Page 1 of 1

Active Directory Passwords

Posted: Wed Oct 03, 2007 2:03 pm
by jonest14
I have written a short php script to access active directory and return information based on the user information supplied. The problem is that if I do a packet sniff the password information is sent in the clear. How can send the password to active directory encripted? Does anyone have any SIMPLE examples of how to do this?
Thanks

Interested in your script

Posted: Wed Oct 10, 2007 10:46 am
by rpinto
Hi I am trying to figure out how to authenticate against active directory myself using php. I posted a question about a week ago on the forum but still have not had any luck. Below is my post. You sound like you may know more about how to accomplish this than I do. Below is my post. I would appreciate any advice you can give me. Thanks.

I have the task of figuring out how to authenticate against active directory using php. I am not sure if this can be done and there does not seem to be much info out there on the web. We have developed an employee intranet in php for a small company who is using active directory. The business would like to have it so once the user logs into there pc, (using active directory) they will not be prompted to log into the intranet again. As of now we have the php code authenticating against their exchange server where they will have to log in twice, once into the machine and again when they go to the intranet. One obsticale that may arise is that if you did it this way would they be able to log on off site? Or would they have to VPN to their current network to log into the employee intranet. I have been programming in php for about a year now so am fairly new. Any suggestion would help me greatly!! Thanks!

Re: Interested in your script

Posted: Wed Oct 10, 2007 11:05 am
by jonest14
I don't know if what I am trying to do would help you out. In our case the users have already logged into the network. We were wanting to set up a script to have them give their username and password on a web page when they log in to do a online workorder. Right now when the users put in a workorder the account is just in a access database. The user might have a one password for the network and another one for the workorders. It seem like you are wanting to use what ever account is currently logged into the windows workatation to auto login for internet access. We are actually wanting the user to have to login again on this website. I am still looking on how to do what I am wantiing to do, and if I run accross anyting that I think might fit what you are wanting to do I will let you know.

rpinto wrote:Hi I am trying to figure out how to authenticate against active directory myself using php. I posted a question about a week ago on the forum but still have not had any luck. Below is my post. You sound like you may know more about how to accomplish this than I do. Below is my post. I would appreciate any advice you can give me. Thanks.

I have the task of figuring out how to authenticate against active directory using php. I am not sure if this can be done and there does not seem to be much info out there on the web. We have developed an employee intranet in php for a small company who is using active directory. The business would like to have it so once the user logs into there pc, (using active directory) they will not be prompted to log into the intranet again. As of now we have the php code authenticating against their exchange server where they will have to log in twice, once into the machine and again when they go to the intranet. One obsticale that may arise is that if you did it this way would they be able to log on off site? Or would they have to VPN to their current network to log into the employee intranet. I have been programming in php for about a year now so am fairly new. Any suggestion would help me greatly!! Thanks!