Apache 2 - LDAP/Active Directory - Automatic login/authentication process

windows apache authentication active-directory

I've been having the same problem myself today after eventually getting the mod_authnz_ldap module to work.

From my research thus far, I gather you can't do seamless signon with the mod_authnz_ldap module and you'll have to use mod_auth_sspi instead. I've tried this out and it seems to work as expected (on Internet Explorer anyway - you can also configure Firefox to pass through by modifying the network.automatic-ntlm-auth.trusted-uris key).

Here's the steps:

Download the mod_auth_sspi module from http://sourceforge.net/projects/mod-auth-sspi/
From the zip file's bin folder, copy mod_auth_sspi.so to your apache modules folder
From the zip file's bin folder, copy sspipkgs.exe to your apache bin folder
Edit httpd.conf so that the Directory is configured something like this:

 Alias /secure "C:/Secure" <Directory "C:/Secure"> Order deny,allow Allow from all AuthType SSPI SSPIAuth On SSPIOfferBasic on SSPIBasicPreferred On SSPIAuthoritative Off AuthName "Login" SSPIDomain dc.domain Require valid-user </Directory>

Now restart Apache.

Unfortunately, after all that it's no good for me as a solution as I have multiple LDAP servers to authenticate against, but hopefully this will help you.

CodeHunter

Apache 2 - LDAP/Active Directory - Automatic login/authentication process

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last