Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 74839 invoked from network); 17 Oct 2006 23:06:44 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 17 Oct 2006 23:06:44 -0000 Received: (qmail 37848 invoked by uid 500); 17 Oct 2006 23:06:25 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 37774 invoked by uid 500); 17 Oct 2006 23:06:23 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 37712 invoked by uid 99); 17 Oct 2006 23:06:23 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Oct 2006 16:06:23 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [209.234.136.100] (HELO admininet.sunnysideud.k12.az.us) (209.234.136.100) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 17 Oct 2006 16:06:19 -0700 Received: from exchange-do.sunnysideud.k12.az.us ([10.0.0.62]) by admininet.sunnysideud.k12.az.us with Microsoft SMTPSVC(6.0.3790.1830); Tue, 17 Oct 2006 16:05:13 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Tue, 17 Oct 2006 16:05:12 -0700 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Configuring Apache 2.054 to automate authentication with Active Directory from within network Thread-Index: AcbLZO3yzOc05+DuQyu3/r2Ijd23MAm2af2w From: "Gallardo, Lisa" To: X-OriginalArrivalTime: 17 Oct 2006 23:05:13.0220 (UTC) FILETIME=[B3A1EC40:01C6F240] X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Configuring Apache 2.054 to automate authentication with Active Directory from within network X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Greetings, I've been researching the best way to have Windows Integrated Authentication using Apache2, Active Directory and either mod_auth_sspi, mod_ntlm2, or if possible using a rewrite command to bypass the username/password popup if a user is already logged into our network. At the moment, I've been trying to use mod_auth_sspi since this seems to be the module most articles/postings refer to for Apache2 on a Windows 2003 box. I am unsure of how to get it working for groups if that's possible. It seems to authenticate with require valid-user but it still doesn't work to bypass the password dialog box even though I've already logged in. I've included the load module in httpd.conf as well. My virtual host directory looks like this: Options Indexes FollowSymLinks +IncludesNOEXEC AllowOverride All order allow,deny allow from all AddType text/html .shtml AddOutputFilter INCLUDES .shtml # # Configuration for mod_auth_sspi AuthType SSPI SSPIAuth On SSPIAuthoritative Off SSPIOfferBasic Off SSPIBasicPreferred Off require valid-user=20 # group_attr member #require group do-domainuser SSPIDomain susd SSPIOmitDomain Off # End of mod_auth_sspi. If this doesn't work is there another way to include a rewrite rule that would bypass the password login if it was detected that the user has already logged in? Someone had mentioned rewrite but I never did come across an actual solution. I have gotten mm_mod_auth_ldap to work so it authenticates based on groups but I can't figure out how to get it integrated with Windows Authentication, which is why I started looking at the other modules. Many thanks for your help. lisa --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org