comment on

If you are running as a CGI script within an Apache web server then you can look for the environment variable REMOTE_USER (ie. $ENV{REMOTE_USER}). If it is set then that's the user name as authenticated with Apache. With that you can use LDAP modules to extract extra information about the user from the AD.

To enable user authentication within Apache you could use mod_auth_kerb to allow Kerberos tickets or passwords to authenticate a user

AuthType  Kerberos
AuthName "Kerberos Login"
SSLRequireSSL
KrbAuthRealms DOMAIN
KrbServiceName http
Krb5Keytab /etc/krb5.keytab
KrbMethodNegotiate on
KrbMethodK5Passwd on
require valid-user
[download]

It's a little tricky to get right and your server needs to be joined to the AD domain, but it works wonderfully. I assume that mod_auth_sspi works similarly.

In reply to Re: Single sign on with AD by Arif
in thread Single sign on with AD by newbie200

Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!

Titles consisting of a single word are discouraged, and in most cases are disallowed outright.

Read Where should I post X? if you're not absolutely sure you're posting in the right place.

Please read these before you post! —

Posts may use any of the Perl Monks Approved HTML tags:

a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr

You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)

	For:		Use:
	&		`&`
	<		`<`
	>		`>`
	[		`[`
	]		`]`

Link using PerlMonks shortcuts! What shortcuts can I use for linking?

See Writeup Formatting Tips and other pages linked from there for more info.