I'm trying to get MRBS configured with single signon. I'm using IIS7 on a
virtual 2008 server. On login I'm prompted for username/pw and I can log
in with school accounts. However when I book a room all bookings are
showing as being created by "DefaultAppPool". Also all users seem to have
admin rights and can delete/edit bookings. Any ideas what I'm missing in
Windows authentication has been enabled with NTLM set at the top of the
list. All other authentications are disabled. 'Connect As' is set
to 'application user'. My config file is as follows:
$auth["session"] = "nt"; // How to get and keep the user ID.
$auth["type"] = "none"; // How to validate the user/password.
// The list of admins (can modify other peoples settings).
unset($auth["admin"]); // Include in config.inc.php
$auth["admin"] = "192.168.3.113"; // localhost IP address
$auth["admin"] = "administrator"; // A username from user list
I'm not sure as I've not done this but would having the local IP set as an admin mean that any logon is made an admin?
Have you got NTLM working fine without SSO turned on? I'll have a look at my install tomorrow, it is Apache but I have NT logon working ok so can tell you what session and auth type I have.
Silly question, but have you restarted the iis server?
Also, how have you got PHP setup? is it FastCGI or ISAPI?
If fastCGI, then there is an option under CGI options called "impersonate user" that might help. I think this needs to be set to True.