Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Integrated authentication over Intranet -- Passwordless.

Avatar of brian-jg
brian-jg asked on
Programming
5 Comments1 Solution526 ViewsLast Modified:
Hi everyone, a bit of a strange situation here.

First, here's what the server/client situation looks like:
Server: The server is running Ubuntu, Apache, MySql, and PHP. Access is LOCAL to it's subnet only.
Client: While never exactly the same, they will be between versions of windows 2000 -> windows 7. Most of them will be using IE6 or later (there is a very small portion expected outside of IE use, nearly 0%, sad I know :( ). They are all connecting to a windows domain via LDAP.

Anyway, what I need to do is find a way our client is able to automatically be logged into the system when they come back.

We can't always rely on IP of the client as they may have a dynamic IP configuration.
We can't set one cookie and forget about it forever, as often they have techs remote login and their list of processes to fix things is "First, clear the cookies." Meaning, we can't use cookies.

I looked into Integrated Windows Authentication, but it looks like users still need to type in a password (never mind the lack of support out there for running NTLM protocols on LAMP), so I don't believe this is a method either.

I also though about having a windows PowerShell or VBS/otherwise run as a LoginScript and query the server for a new cookie and set it on each login. The only problem I see with this is that I've now coded a backdoor into my otherwise secure system (which I really do not like).

Accepted Solution is whoever can provide me with a method that allows for someone to login by somehow joining the security from logging into their desktops (LDAP).

Thanks!
ASKER CERTIFIED SOLUTION
Avatar of TobiasHolm
TobiasHolmFlag of Sweden image

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answers