[users@httpd] Configuring Apache 2.054 to automate authentication with Active Directory from within network

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Greetings,
I've been researching the best way to have Windows Integrated
Authentication using Apache2, Active Directory and either mod_auth_sspi,
mod_ntlm2, or if possible using a rewrite command to bypass the
username/password popup if a user is already logged into our network.

At the moment, I've been trying to use mod_auth_sspi since this seems to
be the module most articles/postings refer to for Apache2 on a Windows
2003 box. I am unsure of how to get it working for groups if that's
possible. It seems to authenticate with require valid-user but it still
doesn't work to bypass the password dialog box even though I've already
logged in. I've included the load module in httpd.conf as well.

My virtual host directory looks like this:

<Directory "d:/www/public_html/sol">
Options Indexes FollowSymLinks +IncludesNOEXEC
AllowOverride All
order allow,deny
allow from all
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

#
# Configuration for mod_auth_sspi

   AuthType SSPI
   SSPIAuth On
   SSPIAuthoritative Off
   SSPIOfferBasic Off
   SSPIBasicPreferred Off
    require valid-user 
   # group_attr member
   #require group do-domainuser
   SSPIDomain susd
   SSPIOmitDomain Off

# End of mod_auth_sspi.

</Directory>

</VirtualHost>

If this doesn't work is there another way to include a rewrite rule that
would bypass the password login if it was detected that the user has
already logged in? Someone had mentioned rewrite but I never did come
across an actual solution.

I have gotten mm_mod_auth_ldap to work so it authenticates based on
groups but I can't figure out how to get it integrated with Windows
Authentication, which is why I started looking at the other modules.

Many thanks for your help.
lisa

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux