NYCPHP Meetup

[Mikko Rantalainen]

Jeof Oyster wrote:
> Has anyone ever tried to integrate MS Integrated Security with a PHP
> site? Here's the scenario: 
>  
> Internally, we have several sites on different domains for different
> things (like our help desk, our intranet, our CRM software, etc).
> Usually, users have to log into each site using their network
> credential, however, through a Kerberos set up, we are using Integrated
> Security in Microsoft and IE,  so that when a user who is already
> authenticated on the network goes to one of these sites, the Integrated
> Security / Kerberos set up recognizes them and does not force them to
> log in again. 
>  
> Now, I plan on redeveloping our Intranet website using PHP, and plan on
> building applications that would require user authentication (basically
> - just the username). I want to be able to "sense" what user is logged
> in through Integrated Security and use THAT user name  (all the peons'
> computers are forced to use IE) . If it were a cookie then PHP would
> automatically sense that, of course, but Integrated Security is
> something different, we think (my techs seem to be unsure how it
> actually works, or they were too busy to give me a full answer).  

Perhaps it has something to do with NTLM? See
http://adldap.sourceforge.net/faq.php

I have just one request: if you find out how it works, please, share 
the information to rest of us.

-- 
Mikko