PHP Ldap AD - Recognize user data automatically without login

Asked

Viewed 264 times

1

I intend to make an application in PHP that does not need the user already beaten and password to login. As we have Active Directory here in the company, at first I thought to make the user when entering the link of the application, already appeared his data from AD.

It is possible to do this?

php ad ldap

1 answer

1


All you need is the Apache module mod_auth_sspi .

Configuration example:

AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain mydomain

# Set this if you want to allow access with clients that do not support NTLM, or via proxy from outside. Don't forget to require SSL in this case!
SSPIOfferBasic On

# Set this if you have only one domain and don't want the MYDOMAIN\ prefix on each user name
SSPIOmitDomain On

# AD user names are case-insensitive, so use this for normalization if your application's user names are case-sensitive
SSPIUsernameCase Lower
AuthName "Some text to prompt for domain credentials"
Require valid-user

And don’t forget that you can [use Firefox for transparent SSO in the Windows domain] (http://kb.mozillazine.org/Network.automatic-ntlm-auth.trusted-uris):

Go on about:config, search for network.automatic-ntlm-auth.trusted-uris, and enter the hostname or FQDN of your internal application (type myserver or myserver.corp.Domain.com).

You can have more than one input, it is a comma-separated field. Source: https://stackoverflow.com/questions/1003751/how-can-i-implement-single-sign-on-sso-using-microsoft-ad-for-an-internal-php

  • I searched Apache httpd.conf and couldn’t find mod_auth_sspi. Should I include "Loadmodule..." in some line? And this example of configuration you sent goes where? ...

  • @Gustavomacielsetta takes a look at this documentation https://wiki.apache.org/httpd/HelpOnInstalling/ApacheOnWin32withDomainAuthentication

  • One more to help https://community.spiceworks.com/how_to/91377-implementing-single-sign-on-windows-with-apache @Gustavomacielsetta

  • I appreciate the help, but no tutorial worked here. Every time I touch the httpd.conf file Apache does not go up again. I’m using Xampp to take the test, just like it says on the last link you sent. I appreciate the help, but I will give up, I saw that it gives infinitely more work than doing the login screen! Thanks again!

Browser other questions tagged php ad ldap

You are not signed in. Login or sign up in order to post.