Authenticating on a Windows domain with IIS
Date: 11/14/05
(PHP Community) Keywords: php
Hey guys,
I'm currently working on a corporate intranet, and I'd like to avoid having users enter two passwords in the morning when they log in. Is there any way to have the intranet authenticate the user based on their windows domain username?
For the record, I'm using php5, and IIS6. The user machines here are a combination of windows flavours, ranging from WinME (only used for a print server -- I can ditch this for intranet access), Windows 2000 (most users), and Windows XP (myself).
I've come across this script:
/*
Getting netbios info
CopyLeft 2002 (GNU GPL V2) by polo
*/
error_reporting(E_ALL);
/* get the ip of the client */
if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
echo 'ip : '.$ip.'
';
/* send a "special" packet */
$fp = fsockopen('udp://'.$ip, 137);
fwrite($fp, "\x80b\0\0\0\1\0\0\0\0\0\0 CKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\0\0!\0\1");
/* wait 2 secs, and get the data */
socket_set_timeout($fp, 2);
$data = fread($fp, 256);
/* get netbios records number */
$nbrec = ord($data[56]);
/* display nebios records : the username is a record of type 3 */
echo '';
echo '| no | type | valueh> |
|---|
';
for($i = 0; $i < $nbrec; $i++) {
$offset = 18 * $i;
printf ("| %02d | %02X | %sd> |
", $i, ord($data[72 + $offset]), trim(substr($data, 57 + $offset, 15)));
}
echo '
';
?>
It works, but I'm stuck on how to use that in site (how do I identify that 03 entry which shows the windows username).
ip : 192.168.49.15
| no | type | value |
|---|
| 00 | 00 | COMPUTER_NAME |
| 01 | 00 | SYDNEY |
| 02 | 03 | NET_NAME_1 |
| 03 | 20 | COMPUTER_NAME |
| 04 | 1E | SYDNEY |
| 05 | 03 | MYLOGIN |
Any suggestions would be appreciated.
Source: http://www.livejournal.com/community/php/367349.html