Posted by Lado.Leskovec on 12/20/07 12:23

Hi!

I have asked this question before (I belive it was back in September)
and was at the time quite satisfied with the answer, as it solved my
problem. I started a new topic, because my post from then isnt
available any more (a copy of it however is still accesible at
http://www.issociate.de/board/post/455917/Get_Windows_login.html).

The solution I used back then (http://www.iau5.com/ntlm.php.txt)
involved php being installed as an apache module since there is
$headers = apache_request_headers(); at line 10. This worked perfectly
for the whole time I was developing this aplication on my local
machine (of course using apache).

The time has come however to transfer the app to the server which is
Windows server 2003 using IIS. The function apache_request_headers()
is therefore unavailable. I have now installed IIS on my machine
instead of apache, configured it to use integrated windows
authentication and disabled anonymous access.

So far I have tried using the get_headers() function, but it pops up a
login screen instead of doing everything behind the scenes as the
apache_request_headers() did. I even think it is trying to connect to
my local server instead of a network and if I try my windows username
and password it doesn't work. I then tried the second suggestion from
September:

//
***********************************************************************************
$realm = 'mydomain.local'; //set this to the name of your Windows
domain
$dc = 'my_dc'; //set this to the name of your domain controller

if(empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW']))
{
//They haven't given us a username and password yet
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die(); //if they hit cancel
}

if(($ldap = [at] ldap_connect($dc, 389)) !== false) {
if( [at] ldap_bind($ldap, $_SERVER['PHP_AUTH_USER'] . ' [at] ' .
$realm,
$_SERVER['PHP_AUTH_PW']) !== false) {
//login was successful and $_SERVER['PHP_AUTH_USER'] has the username
}
else {
//login was not successful so try again
header('WWW-Authenticate: Basic realm="' . $realm . '"');
header('HTTP/1.0 401 Unauthorized');
die(); //if they hit cancel
}
}
//
***********************************************************************************,
but as before, this also pops up the same login screen.

I have then tried using activex and came across this segment of code:

//
***********************************************************************************
<SCRIPT LANGUAGE="JavaScript">
<!--
// Set wshShell
function GetTheId() {
var wshShell = new ActiveXObject("WScript.Shell");


// Pull Environment variables for domain\user
domain = wshShell.ExpandEnvironmentStrings("%USERDOMAIN%");
userName = wshShell.ExpandEnvironmentStrings("%USERNAME%");


document.all.item('username').value = userName;
document.all.item('domain').value = domain;
document.all.item('GetUserId').submit();
//-->
}
</SCRIPT>
//
***********************************************************************************.
I changed it a bit so that it wouldn't be a function, but as soon as I
create a new ActiveXObject inside of the script, the resulting page
becomes blank, so I think it generates an error or something (I'm not
very experienced with javascript and don't know how it responds when
an error occures).

I have found the same question being asked somewhere else, but was in
German, so I didn't understand everything that was said. Anyway the
answer to the problem wasn't given: http://www.phpforum.de/forum/showthread.php?t=172557

While searching comp.lang.php for "get windows login" i did get a few
results, but neither GetEnv("LOGON_USER"), nor
$_SERVER['REMOTE_USER']; worked.

I would apreciate if someone could suggest what to do to solve this
issue, as my deadline is slowly aproaching...

Best regards,
Lado

[Back to original message]