If you use plain-text authentication, the user's ID and password are
available to the CGI script via environment variables. Fortunately, AD
LDAP binds accept the user ID in the form of DOMAIN\USERID
Here's a snippet of code:
$userID = $ENV{LOGON_USER};
$passwd = $ENV{AUTH_PASSWORD};
my $AdminUser1 = "$ntdomain\\$userID";
my $AdminPasswd1 = $passwd;
$ldap1 = Net::LDAP->new($dc1) or LogAndExit("open LDAP#1: $@");
my $result = $ldap1->bind( dn => $AdminUser1, password =>
$AdminPasswd1 );
die("Failed to bind1: " . $result->error) if $result->code;
-----Original Message-----
From: Eric Nichols [mailto:[EMAIL PROTECTED]
Sent: Sunday, December 31, 2006 7:40 AM
To: perl-ldap@perl.org
Subject: Pass IIS credentials through LDAP?
I've never really been able to find a definitive answer on this.
IIS has their Integrated Authentication method which can recognize the
client's credentials. I'd like to take those credentials and bind as
that IIS user to an Active Directory server over LDAP.
Any ideas?
Thanks and happy New Years!
