SSO LDAP WITH IIS

[carlosDMI]

Hello, i want to use the sso authentication with ldap record, we have iis 2019, and app laravel 8, so, when i use $__SERVER['AUTH_USER'] this is empty result, and the app show me the windows login promt.

i would like to use sso sign from my windows session

Environment:

• LDAP Server Type: [e.g. ActiveDirectory / OpenLDAP / FreeIPA]
• LdapRecord-Laravel Major Version: [e.g. v1, v2]
• PHP Version: [e.g. 7.3 / 7.4 / 8.0]

[stevebauman]

Hi there @carlosDMI,

Please follow the guide here:

https://ldaprecord.com/docs/laravel/v3/auth/sso

Namely, the IIS Windows Authentication Configuration Guide:

https://learn.microsoft.com/en-us/iis/configuration/system.webServer/security/authentication/windowsAuthentication/providers/add

[carlosDMI]

Hi there @carlosDMI,

Please follow the guide here:

https://ldaprecord.com/docs/laravel/v3/auth/sso

Namely, the IIS Windows Authentication Configuration Guide:

https://learn.microsoft.com/en-us/iis/configuration/system.webServer/security/authentication/windowsAuthentication/providers/add

i already have to done this!, but i don't understand this part, with iis. My app show the windows prompt login, and i want to automatic login.

I DONT UNDERSTAND THIS The goal is to have two URLs that point to the same Laravel application. One has Windows authentication enabled, and another does not. This is typically identified by an sso subdomain:

[stevebauman]

Sorry @carlosDMI, setting up IIS Windows Authentication on a Windows Server is out of the scope of this repository. LdapRecord-Laravel provides compatibility with SSO, but it does not provide the feature itself, nor support for setting it up.

It's very difficult to troubleshoot these issues without accessing both the application and Windows web server itself. I would recommend debugging with ChatGPT if possible, as it would likely be easier and faster than going back and forth here 👍

[stevebauman]

My app show the windows prompt login, and i want to automatic login.

If you visit your application with Windows Authentication enabled and the Windows prompt for a username and password is appearing, this is most likely due to the computer you're accessing the website with is not domain joined, or domain joined to the same domain the web server is on.