Automatic authentication on NT network???
Moderator: General Moderators
Automatic authentication on NT network???
I would like to find a way of doing authentication on my work site automatically, by way of authentication of the users NT network logon against a table of users in MYSql.
What I want to do is bypass the need for another logon. Put simply if the user is logged on to the network he/she would be authenticated by the application and granted the appropriate level of access
I have seen this operate in ASP (although not the source code), does anyone know of PHP code that can help with this?
Regards
Hebbs
What I want to do is bypass the need for another logon. Put simply if the user is logged on to the network he/she would be authenticated by the application and granted the appropriate level of access
I have seen this operate in ASP (although not the source code), does anyone know of PHP code that can help with this?
Regards
Hebbs
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
There's a whole bunch of variables which on my system at work contain my network logon info:
To see what you've got set.
Mac
- $_SERVER['AUTH_INFO']
- $_SERVER['LOGON_USER']
- $_SERVER['REMOTE_USER']
Code: Select all
<?php
phpinfo(32);
?>Mac
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
According to the manual bit about $_SERVER
Mac
The thing to do would be to search the information provided when you run the file containing phpinfo() and see if you can spot your network login ID. If it's not there at all you might want to talk to whoever administers your webserver.php manual wrote:$_SERVER is an array containing information such as headers, paths, and script locations. The entries in this array are created by the webserver. There is no guarantee that every webserver will provide any of these; servers may omit some, or provide others not listed here.
Mac
Mac,
I wonder.....
Please tell me if Im off the mark here but I think the problem is that PHP is sitting on my machine and not within the entire network.
The application Im creating sits on the network but is managed by myself and accessed by other limited users.
If this is the case should the network info im looking for show up upon the execution of the phpinfo() command? I think I may be running off in the wrong direction here...
Hebbs
I wonder.....
Please tell me if Im off the mark here but I think the problem is that PHP is sitting on my machine and not within the entire network.
The application Im creating sits on the network but is managed by myself and accessed by other limited users.
If this is the case should the network info im looking for show up upon the execution of the phpinfo() command? I think I may be running off in the wrong direction here...
Hebbs
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
Sorry, I assumed that you were running off of a networked web server. No you won't get that network login info off of your local machine. From my quick check on localhost it would appear that your local machine knows nothing about you. I'm assuming (but remember I'm a web developer and not a network admin) that you need to be accessing the pages from a networked drive in order to get the auth info.
Mac
Mac
I know its not the most ideal way to do it, but you could always use VBScript to check the username on the clients machine and pass that to the php script to validate against the MySQL table.
The only problem with this is the security policies on the clients web browser will have to enable the VBScripts/ActiveX to run, shouldn't be a problem on a local network though.
The only problem with this is the security policies on the clients web browser will have to enable the VBScripts/ActiveX to run, shouldn't be a problem on a local network though.
assuming that you are using a win32-network with IIS as webserver I googled a little bit around, but the only resource I found (this is not going to be my day
) was http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnvid/html/msdn_visecure.asp.
It's for MS InterDev and the subject is hidden well in the text
It's for MS InterDev and the subject is hidden well in the text
This is the VBScript I wrote. You just need to put it in a script file. You may need to change the registry variable that are used! I haven't test this on Windows95 and NT desktops, but it works on 98,2000 & XP so it should work.
Then put this line in your header tags on your HTML page. And use a
hope it helps.
Code: Select all
<script TYPE="text/vbscript" language="VBScript" src="scripts.vbs">Code: Select all
<BODY onLoad="User();">Code: Select all
sub User()
Dim WSHShell, RegKey, UserName, Result, Platform, OS
Set WSHShell = CreateObject("WScript.Shell")
Platform=navigator.userAgent
if inStr(Platform,"Windows 95") > 0 then
RegKey = "HKEY_LOCAL_MACHINE\Network\Logon"
UserName = WSHShell.RegRead (regkey & "username")
Platform = "Windows 95"
elseif inStr(Platform,"Windows 98") > 0 then
RegKey = "HKEY_LOCAL_MACHINE\Network\Logon"
UserName = WSHShell.RegRead (regkey & "username")
Platform = "Windows 98"
elseif inStr(Platform,"Windows 2000") > 0 then
RegKey = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer"
UserName = WSHShell.RegRead (regkey & "Logon User Name")
Platform = "Windows 2000"
elseif inStr(Platform,"Windows NT") > 0 then
RegKey = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer"
UserName = WSHShell.RegRead (regkey & "Logon User Name")
Platform = "Windows NT/XP"
else
UserName = "Unknown"
end if
if UserName <> "Unknown" then
document.location = "autologon.php?username=" & UserName
else
Result = MsgBox("User : " & chr(9) & UserName & chr(13) & "OS : " & chr(9) & Platform)
end if
End sub