I have been tasked to create a web-based account creation tool for one of our customers. I have been provided w/ a Win2k box with an IBM HTTPServer version of Apache and ActiveState Perl installed.
My question pertains to user authentication. The CGI script will need to run external commands (Tivoli CLI - for the curious) to create the user account. The external commands require appropriate permissions themselves to be executed, based on who the command is being run as. I need to be able to do the following:
- Authenticate the user as being a valid user in the NT domain
- Run all subsquent commands as that authenticated user
I've looked around the monastery and found information on setuid, suidperl, etc., but that these won't work properly on a NT box. Does anyone have experience along these lines? Any help or guidance would be appreciated.