Posted by Steve on December 06, 19101 at 19:30:35:
I am an intranet developer in a large-ish corporation. We have a number of web applications that have been developed for the Intranet. Each application has it's own login/password, which nobody remembers.
Our environment is entirely Microsoft (clients and servers), and we require users to use Internet Explorer 4+. We normally develop our web apps in ColdFusion, but are not limited to this (ie. if there is a VB/ASP/C++ solution that's ok).
I am looking for a means to authenticate our users against their NT login.
What I want to avoid is creating overhead for our system admin by setting directory level privileges (ie. Challenge/Response technique). What we want to do is provide a web based user name and login form which validates the user against their NT login and gives a response (ie. 'varified' or 'denied'), that’s it. Once verified we handle the rest in our specific databases.
I'm sure others would have wanted to do this before but I can't find a good explanation of how to do it.