# IIS7 Active Directory and gethostbyaddr



## GPtech

Hello running an intranet server of my windows 7 enterprise 64 bit using IIS7

I want to use our current active directory setup to allow my PHP script to return the windows user that clicks a button 
PHP function is gethostbyaddr($_SERVER['AUTH_USER'])

When I set IIS7 authentication to basic the website requires the windows login but it is not passing the active directory login info. Is there any way to set authentication so that the authentication comes from active directory? If so how.

For WWWroot folder I have security for USERS, do I need to just change this security to AUTHENTICATED USERS for the cridentials to pass automatically?

I could use some tips everything is set up and working but gethostbyaddr($_SERVER['AUTH_USER']) comes back blank


----------



## Fjandr

Check out this site for a quick tutorial on using AD to authenticate IIS users:
Windows Authentication <windowsAuthentication> : The Official Microsoft IIS Site


----------



## GPtech

I had followed those instructions and I do have the settings in place. Here is the authentication config in the applicationhost.config file. Basic, Forms, and Anonymous are disabled. I am using the IIS manager to adjust configurations.

<windowsAuthentication enabled="true" useKernelMode="false">
<providers>
<clear />
<add value="NTLM" />
<add value="Negotiate" />
</providers>
<extendedProtection tokenChecking="None" />
</windowsAuthentication>

So what is happeneing is when I go to the website it prompts me for a windows login. That login correctly defaults to the domain we have at our company. But it won't accept my login manually typed in. I am concerned that active directory is not working but something else could be wrong because it won't accept my login manually either.

So this is where my lack of understanding comes into play. How does the webserver know the windows user accounts? Does the server need to be set up in some way to be able to validate authentication requests against the active directory? Does my setting this up on a regular Windows 7 Enterprise workstation not allow it to support windows authentication?


----------



## Fjandr

What is the web log saying regarding the failed authentications?


----------



## GPtech

I took a quick look but I didn't see anything that was obvious. I think the computer I am running the web server on is not communicating with active directory. I think its trying to authenticate from the local windows user accounts and not passing the authentication task to the active directory server for processing. How is this controlled in the IIS setup? How do I tell it to pass auhtentication to the AD server?

#Software: Microsoft Internet Information Services 7.5
#Version: 1.0
#Date: 2013-03-26 17:47:45
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status time-taken
2013-03-26 17:47:45 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 2 5 202
2013-03-26 17:47:45 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:47 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 1637
2013-03-26 17:47:47 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 592
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 483
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:47:48 10.10.1.254 GET /Training+Guides/MMTracking.swf - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 0
2013-03-26 17:48:36 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 2 5 0
2013-03-26 17:48:36 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 1341
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 483
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 202
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:48:38 10.10.1.254 POST /internalServerReporting.php - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 0
2013-03-26 17:54:17 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 2 5 0
2013-03-26 17:54:17 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 2136
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 514
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 280
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074254 0
2013-03-26 17:54:19 10.10.1.254 GET / - 80 - 10.10.1.254 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 1 2148074252 15


----------



## Fjandr

Unfortunately, I'm not intimately familiar with IIS, so I can't guide you on setting it to forward authentication requests to an AD server.

It's weird that it's not logging the authentication failures though.


----------



## GPtech

Yeah I feel like everything is set up per the instructions. Its looks like it is close but just missing a few config tweaks. Our AD guy comes back from out of town Thursday but his strength is not IIS either. I'll show him what is going on though.


----------

