skip to Main Content
+971 55 881 1725 hmimthiaz @ imthi.com

Leopard + Apache 2 + NTLM + PHP + Integrated Windows Authentication

Everyday we face lot of challenges and today it was to make our CMS work with NTLM(NT LAN Manager Windows authentication protocol) Single Sign-On. I hope you didn’t get any shit what I meant above and so was I when I got the requirement.

In windows network we can connect all computers to a domain and it will have a domain controller. Once your computer is connected to the domain you will be asked enter your domain user name and password when ever you log on to system. After you log in it will use the same credentials to authenticated all the domain related objects like network, files, exchange and so on. In most of the corporations this how they manage the systems with group policies applied to each users.

In Internet explorer there is a feature to use the same credentials to authenticate intranet websites. This is Single Sign-ON. There is very nice article which can help you if you want to set it up.
internet-explorer-authentication-setting

So my application should be able to detect whether the browser is authenticated already or raise if needed and it will validate the credential with domain controller. There is no direct methods available in PHP to achieve this. So to achieve this I had to rely on NTLM auth module for Apache. It was pretty outdated and Raimonds Simanovskis has updated the source tree and had released a patched version here. I was able to compile it without any issues. Download and extract the files and run this.


#sudo /usr/sbin/apxs -i -a -c mod_ntlm.c
...
Libraries have been installed in:
/usr/libexec/apache2
...
chmod 755 /usr/libexec/apache2/mod_ntlm.so
[activating module `ntlm' in /etc/apache2/httpd.conf]

Most important part adding ntlm module to Apache is done. The next step in make some some modification in htaccess file. Configuration setting can be read in detail from here.

AuthName NTAuth
AuthType NTLM
NTLMAuth on
NTLMAuthoritative on
NTLMDomain DOMAIN-NAME
NTLMServer SERVER1
NTLMBackup SERVER1
NTLMLockfile /tmp/_my.lck
require valid-user

Make sure that the computer where you have installed apache should be able to connect to domain controller. Always use full domain names and not IP as it will give errors while connecting [reference] . You are fully set now and if everything is correct you will get these variables in PHP with current logged in details.


$_SERVER['AUTH_TYPE'] => NTLM
$_SERVER['REMOTE_USER'] => xxxxx
$_SERVER['REMOTE_PORT'] => xxxx

I have tested this with Internet explorer and it will work without asking password. For other browsers like Firefox, Chrome, Safari it will prompt for authentication. Thats all folks 😉

Gulfnews vs EMUG users about PC and Mac

There is an interesting debate going between Gulf news technical writer Scott Schuey and users from Emirates Mac User Group (EMUG) about the article published by Scott on 7th june 2008 about Investing in a suitable computer system.

The users of EMUG started to discuss about that article “Gulf News answers the Question Should I buy an Apple Macintosh instead of a personal?

Scott gave reply with another article on 14th June 2008 as “Live with it: Mac is not the greatest“.

Here goes the reply for the article by the EMUG users “Gulf News pissed with EmiratesMac

The debate is going red hot, I am waiting for the next reply from Scott Schuey !!!

Apple MacBook pro Windows Drivers

Today I wanted install windows over Bootcamp. I totally forgot I got to have the Leopard DVD for me to install windows drivers. I had left my DVD in Sharjah. So after installing windows I boot back to OSX and started to search of the windows drivers. I could not get any drivers. It was frustrating that I could not find any of the drivers. Some blogs had some post regarding this and nothing could help me out.

Apple should be giving direct downloads for these drivers from their website. Or link location where people can download the drivers if they have lost of misplaced the installation CDs.

If you anyone had luck in installing the drivers for windows for Macbook pro please drop me a line how you did it 😉

Back To Top