You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by "Gallardo, Lisa" <Li...@susd12.org> on 2006/10/18 01:05:12 UTC
[users@httpd] Configuring Apache 2.054 to automate authentication with Active Directory from within network
Greetings,
I've been researching the best way to have Windows Integrated
Authentication using Apache2, Active Directory and either mod_auth_sspi,
mod_ntlm2, or if possible using a rewrite command to bypass the
username/password popup if a user is already logged into our network.
At the moment, I've been trying to use mod_auth_sspi since this seems to
be the module most articles/postings refer to for Apache2 on a Windows
2003 box. I am unsure of how to get it working for groups if that's
possible. It seems to authenticate with require valid-user but it still
doesn't work to bypass the password dialog box even though I've already
logged in. I've included the load module in httpd.conf as well.
My virtual host directory looks like this:
<Directory "d:/www/public_html/sol">
Options Indexes FollowSymLinks +IncludesNOEXEC
AllowOverride All
order allow,deny
allow from all
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
#
# Configuration for mod_auth_sspi
AuthType SSPI
SSPIAuth On
SSPIAuthoritative Off
SSPIOfferBasic Off
SSPIBasicPreferred Off
require valid-user
# group_attr member
#require group do-domainuser
SSPIDomain susd
SSPIOmitDomain Off
# End of mod_auth_sspi.
</Directory>
</VirtualHost>
If this doesn't work is there another way to include a rewrite rule that
would bypass the password login if it was detected that the user has
already logged in? Someone had mentioned rewrite but I never did come
across an actual solution.
I have gotten mm_mod_auth_ldap to work so it authenticates based on
groups but I can't figure out how to get it integrated with Windows
Authentication, which is why I started looking at the other modules.
Many thanks for your help.
lisa
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org