Hi everyone, a bit of a strange situation here.
First, here's what the server/client situation looks like:
Server: The server is running Ubuntu, Apache, MySql, and PHP. Access is LOCAL to it's subnet only.
Client: While never exactly the same, they will be between versions of windows 2000 -> windows 7. Most of them will be using IE6 or later (there is a very small portion expected outside of IE use, nearly 0%, sad I know :( ). They are all connecting to a windows domain via LDAP.
Anyway, what I need to do is find a way our client is able to automatically be logged into the system when they come back.
We can't always rely on IP of the client as they may have a dynamic IP configuration.
We can't set one cookie and forget about it forever, as often they have techs remote login and their list of processes to fix things is "First, clear the cookies." Meaning, we can't use cookies.
I looked into Integrated Windows Authentication, but it looks like users still need to type in a password (never mind the lack of support out there for running NTLM protocols on LAMP), so I don't believe this is a method either.
I also though about having a windows PowerShell or VBS/otherwise run as a LoginScript and query the server for a new cookie and set it on each login. The only problem I see with this is that I've now coded a backdoor into my otherwise secure system (which I really do not like).
Accepted Solution is whoever can provide me with a method that allows for someone to login by somehow joining the security from logging into their desktops (LDAP).
Thanks!
First, here's what the server/client situation looks like:
Server: The server is running Ubuntu, Apache, MySql, and PHP. Access is LOCAL to it's subnet only.
Client: While never exactly the same, they will be between versions of windows 2000 -> windows 7. Most of them will be using IE6 or later (there is a very small portion expected outside of IE use, nearly 0%, sad I know :( ). They are all connecting to a windows domain via LDAP.
Anyway, what I need to do is find a way our client is able to automatically be logged into the system when they come back.
We can't always rely on IP of the client as they may have a dynamic IP configuration.
We can't set one cookie and forget about it forever, as often they have techs remote login and their list of processes to fix things is "First, clear the cookies." Meaning, we can't use cookies.
I looked into Integrated Windows Authentication, but it looks like users still need to type in a password (never mind the lack of support out there for running NTLM protocols on LAMP), so I don't believe this is a method either.
I also though about having a windows PowerShell or VBS/otherwise run as a LoginScript and query the server for a new cookie and set it on each login. The only problem I see with this is that I've now coded a backdoor into my otherwise secure system (which I really do not like).
Accepted Solution is whoever can provide me with a method that allows for someone to login by somehow joining the security from logging into their desktops (LDAP).
Thanks!
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.
Our community of experts have been thoroughly vetted for their expertise and industry experience.