Go Back   Tech Support Forum > Design Forum > Web Serving and Management

User Tag List

IIS7 Active Directory and gethostbyaddr

This is a discussion on IIS7 Active Directory and gethostbyaddr within the Web Serving and Management forums, part of the Tech Support Forum category. Hello running an intranet server of my windows 7 enterprise 64 bit using IIS7 I want to use our current


Closed Thread
 
Thread Tools Search this Thread
Old 03-22-2013, 03:27 PM   #1
Registered Member
 
Join Date: Mar 2010
Posts: 117
OS: Vista SP2



Hello running an intranet server of my windows 7 enterprise 64 bit using IIS7

I want to use our current active directory setup to allow my PHP script to return the windows user that clicks a button
PHP function is gethostbyaddr($_SERVER['AUTH_USER'])

When I set IIS7 authentication to basic the website requires the windows login but it is not passing the active directory login info. Is there any way to set authentication so that the authentication comes from active directory? If so how.

For WWWroot folder I have security for USERS, do I need to just change this security to AUTHENTICATED USERS for the cridentials to pass automatically?

I could use some tips everything is set up and working but gethostbyaddr($_SERVER['AUTH_USER']) comes back blank
GPtech is offline  
Sponsored Links
Advertisement
 
Old 03-23-2013, 01:29 AM   #2
Moderator
- Design Team
- Networking Team
 
Fjandr's Avatar
 
Join Date: Sep 2012
Location: Spokane, WA
Posts: 2,483
OS: Windows XP SP3, Windows 7 SP1, Debian, CentOS

My System


Check out this site for a quick tutorial on using AD to authenticate IIS users:
Windows Authentication <windowsAuthentication> : The Official Microsoft IIS Site
__________________

Fjandr is offline  
Old 03-25-2013, 09:41 AM   #3
Registered Member
 
Join Date: Mar 2010
Posts: 117
OS: Vista SP2



I had followed those instructions and I do have the settings in place. Here is the authentication config in the applicationhost.config file. Basic, Forms, and Anonymous are disabled. I am using the IIS manager to adjust configurations.

<windowsAuthentication enabled="true" useKernelMode="false">
<providers>
<clear />
<add value="NTLM" />
<add value="Negotiate" />
</providers>
<extendedProtection tokenChecking="None" />
</windowsAuthentication>

So what is happeneing is when I go to the website it prompts me for a windows login. That login correctly defaults to the domain we have at our company. But it won't accept my login manually typed in. I am concerned that active directory is not working but something else could be wrong because it won't accept my login manually either.

So this is where my lack of understanding comes into play. How does the webserver know the windows user accounts? Does the server need to be set up in some way to be able to validate authentication requests against the active directory? Does my setting this up on a regular Windows 7 Enterprise workstation not allow it to support windows authentication?

GPtech is offline  
Sponsored Links
Advertisement
 
Old 03-26-2013, 10:05 AM   #4
Moderator
- Design Team
- Networking Team
 
Fjandr's Avatar
 
Join Date: Sep 2012
Location: Spokane, WA
Posts: 2,483
OS: Windows XP SP3, Windows 7 SP1, Debian, CentOS

My System


What is the web log saying regarding the failed authentications?
__________________

Fjandr is offline  
Old 03-26-2013, 11:01 AM   #5
Registered Member
 
Join Date: Mar 2010
Posts: 117
OS: Vista SP2



I took a quick look but I didn't see anything that was obvious. I think the computer I am running the web server on is not communicating with active directory. I think its trying to authenticate from the local windows user accounts and not passing the authentication task to the active directory server for processing. How is this controlled in the IIS setup? How do I tell it to pass auhtentication to the AD server?

#Software: Microsoft Internet Information Services 7.5
#Version: 1.0
#Date: 2013-03-26 17:47:45
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2013-03-26 17:47:45 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 2 5 202
2013-03-26 17:47:45 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:47 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 1637
2013-03-26 17:47:47 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 592
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 483
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 0
2013-03-26 17:48:36 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 2 5 0
2013-03-26 17:48:36 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 1341
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 483
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 202
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 0
2013-03-26 17:54:17 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 2 5 0
2013-03-26 17:54:17 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 2136
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 514
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 280
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 15
GPtech is offline  
Old 03-26-2013, 11:10 AM   #6
Moderator
- Design Team
- Networking Team
 
Fjandr's Avatar
 
Join Date: Sep 2012
Location: Spokane, WA
Posts: 2,483
OS: Windows XP SP3, Windows 7 SP1, Debian, CentOS

My System


Unfortunately, I'm not intimately familiar with IIS, so I can't guide you on setting it to forward authentication requests to an AD server.

It's weird that it's not logging the authentication failures though.
__________________

Fjandr is offline  
Old 03-26-2013, 11:20 AM   #7
Registered Member
 
Join Date: Mar 2010
Posts: 117
OS: Vista SP2



Yeah I feel like everything is set up per the instructions. Its looks like it is close but just missing a few config tweaks. Our AD guy comes back from out of town Thursday but his strength is not IIS either. I'll show him what is going on though.
GPtech is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 06:57 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts