?
Solved

IIS / PHP Intranet Setup auth_user

Posted on 2010-11-22
4
Medium Priority
?
1,471 Views
Last Modified: 2012-05-10
I am trying to setup an intranet for our employees using IIS 6 and php5.  My problem is capturing user information for single sign on

In IIS, I have "Integrated Windows Authentication" checked for the site and "enable anonymous access checked.  The phpinfo.php shows that AUTH_USER = value instead of showing me the user name.

If I go back into IIS and disable Anonymous Access, phpinfo.php shows AUTH_USER =Domain\username  which is what I want.  The problem is that everyone on our network gets prompted to log in using  domain\uername.  I do not want them to get promoted if they are on our network.

Basically, if they are logged into our domain, they should be able to automatically be able to see the website AND allow php to grab the auth_user.

Now sure what I am doing wrong here.  I need some pretty simple steps as I'm not a IIS guy, but Linux is not an option here.  Any ideas?  
0
Comment
Question by:plysanderson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
Richard Quadling earned 500 total points
ID: 34193026
From what I can tell, "Enable Anonymous Access" must NOT be checked and "Integrated Windows Authentication" should be checked.

http://en.wikipedia.org/wiki/Integrated_Windows_Authentication#Overview offers ...

"Integrated Windows Authentication uses the security features of Windows clients and servers. Unlike Basic or Digest authentication, initially, it does not prompt users for a user name and password. The current Windows user information on the client computer is supplied by the browser through a cryptographic exchange involving hashing with the Web server. If the authentication exchange initially fails to identify the user, the browser will prompt the user for a Windows user account user name and password."
0
 
LVL 40

Assisted Solution

by:Richard Quadling
Richard Quadling earned 500 total points
ID: 34193044
OOI. I'm using IIS7, so I don't know what IIS6 has in this regard.

If you have application pools, you may want to set impersonation to true so that the authenticated user is passed through.

Some relevant reading...

http://msdn.microsoft.com/en-us/library/134ec8tc.aspx

0
 
LVL 16

Expert Comment

by:CWS (haripriya)
ID: 36110506
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question