Integrated authentication over Intranet -- Passwordless.
Posted on 2010-03-25
Hi everyone, a bit of a strange situation here.
First, here's what the server/client situation looks like:
Server: The server is running Ubuntu, Apache, MySql, and PHP. Access is LOCAL to it's subnet only.
Client: While never exactly the same, they will be between versions of windows 2000 -> windows 7. Most of them will be using IE6 or later (there is a very small portion expected outside of IE use, nearly 0%, sad I know :( ). They are all connecting to a windows domain via LDAP.
Anyway, what I need to do is find a way our client is able to automatically be logged into the system when they come back.
We can't always rely on IP of the client as they may have a dynamic IP configuration.
I looked into Integrated Windows Authentication, but it looks like users still need to type in a password (never mind the lack of support out there for running NTLM protocols on LAMP), so I don't believe this is a method either.
I also though about having a windows PowerShell or VBS/otherwise run as a LoginScript and query the server for a new cookie and set it on each login. The only problem I see with this is that I've now coded a backdoor into my otherwise secure system (which I really do not like).
Accepted Solution is whoever can provide me with a method that allows for someone to login by somehow joining the security from logging into their desktops (LDAP).