Linux based website detecting Active Directory based usernames

Hi,
Wonder if anyone can help.

I've got a website built on Linux, running Apache/PHP/MySQL. The website will require users to register and login. No login, no access.

This website will run within an organisation that runs Windows2K based ActiveDirectory - so purely internal. All users of the site will be using Windows workstations and will have logged into those workstations using AD.

Our client would like the website to be able to automatically detect users AD login name -at least so that users wouldn't have to login again to see it.

Anyone any ideas how such a Linux based website can do this?
Thanks, Ben.

bcopsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Heem14Commented:
it's entirely possible. check out the NLTM module

http://modntlm.sourceforge.net/
bcopsAuthor Commented:

OK - looks good - however looks old. Is it still used? Heem14 have you used it recently?
Anyone know of anything else?

Heem14Commented:
if you want to go the more modern LDAP route, you can try something like this guy did:

http://www.wlug.org.nz/ActiveDirectoryAuthenticationNotes

but the NTLM route should do the trick for you, and it is easier to setup. I have used it, but not in a few years.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

idmiskSolution managerCommented:
Apache 1.3.x http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap.html
Apache 2.0.x http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_apache2.html

requires only apache (php, perl, ... independent). using it for all internal sites in my company.

btw: apache 2 includes also a mod_auth_ldap module, but i have never tried it.
bcopsAuthor Commented:
Hi,

Thanks Heem14 - your link to http://www.wlug.org.nz/ActiveDirectoryAuthenticationNotes seems to have done the trick. I used the Apache 2

mod_ldap.so
mod_auth_ldap.so

and now I can login using variuos u/p's in our AD domain. Very nice.



Next question though - how can I pick up from PHP4 the username of the person who logged in? Any ideas as to what the PHP4 query might be?

Many thanks,
Ben.






bcopsAuthor Commented:
OK, so I'm going to accept - and post elsewhere about picking up username.
Thanks to you both.

Ben.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Linux Distributions

From novice to tech pro — start learning today.