That should prompt you for a password. Enter your pass and see if it works.
By the way, I found out about the userPrincipalName attribute in AD. If you use that instead of sAMAccountName in AuthLDAPURL you won’t need the MapUsernameRule. The caveat is not all users may have it populated. If the domain was an NT4 -> to AD conversion then users created in the NT4 period will not have this attribute. If that’s not the situation then you’re good. I’m going to update this post with a new one after I get some other questions answered and write a powershell script to sanitize my users at work.
Got it. You have to care about the cn-value in the ldap search path. I set every account property to “wiki-sso-auth” (e.g. display name) in AD “Users and Groups” and now the ldapsearch accepts the password.
Unfortunately I haven’t set it up to use GSSAPI instead of a binddn though that would be kind of cool. Unfortunately I don’t administer SVN where I’m at now so I haven’t tried or looked at newer options in the module.