We have a Windows 2003 Server running IIS 6 and PHP 5.0. At the moment we have user's logging onto the domain thru their Windows XP based client PCs. Eventually they get to the desktop and can do whatever. Unfortunately current PHP apps have no clue who the user is and force the user to login to access intranet material (authentication is thru PHP - MySQL). Now I've heard of Active Directory and LDAP, which we do have at work, but I want to know if this can help me out in producing a single login approach. Ideally we want it so that when the user logs into their PC and makes it to the desktop, therte is NO MORE redundant login for the PHP intranet files.

Is it possible to identify the logged in user thru the active PHP script, perhaps thru LDAP or any Windows Networking information? When my PHP script is hit i do know the IP/Host name of the user. I just need to know the user's Windows domain Login Name that was used to login to that PC so that i can link it up to the extra user information stored in the MySql dbase.

Thanks.