[Samba] automatically authenticate domain logged-on users in apache with AD/NTDOM?

John H Terpstra jht at samba.org
Fri Oct 22 19:03:16 GMT 2004

On Friday 22 October 2004 10:49, Palle Girgensohn wrote:
> Hi!
> I don't use MS products at all, so I have very little knowledge with them,
> but I believe Microsoft has as protocol where Internet Explorer can
> automatically authenticate against an IIS server, and given that the server
> and client are on the same NT domain, and the client user is logged in to
> that domain, the user is automatically logged in without the need to give
> away the password one more time to the webserver.

Squid + ntlm-auth can handle the SPNEGO protocol. If you want this from Apache 
you should check out www.vintela.com.

-- John T.

> What is happening between the web server & the web client? Is the protocol
> open or reverse engineered? Can this authentication be done using apache @
> unix (perhaps by apache interacting with samba somehow)?
> Any ideas or links to more info about this would be much appreciated.
> Thanks!
> /Palle

John H Terpstra
Samba-Team Member
Phone: +1 (650) 580-8668

The Official Samba-3 HOWTO & Reference Guide, ISBN: 0131453556
Samba-3 by Example, ISBN: 0131472216
Hardening Linux, ISBN: 0072254971
OpenLDAP by Example, ISBN: 0131488732
Other books in production.

More information about the samba mailing list