daily pastebin goal
54%
SHARE
TWEET

Untitled

a guest Aug 13th, 2016 76 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <LocationMatch "/trac/[^/]+/login">
  2.         AuthType Kerberos
  3.         AuthName Trac
  4.         KrbServiceName HTTP/intranet.domain.com
  5.         KrbMethodNegotiate On
  6.         KrbMethodK5Passwd On
  7.         KrbAuthRealms DOMAIN.COM
  8.         Krb5KeyTab /etc/httpd/conf/intranet.keytab
  9.         AuthzLDAPAuthoritative off
  10.         require valid-user
  11.         Options Indexes MultiViews FollowSymLinks
  12.         AllowOverride All
  13.         Order allow,deny
  14.         Allow from all
  15.         SetOutputFilter DEFLATE
  16. </LocationMatch>
  17.    
  18. [root@hero plugins]# cat ../conf/trac.ini
  19. [components]
  20. ldapplugin.* = enabled
  21.  
  22. [notification]
  23. always_notify_owner = true
  24. always_notify_reporter = true
  25. always_notify_updater = true
  26. mime_encoding = base64
  27. smtp_always_bcc =
  28. smtp_always_cc = sharif.uddin@domain.com
  29. smtp_default_domain = domain.com
  30. smtp_enabled = true
  31. smtp_from = trac@domain.com
  32. smtp_password =
  33. smtp_port = 25
  34. smtp_replyto = support@domain.com
  35. smtp_server = hero.uk.domain.com
  36. smtp_subject_prefix = __default__
  37. smtp_user =
  38. use_public_cc = false
  39. use_short_addr = false
  40. use_tls = false
  41. #ignore_domain= domain.com
  42.  
  43. [ldap]
  44. global_perms = true
  45. enable = true
  46. use_tls = false
  47. host = echo
  48. port = 389
  49. basedn = dc=domain,dc=com
  50.  
  51. # Relative DN for users (defaults to none)
  52. user_rdn = ou=TechSupport,ou=Woking,ou=Sites
  53.  
  54. # Relative DN for group of names (defaults to none)
  55. group_rdn = cn=users
  56.  
  57. # objectclass for groups
  58. #groupname = groupofnames
  59.  
  60. # dn entry in a groupname
  61. #groupmember = member
  62.  
  63. # attribute name for a group
  64. #groupattr = cn
  65.  
  66. # attribute name for a user
  67. #user_name_attr = uid
  68.  
  69. # objectclass for user ; customize to your needs
  70. #user_class = sambaSamAccount
  71.  
  72. # attribute name to store trac permission
  73. #permattr = tracperm
  74.  
  75. # filter to search for dn with 'permattr' attributes
  76. #permfilter = objectclass=*
  77.  
  78. # time, in seconds, before a cached entry is purged out of the local cache.
  79. #cache_ttl = 900
  80.  
  81. # maximum number of entries in the cache
  82. #cache_size = 100
  83.  
  84. # whether to perform an authenticated bind for group resolution
  85. #group_bind = false
  86.  
  87. # whether to perform an authenticated bind for permision store operations
  88. store_bind = true
  89.  
  90. # user for authenticated connection to the LDAP directory
  91. bind_user = cn=administrator,cn=users,dc=domain,dc=com
  92.  
  93. # password for authenticated connection
  94. bind_passwd = ********
  95.  
  96. # global permissions (vs. per-environment permissions)
  97. #global_perms = false
  98.  
  99. # group permissions are managed as addition/removal to the LDAP directory groups
  100. #manage_groups = true
  101.  
  102. # whether a group member contains the full dn or a simple uid
  103. #groupmemberisdn = true
  104.  
  105. [trac]
  106. permission_store = LdapPermissionStore
  107.    
  108. [Mon Dec 02 14:13:33 2013] [warn] [client 172.16.0.85] [19659] auth_ldap authenticate: user sharifu authentication failed; URI /trac/paradox/login [ldap_search_ext_s() for user failed][Operations error], referer: http://intranet/trac/paradox/
  109.  
  110. <LocationMatch "/trac/[^/]+/login">
  111.         AuthType Basic
  112.         AuthName Trac
  113.         AuthBasicProvider ldap
  114.         Order allow,deny
  115.         Allow from all
  116.         AuthLDAPURL "ldap://echo:389/dc=domain,dc=com?uid"
  117.         AuthzLDAPAuthoritative on
  118.         require valid-user
  119. #               Options Indexes MultiViews FollowSymLinks
  120. #        AllowOverride All
  121. #               SetOutputFilter DEFLATE
  122. </LocationMatch>
  123.    
  124. <LocationMatch "/trac/[^/]+/login">
  125.         AuthType Basic
  126.         AuthName Trac
  127.         AuthBasicProvider ldap
  128.         Order allow,deny
  129.         Allow from all
  130.  
  131.         AuthLDAPURL "ldap://echo.uk.domain.com akutan.usa.domain.com/ou=Sites,dc=domain,dc=com?sAMAccountName"
  132.         AuthLDAPBindDN cn=Administrator,cn=Users,dc=domain,dc=com
  133.         AuthLDAPBindPassword **********
  134.  
  135.         AuthzLDAPAuthoritative off
  136.         require valid-user
  137. </LocationMatch>
  138.  
  139. [root@hero trac]# trac-admin paradox permission list
  140.  
  141. User             Action        
  142. --------------------------------
  143. @Administrators  TRAC_ADMIN    
  144. anonymous        CHANGESET_VIEW
  145. anonymous        FILE_VIEW      
  146. anonymous        LOG_VIEW      
  147. anonymous        MILESTONE_VIEW
  148. anonymous        REPORT_SQL_VIEW
  149. anonymous        REPORT_VIEW    
  150. anonymous        ROADMAP_VIEW  
  151. anonymous        SEARCH_VIEW    
  152. anonymous        TICKET_VIEW    
  153. anonymous        TIMELINE_VIEW  
  154. anonymous        WIKI_VIEW      
  155.  
  156. Available actions:
  157.  BROWSER_VIEW, CHANGESET_VIEW, CONFIG_VIEW, FILE_VIEW, LOG_VIEW,
  158.  MILESTONE_ADMIN, MILESTONE_CREATE, MILESTONE_DELETE, MILESTONE_MODIFY,
  159.  MILESTONE_VIEW, REPORT_ADMIN, REPORT_CREATE, REPORT_DELETE, REPORT_MODIFY,
  160.  REPORT_SQL_VIEW, REPORT_VIEW, ROADMAP_ADMIN, ROADMAP_VIEW, SEARCH_VIEW,
  161.  TICKET_ADMIN, TICKET_APPEND, TICKET_CHGPROP, TICKET_CREATE, TICKET_MODIFY,
  162.  TICKET_VIEW, TIMELINE_VIEW, TRAC_ADMIN, WIKI_ADMIN, WIKI_CREATE,
  163.  WIKI_DELETE, WIKI_MODIFY, WIKI_VIEW
  164.    
  165. Trac[paradox:api] ERROR: LDAP error: Operations error
  166. Trac[paradox:api] ERROR: LDAP error: Operations error
  167. Trac[paradox:api] DEBUG: Updating wiki page index
  168.    
  169. [notification]
  170. always_notify_owner = true
  171. always_notify_reporter = true
  172. always_notify_updater = true
  173. mime_encoding = base64
  174. smtp_always_bcc =
  175. smtp_always_cc = sharif.uddin@domain.com
  176. smtp_default_domain = domain.com
  177. smtp_enabled = true
  178. smtp_from = trac@domain.com
  179. smtp_password =
  180. smtp_port = 25
  181. smtp_replyto = support@domain.com
  182. smtp_server = hero.uk.domain.com
  183. smtp_subject_prefix = __default__
  184. smtp_user =
  185. use_public_cc = false
  186. use_short_addr = false
  187. use_tls = false
  188. #ignore_domains = domain.com
  189.  
  190. [ldap]
  191. enable = true
  192. host = echo
  193. basedn = dc=domain,dc=com
  194. user_rdn = ou=Sites,dc=domain,dc=com
  195. group_rdn = cn=Users,dc=domain,dc=com
  196. store_bind = true
  197. bind_user = Administrator@domain.com
  198. bind_passwd = ******
  199.  
  200. [trac]
  201. permission_store = LdapPermissionStore
  202.  
  203. [logging]
  204. #log_file = /var/log/trac.log
  205. log_format = Trac[$(basename)s:$(module)s] $(levelname)s: $(message)s
  206. #log_level = DEBUG
  207. #log_type = file
  208.  
  209. [components]
  210. webadmin.* = enabled
  211. ldapplugin.* = enabled
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top