[thelist] AD, IIS and "single sign on" on an intranet

Marcus Andersson m-lists at bristav.se
Tue Mar 28 13:25:42 CST 2006

We have a customer with a Windows setup (Active Directory, IIS, Windows 
work stations etc). What we want to do now is to use another web server 
(we sold a non MS application to them) and somehow accomplish the same 
functionality that IIS seems to provide with regards to that when the 
users are logged on to their work stations they don't need to log into 
the intranet web application (IIS just seems to know somehow who it is).

How can we accomplish this ourselves? I know that I probably can speak 
LDAP to AD to get user information but how do IIS know who the user is 
without logging the user in to the web application? Is the browser 
sending user information? Is it (IIS) using IP addresses somehow to see 
who it is? I'm clueless (and haven't found a good enough google search 
phrase :( )...

Ideas? (I think this one falls into Ken Schaefers area of expertise ;)



More information about the thelist mailing list