Home > Archive > PHP on Windows > September 2004 > RE: [PHP-WIN] NT username detectable?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
RE: [PHP-WIN] NT username detectable?
|
|
| Trevor Gryffyn 2004-09-13, 8:55 pm |
| Ok, I finally talked our IT guys into turning off the "Anonymous Access"
and I can get into the PHP scripts just fine and "LOGON_USER" is
populated just fine, but some of the other users in the company get a
popup login request when they hit my PHP pages.
If they log in with their usual domain login, password and domain name,
they can get in just fine.
The first thought is permissions. But now it's doing it to my login
which it didn't do at first. And I should have full permissions on that
folder and all.
Could it be that that machine MAY be on another domain? We apparently
have two domains here and I'm not sure which one it belongs to. Does
that make any sense to anyone?
Thanks in advance. Just wondering if anyone else had run into this
issue.
-TG
> -----Original Message-----
> From: Gryffyn, Trevor=20
> Sent: Friday, September 03, 2004 9:09 AM
> To: php-windows@lists.php.net
> Cc: GHaider@darcor.com
> Subject: RE: [PHP-WIN] NT username detectable?
>=20
>=20
> Probably not the most reliable way (actually, I know it's not 100%
> reliable), but the way I use for quick and dirty, informal=20
> usage logging
> is this:
>=20
> $ipaddress =3D $_SERVER["REMOTE_ADDR"];
>=20
> $nbtstat =3D "nbtstat -A ". $ipaddress;
> exec ($nbtstat,$result);
> foreach ($result as $row) {
> if (strpos($row,"<03>")) $username =3D strtok($row," ");
> }
>=20
>=20
> This only works if you're on the same network and the users=20
> are logging
> into their box.
>=20
> It seems to fail when someone is logged into multiple=20
> machines at once,
> you end up getting the computer name or something. Probably does this
> under other circumstances as well. But there's some little=20
> 80% reliable
> way of doing it.
>=20
> If you find a better way, by all means let me know!
>=20
> -TG
>=20
> COM or even=20
> IE6 with=20
>=20
> --=20
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>=20
>=20
| |
| Manuel Lemos 2004-09-13, 8:55 pm |
| Hello,
On 09/13/2004 05:07 PM, Trevor Gryffyn wrote:
> Ok, I finally talked our IT guys into turning off the "Anonymous Access"
> and I can get into the PHP scripts just fine and "LOGON_USER" is
> populated just fine, but some of the other users in the company get a
> popup login request when they hit my PHP pages.
That is basic authentication, not NTLM.
> If they log in with their usual domain login, password and domain name,
> they can get in just fine.
>
> The first thought is permissions. But now it's doing it to my login
> which it didn't do at first. And I should have full permissions on that
> folder and all.
>
> Could it be that that machine MAY be on another domain? We apparently
> have two domains here and I'm not sure which one it belongs to. Does
> that make any sense to anyone?
If NTLM authentication succeeds, users have autenticated in the domain
that they have logged in when they started their Windows logon session.
--
Regards,
Manuel Lemos
PHP Classes - Free ready to use OOP components written in PHP
http://www.phpclasses.org/
PHP Reviews - Reviews of PHP books and other products
http://www.phpclasses.org/reviews/
Metastorage - Data object relational mapping layer generator
http://www.meta-language.net/metastorage.html
| |
|
| On Mon, 13 Sep 2004 16:07:36 -0400, Gryffyn, Trevor
<tgryffyn@air-cargo-inc.com> wrote:
> Ok, I finally talked our IT guys into turning off the "Anonymous Access"
> and I can get into the PHP scripts just fine and "LOGON_USER" is
> populated just fine, but some of the other users in the company get a
> popup login request when they hit my PHP pages.
>
> If they log in with their usual domain login, password and domain name,
> they can get in just fine.
>
> The first thought is permissions. But now it's doing it to my login
> which it didn't do at first. And I should have full permissions on that
> folder and all.
>
> Could it be that that machine MAY be on another domain? We apparently
> have two domains here and I'm not sure which one it belongs to. Does
> that make any sense to anyone?
It's probably the domain thing. I have similar problems here running
Apache 2, PHP 4.3.8 and mod_auth_sspi 1.0.1. In typical MS fashion
it's hard to put a finger on exactly what causes it, but if the PDC is
rebooted and someone tries going to the site without logging out then
back in it will ask for the password. There are various other
scenarios and a few people who just can't do it without entering their
details. I'm not sure why it happens since not enough people have the
problem to warrant looking into it.
Hope that ramble helped a bit.
--
Stut
|
|
|
|
|