httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Clayton Hicklin" <chick...@gmail.com>
Subject [users@httpd] Pass-through LDAP authentication with Internet Explorer and Active Directory
Date Tue, 16 Sep 2008 15:40:35 GMT
I have LDAP authentication against Active Directory working perfectly in
Firefox, but my problem is with IE.  IE automatically passes through the
username and password so once you are logged into the domain, you don't have
to type it in again.

That's great, except it is passed through as <domain>\<user>.  To do LDAP
authentication against Active Directory, I am searching the sAMAccountName
attribute of the users.  This attribute holds the username for that user,
but does not include the <domain>\ prefix, therefore authentication fails in
IE and it prompts you for the username and password.

As far as I can tell, the <domain>\ prefix is not stored anywhere inside the
user object, so there is no way to authenticate with the credentials that IE
provides.

Has anybody got this working?  Is there some sort of workaround or hidden
parameter in the Apache LDAP modules that might fix this?  Thanks!

-- 
Clayton Hicklin
chicklin@gmail.com

Mime
View raw message