PHP, MSSQL - windows logon only - Is it possible???

slewis1972

Ok,

Hers the situ, PHP script running under IIS on a Win2k server
Ms SQl server 2000 as the database.

KNow, I have setup IIS to use clear passwords, and selected a domain, so when the user goes to the page, they enter their windows login name an dpassword, and then they go to the page. Then $_SERVER[PHP_AUTH_USER]
gets passed to the page and shows their users name.
Works fine BUT, the sql server is set 'SA' login - but we would like it if possible to only set Windows logon to the database.

Any ideas if this is possible, and if so how? I cannot seem to get it to work. I have tried making it in the form an entry for user name ($name) and password ($password) that gets pased to the connection strings:-

define('DB_HOST','itdepartment01');
define('DB_USER','$name');
define('DB_PASS', '$password');
define('DB_NAME','itrequest');

if(! $conn = mssql_connect(DB_HOST,DB_USER,DB_PASS)){
exit ("Wheres the DB_HOST gone?");}

But it dont work at all.

Any ideas if I can get it to work.

Scott

tomhath

If I understand the question, you want to set up MSSQL to use use Windows authentication:

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sqlntsv/htm/ns_adminsecurity_20vt.asp

slewis1972

No - thats not what i am meaning. I want php script to connect via to the mssql database by using windows authenticipation.

Basically, at the moment - the login is defined eg the scripts connects with a sa login in.

What I want to do via the form, is if possible get the user to put in their username and password, and those fields get passed to :

define('DB_USER','$name');
define('DB_PASS', '$password');

When the script will then try and connect to the mssql database with those login details, verify with the domain that they are recognised windows users and then allow the other fields int he form to go into the table.

Ok, it may sound simplish but as yet, no matter what format I do the connection string, it wont connect to the database.

Scott

tomhath

Is the $name being passed in defined to SQLServer as a user account? SQLServer normally doesn't care if you have a Windows account, it keeps track of its own loginids (like sa), but you can add other logins.

slewis1972

I ahve tried pushging other logins and it works BUT I only want to push windows logins, I dont want SQL to have its own login like sa.

I can grab the username via $_SERVER[PHP_AUTH_USER]
but is there a simialar syntax to grap the password - as that may work.

Scott