+ Post New Thread
Results 1 to 13 of 13
General Chat Thread, AD & external webside authentication (Sorry not sure where to put this!) in General; Hi, long shot.. and probably can't be done but is there a way to... Basically i would like to be ...
  1. #1

    Join Date
    Feb 2009
    Location
    Suffolk, UK
    Posts
    121
    Thank Post
    22
    Thanked 1 Time in 1 Post
    Rep Power
    0

    AD & external webside authentication (Sorry not sure where to put this!)

    Hi, long shot.. and probably can't be done but is there a way to...

    Basically i would like to be able to allow students access to a website (possibly our learning platform) but to avoid the logging in on the website. Is there a way to use AD to make this happen?

    I'm guessing not as the website is external, just wondered, or maybe a script of some kind could be run at start up giveing the website login credentials, read from the AD login?

    Hope this makes a little sense?

    Oh, currently we've server 2003, but about to up to 2008 if that makes any difference.

    Cheers for any advice :-)

  2. #2
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,151
    Thank Post
    191
    Thanked 235 Times in 199 Posts
    Rep Power
    94
    If they're accessing externally (via their home computer etc) then they'll have to log in and authenticate somehow.
    In school you can get around it as you know they're accessing via station and know they're logged on as themselves. Outside the only way of authenticating would be via typing a username and password of via VPN etc (which obviously would still require some for of login!)

  3. #3

    Join Date
    Feb 2009
    Location
    Suffolk, UK
    Posts
    121
    Thank Post
    22
    Thanked 1 Time in 1 Post
    Rep Power
    0
    When they're home they will need to log in to the site, that's cool.. but what i really would like to be able to do is to enable their network login to login to the website for them.. so when they visit the website they're automatically logged in.

    I know this will only work in school, but would be good here.

  4. #4
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,151
    Thank Post
    191
    Thanked 235 Times in 199 Posts
    Rep Power
    94
    If your talking about a locally hosted LP like Moodle, then it's possible yes.
    Use LDAP and Windows Authentication via IIS (if you go down the MS route instead of Linux - if it's Linux I can't help - can't use it!!)

  5. Thanks to mb2k01 from:

    klop (19th March 2009)

  6. #5
    SteveBentley's Avatar
    Join Date
    Jun 2007
    Location
    Yorkshire
    Posts
    1,454
    Thank Post
    120
    Thanked 264 Times in 190 Posts
    Rep Power
    73
    If you go the unix route, there's a PHP class called ADLDAP which you can use. Works very nicely.

  7. #6

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,124
    Thank Post
    217
    Thanked 1,353 Times in 826 Posts
    Blog Entries
    4
    Rep Power
    528
    Quote Originally Posted by klop View Post
    I'm guessing not as the website is external, just wondered, or maybe a script of some kind could be run at start up giveing the website login credentials, read from the AD login?
    the website is external? so hosted and controlled by someone else..?

    if so there's really no way to do this....

  8. Thanks to Domino from:

    klop (19th March 2009)

  9. #7
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,151
    Thank Post
    191
    Thanked 235 Times in 199 Posts
    Rep Power
    94
    Quote Originally Posted by Domino View Post
    the website is external? so hosted and controlled by someone else..?

    if so there's really no way to do this....
    I'd missed the external bit when making my previous posts!
    It's technically still possible to get LDAP authentication via an external site, but you would have to have a very good relationship with the hosting company! If it's an LEA hosted site (i.e. by your schools ISP) then it might well be still possible with some Firewall changes at both ends to allow that kind of traffic. I'm not sure I'd want to go down that avenue myself.

  10. Thanks to mb2k01 from:

    klop (19th March 2009)

  11. #8

    Join Date
    Feb 2009
    Location
    Suffolk, UK
    Posts
    121
    Thank Post
    22
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Afraid yes it is external.. and there's not really that close a relationship so i'm guessing it's not really going to happen.

    New we should have investigated moodle a little more thoroughly!

    ho hum, thanks for all advice anyways.. was the answer i expected.. but if you don't ask n all that

    Cheers

  12. #9
    mb2k01's Avatar
    Join Date
    Jan 2007
    Posts
    1,151
    Thank Post
    191
    Thanked 235 Times in 199 Posts
    Rep Power
    94
    Out of interest, what LP is it, and who's hosting it?

  13. #10

    Domino's Avatar
    Join Date
    Oct 2006
    Location
    Bromley
    Posts
    4,124
    Thank Post
    217
    Thanked 1,353 Times in 826 Posts
    Blog Entries
    4
    Rep Power
    528
    I'm gonna guess at uniservity.....

  14. #11

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,850
    Thank Post
    110
    Thanked 598 Times in 514 Posts
    Blog Entries
    1
    Rep Power
    227
    The only way you could have this work is if there was a VPN between your AD server(s) and the external web site. Thus allowing the two to communicate authentication information.

  15. #12

    Join Date
    Feb 2009
    Location
    Suffolk, UK
    Posts
    121
    Thank Post
    22
    Thanked 1 Time in 1 Post
    Rep Power
    0
    yep, uniservity

  16. #13
    sahmeepee's Avatar
    Join Date
    Oct 2005
    Location
    Greater Manchester
    Posts
    795
    Thank Post
    20
    Thanked 70 Times in 42 Posts
    Rep Power
    34
    Quote Originally Posted by Geoff View Post
    The only way you could have this work is if there was a VPN between your AD server(s) and the external web site. Thus allowing the two to communicate authentication information.
    I could think of at least one other way in the general case, but unfortunately it won't work for Uniservity. Generally speaking you could set up a lookup database which would act as an intermediary between AD and the website.

    Your user would click on a link which would take them to an ASP page on a local IIS server. The page would take their AD username as a variable, look it up in the database, then redirect them to the VLE login with the VLE username and VLE password embedded into the URL.

    You could put it into an IFRAME or something similar so that the username and password don't show up in the address bar for all to see. Once the page has had time to load, redirect the parent window to the VLEs homepage without credentials - it will still be logged in thanks to the site's cookies.

    If the user had access to change their own password you would find that those users who did would have to log in manually.

    Why won't it work with Uniservity? The Uniservity login page:

    https://www.school-portal.co.uk/Secu...OURGROUPIDHERE

    ...will only accept txtusername and txtpassword when passed via POST rather than GET. I will be generous to them and suggest this was done for security reasons



SHARE:
+ Post New Thread

Similar Threads

  1. Moodle & NTLM Authentication
    By alan-d in forum Virtual Learning Platforms
    Replies: 12
    Last Post: 15th December 2009, 03:19 PM
  2. External telephony and data at an external site.
    By ranj in forum Wireless Networks
    Replies: 12
    Last Post: 14th March 2008, 07:26 PM
  3. External Trust authentication issues
    By rusty155 in forum Windows
    Replies: 9
    Last Post: 23rd January 2008, 01:18 AM
  4. Put messages & pictures on live webcam
    By FN-GM in forum How do you do....it?
    Replies: 7
    Last Post: 31st October 2007, 06:30 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •