Comments on: Simple lightweight NTLM in PHP

By: Hossain

Hossain — Mon, 12 Dec 2011 12:37:02 +0000

Thanks,
Great Help.
Was looking for this for very long time.
Really appreciable.

Thanks again

By: Hossain

Hossain — Mon, 12 Dec 2011 12:36:04 +0000

Thanks,
Great help, was looking for this.
Really appreciable.

Thanks again

By: ThreeM

ThreeM — Mon, 26 Sep 2011 18:58:55 +0000

There are a few of you with the issue of needing to send this data via a form or other post methods. To do this with other applications I have always found it easiest to either use the PHP that generates the page to pass up the variables – $user $domain $workstation in this case – as either JavaScript variables when it writes the script or if all the scripts are includes then hiding it in a hidden form field in the html. If you need it for multiple forms/scripts you can also just enclose it in a echo “$user”; then to retrieve it just use a getElementById(‘#data_user’).innerHTML to return what is in the div element and pass it with the rest of the data in your AJAX (JavaScript w/o reload) call, POST (header), or GET (URL) request.

By: Nuke

Nuke — Fri, 12 Aug 2011 07:54:45 +0000

Hi guys, after wasting half a day debugging my code,; the issue seems to be with ie. Ntlm authentication is required on every page that is posting data across. Which means that if one page has been authenticated using this script all subsequent pages need to run this script in order post any information across; which is why all posts on ie are returning empty and if you try the same on firefox would work fine.

Haven’t found a solution yet, but will not POST on ie unless all pages have this script;

Let me know if anyones found a soulution for this.

By: Danny

Danny — Wed, 22 Jun 2011 07:53:43 +0000

This is a fantastic script, works like a treat but I’m experiencing the same issues as others. I’ve authenticated the user on intranet home page load and then stored what I need in a session. However as others have reported it stops forms from processing.

I have checked the post array and it’s empty when using this. Is there any answer of how to fix this?

By: Loune

Loune — Fri, 22 Apr 2011 12:39:13 +0000

@Chris unfortunately I’ve had no experience with mod_auth_sspi. The script I made above is for sites which just want to get NTLM authentication information with PHP. If you’re using mod_auth_sspi, then the above script is not neccessary. From what you’ve written, it sounds like a configuration issue with mod_auth_sspi. It’s probably best to post at the mod_auth_sspi mailing list and see if the devs there can help you.

By: Chris

Chris — Tue, 19 Apr 2011 15:56:31 +0000

Hi Loune.

Many thanks for your response.

I am using your script in two places one of them is in a directory which has the mod_auth_sspi pointed at it (.\protected\whoami.php) and the other is in the root.

I am using IE6

When accessing the script via IE6 in the root http://localhost/whoami.php i get this error ( Undefined index: REMOTE_USER in C:\wamp\www\whoami.php on line 8
) and when I access the script http://localhost/protected/whoami.php I get my user name, domain name and machine name as expected.

How ever when I access the script http://10.99.99.99/whoami.php i still get this error ( Undefined index: REMOTE_USER in C:\wamp\www\whoami.php on line 8
) and when I access the script http://10.99.99.99/protected/whoami.php I get an NT Challenge prompt, which, if I fill in the user name part only (with say, the letter ‘h’) gives the user name as ‘h’ and the correct domain name etc.

What I wish to do is extract the windows user name, domain etc (with out the user having to fill in an NT Challenge prompt).

Is this some thing to do with the way the Apache web sever is set up as I have done this type of thing numerous times using windows IIS-5 with no NT Challange prompt.

Cheers.

Chris

By: Loune

Loune — Wed, 13 Apr 2011 08:36:09 +0000

@Chris, what do you mean by protected directory? And which browser are you using? This script is for finding out the username of the current logged on windows user. Is that what you want?

By: Chris

Chris — Mon, 11 Apr 2011 16:56:00 +0000

Hi Loune

I’m trying this script on an intranet and keep getting the NT Challenge prompt when using a ‘protected’ directory and no user information when using an unprotected directory.

I am using the latest install of WAMP and have mod_auth_sspi installed working on a single directory – the protected directory.

Any assistance greatefully received!

By: Dave

Dave — Fri, 14 Jan 2011 17:08:16 +0000

That worked. Thanks for the help.