Re: How do I authenticate a UNIX account in IIS 6?
From: Ken Schaefer (kenREMOVE_at_THISadOpenStatic.com)
Date: 05/15/04
- Previous message: David Wang [Msft]: "Re: IIS user getting locked out"
- In reply to: Jeff Walzer: "Re: How do I authenticate a UNIX account in IIS 6?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 15 May 2004 15:05:53 +1000
Hi,
I have no idea what you mean by "making the call", but I assume that:
a) The ASP page requires some kind of HTTP based authentication, and IIS
takes those supplied credentials and impersonates that user in order to
access the resources in the folder
b) the script you have on your Unix box uses some kind of HTTP GET (or POST)
request to the ASP page. If so, then it's just a matter of sending the
appropriate HTTP authentication headers to the server as part of the
request. Both Basic and Digest authentication are open HTTP standards. If
you use Integrated Windows Authentication, then the script needs to be able
to perform NTLM v2 hashing -or- be able to negotiate a Kerberos session
ticket. I would stick to Basic or Digest if you are not familiar with those
latter two options. Digest Auth is not delegatable, so the user token that
IIS has can not be used to access remote resources. Basic Auth sends the
credentials unencrypted, so IIS can directly impersonate the user to access
remote resources.
Cheers
Ken
"Jeff Walzer" <jwalzer@comcast.net> wrote in message
news:f78a819e.0405140500.441abb11@posting.google.com...
: "Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:<ueteNxVOEHA.2728@TK2MSFTNGP12.phx.gbl>...
: > a) Do you want to give the Unix account permissions to the folder?
: > -or-
: > b) Does someone using a Unix account attempt to programatically get
access
: > to the secured folder? In which case, they just need to send appropriate
: > Windows credentials as part of their request.
: >
: > Cheers
: > Ken
: >
:
: Ken,
:
: Thanks for the reply. Someone has written a script that calls a .asp
: page that pulls info from the folder that is locked down in AD. The
: script uses a Unix account to make the call. We have tried plugging in
: the appropiate Windows credentials as part of the request, but it
: fails (maybe we have the wrong syntanx - would you happen to know what
: the syntax for that call would be?). So I assume that we want to give
: the Unix account permissions to the folder.
:
: Thanks,
: Jeff
- Previous message: David Wang [Msft]: "Re: IIS user getting locked out"
- In reply to: Jeff Walzer: "Re: How do I authenticate a UNIX account in IIS 6?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
