How to make AD authorization on a corporate site?

V

Vladimir Merkulov2013-12-09 17:33:18

PHP

Vladimir Merkulov, 2013-12-09 17:33:18

Greetings to all connoisseurs.
The question is not new. At the moment I am working on a corporate portal on CMS NetCat 5.2
. The client requires that all users who have accounts in AD and are authorized in them have transparent authentication on the site, based on the login taken from AD.
I attempted to do all this through the apache module - mod_auth_sspi , installing and configuring which, we get the variable $_SERVER['REMOTE_USER'] which in turn contains all the data I need.
However, this module exists only in the implementation for Win - servers, and I have a server on Linux! A little googling, herefound archives of this module under Linux, BSD, Solaris, Windows and MacOS. However, the contents of the archives, as it seemed to me, are still Windows.
Has anyone had a similar experience and if so, how did you implement it?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

R

Rsa97, 2013-12-09
@StranikS

Try with Kerberos - mod_auth_kerb
acksyn.org/?p=460

V

Vit, 2013-12-09
@fornit1917

We use mod_auth_ntlm_winbind for the same purposes on Linux servers. In the latest Debian and Ubuntu, there are turnips even, if I'm not mistaken. Works well, happy. The only negative is that if there is a proxy in front of Apache, for example nginx, then it will not work, you have to send ntlm requests directly to Apache.