Help with ldap active directory concepts please

[Jalz]

Hi Guys,

 

We've got a windows based network here and everything here has Single Sign On enabled so the user enters in their credentials once and it gets them through to all the things they should have access to.

 

I've designed a database with lost and found items - fairly simple at this stage with one table, and within my database I have another table with usernames and a hashed password. What I would like to do in the long run is remove this table and allow my users to add/edit etc based on their windows login.

 

What technologies do I need to look at in php that will enable me to do this? At present the pseudo code of when the user enters in the username and password on my form is as follows:

 

Enter Username and Password click on Submit

Check within database to see if credentials match

If credentials match retrieve the membership category and store in a session variable

else go back to login page and request a username and password

 

Anyone help me with the concepts to understand this - we've got a partially working system using Moodle which I can 'lift' the Active directory settings, but I have no idea how the SSO will work.

 

Anyone care to chip in with topics I should read up or sample tutorials to get me started reading the directory as I am a complete beginner and Im trying to replace an asp/access database that had all of this built in...

 

Many Thanks for the advice - p.s no doubt there will be lots more questions from me on this subject. I'll keep it all in this thread so someone else may find it useful

 

Jalz