I have a Bonobo Git Server with Windows authentication. Now I need to create a repository that will be accessible only from a specific domain group, while all other repositories will not be visible to that specific domain group.
For now, I have the very same domain group set for Developers and for Administrators in webconfig of Bonobo.
<add key="ImportWindowsAuthUsersAsAdmin" value="false"/>
<add key="ActiveDirectoryMemberGroupName" value="Group1"/>
<add key="ActiveDirectoryTeamMapping" value="Developers=Group1,Other=Group2"/>
<add key="ActiveDirectoryRoleMapping value="Administrator=Group1,Other=Group2"/>
With this configuration, I would like to allow Group2 to have read-only access to a specific repository, while Group1 has access to everything. However, I have no idea how to restrict access to any of the repositories for Group2
For those of you who'll look that up:
You will need to have three domain groups. One that has all of the users that should have access to the git(UmbrellaGroup), and that group name will go to:
ActiveDirectoryMemberGroupName. And then you'll need two separate domain groups that will divide the users from the UmbrellaGroup into two: OneWithAdminAccess and OtherWithNoAccess. Then setkey="ActiveDirectoryRoleMapping" value="Administrator=OneWithAdminAccess,Other=OtherWithNoAccessFinally, on the edit page of the repository you want the OtherWithNoAccess group to have access to, you need to click the OtherWithNoAccess team and save. That should solve the issue.