Passing login from Windows client

Report · May 31, 2007

Is there any way to get the current user logged into a client (Windows XP), and pass those credentials into an ldap request?

Basically I want to create an Intranet site, where the users will automatically be authenticated from thier Windows login credentials already on the client.

Any help would be great.
Thank you.
-Christopher Keeler

Report · May 31, 2007

chriskeeler2 wrote:
> Is there any way to get the current user logged into a client (Windows XP), and
> pass those credentials into an ldap request?
>
> Basically I want to create an Intranet site, where the users will
> automatically be authenticated from thier Windows login credentials already on
> the client.
>
> Any help would be great.
> Thank you.
> -Christopher Keeler
>

Yes there is a way. As long as we are talking Microsoft clients using
Microsoft browsers connecting to a Microsoft network.

.
.
.
.
.
.
.
.

Oh, you would like some hints on how?

In IIS manager, select the resource(s) [website(s), folder(s) or
file(s)] you would like to authenticate users in this manner and under
the security tab in properties, edit the authentication method to use
"Windows Integrated Authentication" and make user "Anonymous Access" is
unchecked. When this is done, cgi.auth_user (or is it cgi.authuser)
will be populated with the domain/userID of the logged on user of the
client accessing the resource.

This can then easily be used in a <CFLDAP ...> tag to retrieve Active
Directory information about this user. This is how we use it on our
intranet web site.

<cfldap
name="Entity" username="xxx" password="xxx"
server="xxx"
action="query" attributes="displayname,mail,sn,cn,givenName,..."
scope="subtree" start="DC=smfbc,DC=org"
filter =
"(&(objectCategory=CN=Person,CN=Schema,CN=Configuration,DC=smfbc,DC=org)(samAccountName=#arguments.userid#))">

We also use this bit of code to find out the machine name of the client
accessing the resource.

<cfexecute name="C:\WINDOWS\system32\nbtstat.exe" arguments="-A
#cgi.REMOTE_HOST#" timeout="5" variable="nbtstat"/>

Report · May 31, 2007

Sweeeet!

Thanks for the code examples too!
-CK

Report · Mar 31, 2014

I am thankful for this answer as it has partially solved my problem.

when I go here:

http://localhost/dir

cgi.auth_user is populated and the page opens normal

But, when I go here:

http://localhost/dir/index.cfm

I get an HTTP Error 401.2

Basically, it seems the directory level is set up and working, but the file level is not. I double checked that the file level security was set up the same as the directory security(like above) in IIS manager. Anytime I try a file level url, I get the HTTP Error 401.2

Any ideas?

Report · Apr 01, 2014

Make sure that index.cfm is defined in your default documents for that IIS site. If that doesn't help, take a look at this thread from the IIS forums to see if any of it applies.

-Carl V.

Report · Apr 01, 2014

Carl,

The link you provide does not directly address my issue, but I will post my question to that forum. If I can get this solved I will post the solution here.

Report · Apr 02, 2014

Wannab0133,

If I were you, I would create a new thread, rather than continue this old one. 7 years is a very long time in software development. Starting a new thread has the advantage of putting the reader in here-and-now mode.

Report · Apr 26, 2014

This issue has been resolved. I followed the steps in this thread:

http://forums.adobe.com/message/4537316

I had to check windows authentication in the server level, then remove anon in the site level.

Thanks for everyone's help.

Adobe Community

Passing login from Windows client

1 Correct answer