Using Windows Authentication With PHP
Ever find yourself in the situation where you’ve got PHP up and running on your Windows/IIS machine, but you can’t work out who is using your application?
What’s more, looking at the following environment variables tells you nothing:
1 | $_SERVER['AUTH_USER'] |
The issue is that you need to turn on Windows Authentication and this brief guide will tell you how.
Installing Windows Authentication
- Firstly, let’s make sure that you have installed Windows Authentication. In your Server Manager Dashboard, choose option 2: Add roles and features.
- Click Next, Next, Next.
- Scroll down and under Web Server > Web Server > Security, make sure Windows Authentication is ticked.
- If not, keep clicking Next until you get the chance to Install. Otherwise, cancel out of the dialog
Configuring Windows Authentication
- Now run IIS Manager (you can find it in the Dashboard under Tools).
- Find your application, and click on it.
- Now double-click on Authentication
- Ensure Anonymous Authentication is disabled
- Ensure Windows authentication is enabled
Setting Folder Permissions
One final thing you may need to do is to ensure that your users can now access the folder and contents of your web application.
- Find the installed folder in Windows explorer
- Right-click that folder and choose Properties > Security
- Now edit the permissions to ensure that the group Users can access and modify all files within it that are pertinent (i.e. that may need to be written to)
- It may also be prudent to make sure that IIS_IUSRS and IUSR can do the same.
Now, when a user accesses your web application, they may be prompted initially to enter their Windows credentials, but after that, the server settings above will be populated.
Hi! Did you find this useful or interesting? I have an email list coming soon, but in the meantime, if you ready anything you fancy chatting about, I would love to hear from you. You can contact me here or at stephen ‘at’ logicalmoon.com