especially secure: you’re relying on the privacy of your network to keep information safe.
Edited 2006-03-15 21:40
And where can I ifnd information about the svn security?
I noted the lack of it too.
To secure SVN you can:
a) Serve files over Apaches using WebDav and SSL/TLS or
b) Use the normal svnserve program tunnelled through SSH.
The “svnserve” daemon is just a quick way to get started. There are instructions on how to setup all of this in the Subversion book (http://svnbook.red-bean.com/nightly/en/svn.serverconfig.html) which is actually pretty well written.
Whereas I found Subversion invaluable for large scale projects, with a code base shared by many programmers on various location, I feel like I’m better served with VSS when comes to lone, local projects.
Given that VSS only primarily provides locking facilities, it’s not of much benefit for lone, local projects. One of the advantages of Subversion is that if, say, you discover a bug while adding a new feature, you can fix the bug in the stable branch, merge that change into your trunk, update your files, and then continue working on the new feature. It’s that ability to easily merge changes that sets things like Subversion and even CVS before it above VSS.
Having been an involuntary, long time VSS user and administrator I have to say that you’d be much better served by Subversion.
VSS on a network is just a nightmare. It gets silent corruptions in old versions that ANALYZE cannot find or fix, unload/reload will unload and reload database errors, no security at all. You can’t delete or rename files and still have older versions work.
You don’t have to believe me. Google SourceSafe and see what you find. Also, check the big SCM vendors. Most don’t even compare their products to VSS. It’s just not considered a professional tool. Microsoft dosen’t use it for their source. Why should you?
Avoid VSS like the plague.
SVN just works as advertised.
I just spent a couple of days installing SVN+Apache on windows 2000 and testing AD integration, here’s my tips:
– Apache (2.0.55) win32 always crashes when using LDAP to authenticate to the AD server. There are known bugs open about that, related to the exchange sdk that has been used to compile the binary apache-win32 release
– otoh apache on RedHat with openldap has no trouble connecting to the AD server via LDAP (quite typical: os sw talks better to MS sw than MS sw itself…). It does not do single-sign-on. And I still have to figure out a fix for the charset encoding problerms, ie users that use non-ascii chars in their passswords are not able to log in
– if you run Apache on windows, using mod_auth_sspi seems to work, and gives you single-sign-on as a bonus. The catch is you must configure the Apache service to run as a standard user account (either local user of the server or a domain user) instead of ‘system’, or it will not have enough privileges to exchange kerberos info with the DC
http://www.gknw.at/development/apache/httpd-2.0/win32/modules/
Hope it helps
Gaetano