[pmwiki-users] LDAP Authentication with Active Directory

[Miller, Joshua]

Hello,

I've reviewed the messages concerning LDAP authentication and Active
Directory and I can't seem to find what I am looking for.  Our
organization has an AD tree that I would like to use for authentication
to my wikis.  I am not very familiar with LDAP and using it with Active
Directory.

Am I correct in assuming that our AD server functions as an LDAP server?
How do I query it?  The OU with all of our users has a space in the name
- will this be a problem?

The wiki that I am trying to set up is for an intranet site that will be
used by internal users that have already authenticated to the
network...the wiki is running on an IIS server that has already checked
permissions with the user's authenticated user name to determine whether
the user has access rights to the directory where the wiki resides...

So here is where I am going with this... Since my users have already
authenticated, can I pass their AD username and password from their
local workstation to the IIS server to the wiki authentication?  Is
there a way to do this?  Basically, the user would open their web
browser and they would already be logged in with their AD Username and
password?  It doesn't have to be a strict log-in per se....maybe all I
would need would be to pass the username from IIS to the wiki and set
that as the author variable, disallowing changes to the author variable.

This particular project doesn't require extensive security - it would
just be good to know who edits what.

Am I on the right track here?

Thanks.

-Josh