-
About the System
-
Managing Users
-
Access permissions
-
Using system tools
-
AD/LDAP
-
Blogs
-
Business Processes
-
Business Process Designer
-
Visual Modeler
-
Business Process Templates
-
Actions
-
Document Processing
-
Constructions
-
Notifications
-
Other
-
My Actions
-
CRM
-
Activity
-
Create new company
-
Create new contact
-
Create CRM event
-
Create new lead
-
Create new deal
-
Create using source
-
Change responsible person
-
Change status
-
Waiting for deal status
-
Waiting for lead status
-
Send SMS
-
Send email
-
Schedule a call
-
Schedule a meeting
-
Get CRM data
-
Facebook Advertisements
-
Google AdWords Advertisements
-
Add to exceptions
-
Add comment
-
Book a resource
-
Cancel booking
-
Wait
-
Create CRM document
-
Create contact or lead
-
Create repeat lead
-
-
-
-
Common Lists
-
Currencies
-
Document Library
-
e-Learning
-
Basic notions
-
Creating lessons and tests
-
Publishing a training course
-
-
Extranet
-
Forum
-
Helpdesk
-
Setting up your helpedesk service
-
Dictionaries
-
SLA
-
How to assign the ticket duty
-
Submitting tickets to tech support via e-mail
-
Functions available in the public section
-
Administration interface
-
-
Information Blocks
-
Basic notions
-
Typical Operations
-
Extra features
-
-
Intranet
-
Mail
-
Performance Monitor
-
Photo Gallery
-
Polls and surveys
-
Proactive Protection
-
Push and Pull
-
Push & Pull scope of application
-
Push server operational basis
-
Queue server versions
-
Configuring P&P module and queue server
-
Upgrade from Bitrix Push server 1.0 to Bitrix Push server 2.0
-
Upgrade from Nginx-PushStreamModule to Bitrix Push server 2.0
-
Using separate queue server
-
Push server setup and start at the 3rd-party environment
-
-
Scalability
-
Scalability Panel
-
Load chart
-
VPS Orders
-
-
Search
-
Main Concepts
-
Site indexing
-
Morphological search
-
Ranking Rules
-
Logical operators
-
Document Search Setup
-
Adding new formats
-
Setting Up Web Environment with PHP Version below 5.2.6
-
Search of MS Office documents of earlier versions
-
-
Sphinx search set up
-
-
Social Network
-
Technical Support
-
Telephony
-
Web forms
-
XMPP Server
-
Multiple Divisions
-
External data import to Activity Stream
NTLM Authorization
Lesson 22 out of 279
The system supports NTLM authorization by default by including the mod_auth_sspi module in the Apache web server installation. If you do not use Bitrix Environment, or NTLM authorization does not function correctly or at all, do the following.
- Ensure that mod_auth_sspi is installed.
a. If you’re using Bitrix Environment, this module is installed by default. Make sure the following lines exist in .htaccess:
AuthName "My Intranet" AuthType SSPI SSPIAuth On SSPIPackage NTLM SSPIDomain MYDOMAIN SSPIPerRequestAuth On SSPIAuthoritative On SSPIOfferBasic On Require valid-user
If they are commented out, uncomment them. If you cannot find these directives at all, add them to .htaccess.
b. If you are not using Bitrix Environment, download the mod_auth_sspi module here and put it to the /apache/modules/ directory.
Add the following line to the httpd.conf file:
LoadModule sspi_auth_module modules/mod_auth_sspi.so
Add these lines to .htaccess:
AuthName "My Intranet" AuthType SSPI SSPIAuth On SSPIPackage NTLM SSPIDomain MYDOMAIN SSPIPerRequestAuth On SSPIAuthoritative On SSPIOfferBasic On Require valid-user
- Use phpinfo to find the value of the
$_SERVER['REMOTE_USER']
variable. Set the “NTLM Authorization Domain” parameter to this value in the AD/LDAP server settings.Another way to get the
REMOTE_USER
value is to create a page containing a single line:<? echo $_SERVER['REMOTE_USER']; ?>
and open it in a web browser. - Check the AD/LDAP module settings: NTLM authorization should be enabled (the "Use NTLM authorization" parameter).
Finally, open Control Panel > Settings > AD/LDAP and make sure the AD/LDAP server parameters are correct.
Accessing Extranet without NTLM
To enable access to the /extranet/ folder without NTLM authorization:
- Add the following lines to .htaccess:
AuthName "My Intranet" AuthType SSPI SSPIAuth On SSPIPackage NTLM SSPIDomain MYDOMAIN SSPIPerRequestAuth On SSPIAuthoritative On SSPIOfferBasic On Require valid-user
- Add the line to /extranet/.htaccess and /bitrix/.htaccess:
Satisfy any
- Add the line to /bitrix/admin/.htaccess:
Satisfy all
These directives will set all the public section folders and Control Panel pages to require authorization via NTLM, except for the /extranet/ folder.