IIS / PHP Intranet Setup auth_user

I am trying to setup an intranet for our employees using IIS 6 and php5.  My problem is capturing user information for single sign on

In IIS, I have "Integrated Windows Authentication" checked for the site and "enable anonymous access checked.  The phpinfo.php shows that AUTH_USER = value instead of showing me the user name.

If I go back into IIS and disable Anonymous Access, phpinfo.php shows AUTH_USER =Domain\username  which is what I want.  The problem is that everyone on our network gets prompted to log in using  domain\uername.  I do not want them to get promoted if they are on our network.

Basically, if they are logged into our domain, they should be able to automatically be able to see the website AND allow php to grab the auth_user.

Now sure what I am doing wrong here.  I need some pretty simple steps as I'm not a IIS guy, but Linux is not an option here.  Any ideas?  
plysandersonAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Richard QuadlingConnect With a Mentor Senior Software DeveloperCommented:
From what I can tell, "Enable Anonymous Access" must NOT be checked and "Integrated Windows Authentication" should be checked.

http://en.wikipedia.org/wiki/Integrated_Windows_Authentication#Overview offers ...

"Integrated Windows Authentication uses the security features of Windows clients and servers. Unlike Basic or Digest authentication, initially, it does not prompt users for a user name and password. The current Windows user information on the client computer is supplied by the browser through a cryptographic exchange involving hashing with the Web server. If the authentication exchange initially fails to identify the user, the browser will prompt the user for a Windows user account user name and password."
0
 
Richard QuadlingConnect With a Mentor Senior Software DeveloperCommented:
OOI. I'm using IIS7, so I don't know what IIS6 has in this regard.

If you have application pools, you may want to set impersonation to true so that the authenticated user is passed through.

Some relevant reading...

http://msdn.microsoft.com/en-us/library/134ec8tc.aspx

0
 
CWS (haripriya)Commented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.