Windows Server Active Directory
Posted: Thu Apr 13, 2006 2:36 am
I may be hired to write a PHP app for a local company and they want me to integrate it with their Windows Active Directory. The app itself will be placed on their own server, the clients (users) will be accessing it from different PCs which are connected to the AD. I am new to this AD stuff, but I do know that I need to use LDAP to communicate with the AD.
So my app would need to operate (only read, actually) on users and user groups that are present within the company's AD.
One of the ADs benefits is that it gets rid of multiple user login forms when accessing different apps within the AD, that is, Windows Login is enough to access all the apps without the need to re-enter user's credentials.
What I need to know is whether it is actually possible to resolve user's identity after he has logged into his windows (AD) account on some computer? I don't want to present the user with a login form to access my app since he would have to type in the same Windows username and password, so it's kind of extra work for the user. If this is actually possible to do, how should it be done? What do I need to use?
Any help would be greatly appreciated.
So my app would need to operate (only read, actually) on users and user groups that are present within the company's AD.
One of the ADs benefits is that it gets rid of multiple user login forms when accessing different apps within the AD, that is, Windows Login is enough to access all the apps without the need to re-enter user's credentials.
What I need to know is whether it is actually possible to resolve user's identity after he has logged into his windows (AD) account on some computer? I don't want to present the user with a login form to access my app since he would have to type in the same Windows username and password, so it's kind of extra work for the user. If this is actually possible to do, how should it be done? What do I need to use?
Any help would be greatly appreciated.