I have a debian sarge server running apache2 with mod_auth_ldap. I am
authenticating against Active Directory on a Win2K server.
I have managed to get this working, but the user has to type in a user
name and password. All the users are browsing from Win2K or XP boxes,
which are all running identd.
Is it possible to use identd to grab the user name and use it to perform
an LDAP lookup, without the browser (IE or Mozilla) prompting for user
name and password.
If so is it safe to assume that if identd passes a uid then that is the
correct windows user. I am operating within a secure network, so am not
worried about an outside attack, but could a student send a staffs uid
via an ident hack and gain access.
I could do this using php / perl to check before serving pages, but I'd
prefer to do it via apache and keep the web pages simple.
Thanks,
Mark F
**** MY .htaccess file
AuthType Basic
AuthName "Test Authentication"
# DN of Active Directory server
AuthLDAPURL ldap://server/DC=server=uk?sAMAccountName
AuthLDAPBindDN "CN=ldap_lookup,OU=SysUsers,DC=myDC"
AuthLDAPBindPassword "xxxxxxxxx"
### currently only require valid user,
### will replace with group lookup later
require valid-user
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
