Which Version Control Systems support LDAP/AD users and groups

Question

Does anyone know which of the big players (if any) support LDAP/AD users and groups for authentication AND database permissions? Specifically, I'm wondering if SVN, GIT, Mercurial etc. will allow users to login/connect based on AD permissions and also allow granular permissions to be applied to folders within the VC database based on groups within AD. So far my research has not shown this to be possible....

score 6 · Accepted Answer · answered Oct 17 '09 at 19:42

6

VisualSVN Server allows you to manage svn repository permissions using AD users and groups. And the standard edition is free and meets most organization's needs.

answered Oct 17 '09 at 19:42

Jamie Ide

178

score 2 · Answer 2 · answered Oct 17 '09 at 22:58

Not to be flippant, but really, just about all of them do. Since PAM on Linux supports LDAP, standard unix accounts (and therefore, standard files) support LDAP, almost all Linux-compatible version control systems should work fine. Likewise, Windows supports LDAP through Active Directory (AD is basically LDAP with kerberos and some deployment tools, as I understand it), and so any version control that works with standard windows accounts should support it too. I'm pretty sure this all applies to OS X as well.

score 2 · Answer 3 · answered Oct 18 '09 at 14:48

Git certainly does - you need to set up PAM to use pam_winbind.so and pam_mkhomedir.so. Create a group (either locally or in AD, depending on how you want to do it) and create your git repositories on the origin server with the --shared flag. This will tell git that you are sharing the repository amongst multiple users, and it will set up permissions appropriately.

score 1 · Answer 4 · answered Sep 01 '10 at 16:02

1

We do authentication against AD using Apache. You should be able to get groups working too with that.

answered Sep 01 '10 at 16:02

Amala

529
2
15

score 1 · Answer 5 · answered Oct 17 '09 at 21:01

We are using Centrify to enabling various VCS (ClearCase, Svn, Git) to talk to our AD.
Not free I am afraid, but quite suited for managing user identities in a cross-platform environment since our VCS servers are Unix, while our clients are on Windows: see UNIX & Linux Identity Management

score 0 · Answer 6 · answered Jan 14 '10 at 17:50

0

Regarding Subversion, there is a tool called svnperms, which can use LDAP to fetch group information (the ACLs are still in the configuration file, but it should be easy to adapt it).

answered Jan 14 '10 at 17:50

score 0 · Answer 7 · answered Apr 30 '10 at 17:40

0

I use Subversion Administrator it is a simple open source web app that allows for integration with active directory/ldap as well as managing post commit hook subscriptions

answered Apr 30 '10 at 17:40

pfranza

111
3

score 0 · Answer 8 · answered Apr 30 '10 at 18:53

0

Perforce can do AD auth, however group management is not integrated with the directory.

answered Apr 30 '10 at 18:53

fsckin

583
4
9

score 0 · Answer 9 · edited Jul 23 '19 at 13:11

SourceGear Vault and Fortress supports authenticating the user via Active Directory.

Vault's Active Directory integration doesn't automatically pickup your current credentials. You enter your user/pwd, and it queries A.D. to authenticate those credentials that you enter. This is a server-side configuration item, obviously, and the server must be configured to use A.D. identity impersonation.

Unfortunately the user list is still maintained within Vault itself. CRUDing users is still up to the version control admin.

Which Version Control Systems support LDAP/AD users and groups

9 Answers9