[Samba] automatically authenticate domain logged-on users in
apache with AD/NTDOM?
Adam Tauno Williams
adam at morrison-ind.com
Fri Oct 22 18:21:36 GMT 2004
> I don't use MS products at all, so I have very little knowledge with them,
> but I believe Microsoft has as protocol where Internet Explorer can
> automatically authenticate against an IIS server, and given that the server
> and client are on the same NT domain, and the client user is logged in to
> that domain, the user is automatically logged in without the need to give
> away the password one more time to the webserver.
You're talking about NTLM.
> What is happening between the web server & the web client? Is the protocol
> open or reverse engineered? Can this authentication be done using apache @
> unix (perhaps by apache interacting with samba somehow)?
On the server side - yes, even current versions of SASL support NTLM.
> Any ideas or links to more info about this would be much appreciated.
On the UNIX/LINUX client side I think your stuck; nothing I've found supports
it. If you in an AD domain or Kerberos environment you can probably do the
same thing with GSSAPI.
More information about the samba