thefrozencoder

Programming and Technology blog

VisualSVN with Active Directory Integration

So I decided to dump Visual Source Safe (VSS) and move to something that is more robust and is pretty easy to setup.  Poking around the internet it became pretty clear that VisualSVN would be my choice mostly because of its integration with Active Directory.  I never liked that fact that in VSS stored it’s user info and settings in a plain text file and anyone who had access to it with modify privileges could change anyone permissions.  This is not really a tutorial but a means to show interested developers and IT professionals just how easy it is to install VisualSVN and integrate it with your Active Directory model.

  1. Pre-Amble
  2. Pre-Setup
  3. Installation
  4. Post-Installation
  5. Active Directory Setup
  6. NTFS Setup
  7. Conclusion

Pre-Amble
The version of VisualSVN I ended up installing is v1.6.2; the server environment is Windows 2003 Standard (32bit).  Active Directory installed and fully configured.

Pre-Setup
If you are like me the first thing you will want to do is create a location for your Repositories.  Since my file server has a data drive (d:) it made sense to create in on that drive so I could do backups from it.  So I created the folder structure [D:SourceControlRepositories].

Installation
When you download the latest msi from the site it informs you that to setup VisualSVN you need to install TortoiseSVN as well.  This is actually not true as TortoiseSVN is just a visual GUI to access the SVN server.  You will need a SVN client like TortoiseSVN add/check in/out files unless you download one of the few VSS provider plug-ins for Visual Studio if development integration is your primary goal.

When you run the installer these are your only options to configure VisualSVN server:

 

Change the Repositories folder to the folder you created in the Pre-Setup section

Change the Authentication to Use Windows authentication

You may want to change the port number if you have some kind of internal numbering scheme for ports but remember VisualSVN uses a fully configured version of apache so you will not need to integrate it with another web server.

When you select the Next button the install will start and eventually complete.

Post-Installation
Once the setup is completed you will be asked to launch the MMC snap-in for configuring the VisualSVN server (note at this time there is no way to configure remote VisualSVN servers if you are looking to install VisuaSVN on a Windows 2008 Core install.  It is however something will be available in the future based on traffic on the VisualSVN Google groups).

Once the MMC launches you can configure the VisualSVN server further as well us it to create new repositories.  You should read the Recommended Repository Layout support topic on best practices on configuring a layout structure when creating Repositories.

When you click on the Server Url in the right hand window you will be taken to the web site of your VisualSVN server.  You will get the common “There is a problem with this website's security certificate.“ error in your browser.  This is due to the SSL certificate that is assigned to the apache web server on install, which is a self-signed certificate.

You will also be challenged with a ACL user name / password prompt.  This information is the same as your domain login since you selected to use Windows authentication.  By default the setup adds the Builtin/Users group from your domain for the ACL list.

Active Directory Setup
To change the ACL groups highlight the Repositories node in the left window -> right click -> properties.  There you will see a common security window you can add or remove groups from your domain.

How I configured my setup was to create a single group in my AD called Software Developers and add users to this group so that only users in this group can access the VisualSVN server.  Depending on your AD requirements you may implement it differently.  One of the nice things about this setup is the fact that the VisualSVN server runs as a service (by default under the LocalSystem account).

NTFS Setup
As I mentioned in the Active Directory Setup section the VisualSVN server runs as a Windows Service under a privileged account.  You will also need to set up your ACL for the SourceCode folder to allow the groups access to read and write permissions.

Conclusion
The entire install was pretty easy and intuitive and with the AD integration it is a breeze to configure and secure.  The only extra thing I did was to create an actual certificate request from the VisualSVN Server Properties window -> Certificates Tab and submit that request to my AD Certificate server.  I then imported the certificate once I authorized it.  What this does is for users that are AD authenticated you will not get the SSL certificate error in your browser or probably any other application that uses SSL to access the server.

As you can see here I have a valid certificate that is authorized within my AD network and thus no more certificate errors

 

New server setup - Hardware

So I decided a couple of weeks ago to retire my old home server that was doing dual purpose as a file share/media server/testing/everything else including AD server by investing in a real setup, something that I can be proud of.  This is what I decided on for the hardware and some of my thoughts on each piece while installing it.

  • 1 x CoolerMaster CM690 Black ATX Case
  • 1 x XFX GeForce 8200 MB
  • 1 x AMD Phenom X4 9550 CPU
  • 4 x 2096MB PC6400 DDR2 800MHz Dual Channel RAM
  • 1 x Thermaltake TR2-R1 CPU Cooler
  • 2 x Seagate Barracuda 1TB HD
  • 2 x WD Caviar 160GB HD
  • 1 x Ultra X3 ULT40073 600-Watt PSU
  • 1 x Intel Desktop 1000GB Network card

CoolerMaster CM690 Black ATX Case

  • Tool-less design so everything is pretty much snap in place
  • 5 x 3.5" drive bays are at a right angle to the MB so it’s way easier to get them in and out
    • Each bay has a drive tray that you mount the drive in so you can slide the drive in and out with a little handle, also snaps in place
    • If installing 4 drives at once you may want to take off the opposite case panel (backside of MB) to get the power and SATA wires setup first as it gets a little tight for space back there
  • Has loads of fan mounts even two on the bottom (one for power supply)
  • Power supply is mounted on the bottom of the case and can be mounted upside down
    • This allows for the power supply to suck cool air in from underneath the case and out through the back, thus not using the hot air from the case to help with cooling
    • The internal mounts for the power supply on the case have rubber grommets to help with vibration as well as a foam gasket on the back to give a better seal
    • Does have some mounting issues (see my thoughts on the PSU I purchased)
  • Comes with preinstalled fans:
    • 1 x back of case
    • 1 x on main side panel
    • 1x on front
      • This is one of those coloured light up fans (blue). It’s not that bright and can be replaced with another 120mm fan.
    • Fans are low flow (around 1200rpm and are pretty quiet but look cheap)
  • To install the optical drive you will need to remove the front panel, the manual is useless for this and the panel required a good pull to get it off. Even though I gave it a good yank the plastic clips that hold it in place did not break (something I have done on cheaper cases to easily)
  • The front IO panel (USB, Mic, Headphones, 1934 and eSATA) ports are actually on the top which is kind of cool
  • The feet on the bottom are actually a hard rubber rather than plastic

XFX GeForce 8200 MB

  • MicroATX board with 6 SATA ports
    • Ports 5 & 6 can not be used in SATA mode only RAID
  • LED Display on IO panel for error codes (was never able to find the error code list)
  • Cooling on integrated chipsets was low profile so CPU cooler fit without a hitch
  • Comes with easy setup guide (4 pages), manual would have been better
  • Does support DEP and hardware virtualization assistance (needed for Hyper-V)
  • Has indicator lights for DDR Dual channel setup properly (for newbs)
  • Comes with a way to configure RAID via the BIOS or a Windows control panel like interface (called MediaShield)

AMD Phenom X4 9550 CPU

  • If you have seen one CPU you have seen them all

PC6400 DDR2 800MHz Dual Channel RAM

  • Had heat sinks on them which was cool I guess
  • Same as processor if you seen one stick you have seen them all

Thermaltake TR2-R1 CPU Cooler

  • Great little fan, very quite and keeps the CPU cool
  • Comes with what looks like "silver" thermal paste on the bottom not that white stuff
  • Is a bit high, if you have one of those CPU cone things on the main side panel of your case for the CPU fan to pull air in you may have to take it off.

Seagate Barracuda 7200.11 1TB HD

  • Stayed clear of the 1.5TB drives due to the reports of poor performance
  • Raid 1 configured without a hitch
  • Will be used as the data drive

WD Caviar 160GB HD

  • Solid little drive
  • Raid 1 configured without a hitch
  • Will be used as the system drive

Ultra X3 ULT40073 600-Watt Power Supply

  • Modular cable design with lots of connectors
  • Large 135mm fan (very quiet, low flow)
  • With the case that I bought the 135mm fan on the PSU made mounting it a bit tricky, the mounting grommets on the bottom of the case did not align properly at times. It seemed that one or more of the mounting grommets on the case slipped into the PSU fan screw holes (probably because the fan is not a standard 120mm so the hole is bigger) which caused the PSU to tip from side to side at times.  Once it was screwed into place it seemed fine.

Intel Desktop 1000GB Network card

  • It was either this or a 3com, this was cheaper
  • No worries about drivers with either Intel/3Com for any Windows OS probably the best supported card out there.
  • I will be mapping the VM’s to this card only; the OS gets its own dedicated LAN via the onboard one.