Merge 137ca89 into 5f3eda0

Badgerati · Feb 20, 2020 · 55900e0 · 55900e0
2 parents 5f3eda0 + 137ca89
commit 55900e0
Show file tree

Hide file tree

Showing 5 changed files with 280 additions and 120 deletions.
diff --git a/docs/Tutorials/Authentication/Inbuilt/WindowsAD.md b/docs/Tutorials/Authentication/Inbuilt/WindowsAD.md
@@ -1,11 +1,10 @@
 # Windows AD
 
-!!! important
-    The Windows AD authentication method is only supported on Windows (PowerShell, and PS Core v6.1+ only).
+Pode's inbuilt Windows AD authentication works cross-platform, using OpenLDAP to work in *nix environments.
 
 ## Usage
 
-To use Windows AD authentication you use the  [`Add-PodeAuthWindowsAd`](../../../../Functions/Authentication/Add-PodeAuthWindowsAd) function. The following example will validate a user's credentials, supplied via a web-form against the default DNS domain defined in `$env:USERDNSDOMAIN`:
+To enable Windows AD authentication you can use the [`Add-PodeAuthWindowsAd`](../../../../Functions/Authentication/Add-PodeAuthWindowsAd) function. The following example will validate a user's credentials, supplied via a web-form, against the default AD the current server is joined to:
 
 ```powershell
 Start-PodeServer {
@@ -23,6 +22,7 @@ The User object returned, and accessible on Routes, and other functions via `$e.
 | Name | string | The user's fullname in AD |
 | FQDN | string | The DNS domain of the AD |
 | Groups | string[] | The groups that the user is a member of in AD, both directly and recursively |
+| Domain | string | The domain part of the username |
 
 Such as:
 
@@ -33,9 +33,9 @@ Add-PodeRoute -Method Get -Path '/info' -Middleware (Get-PodeAuthMiddleware -Nam
 }
 ```
 
-### Custom Domain
+### Server
 
-If you want to supply a custom DNS domain, then you can supply the `-FQDN` parameter:
+If you want to supply a custom DNS domain, then you can supply the `-Fqdn` parameter:
 
 ```powershell
 Start-PodeServer {
@@ -62,35 +62,3 @@ Start-PodeServer {
     New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Users @('jsnow', 'rsanchez')
 }
 ```
-
-## Linux
-
-The inbuilt authentication only supports Windows, but you can use libraries such as [Novell.Directory.Ldap.NETStandard](https://www.nuget.org/packages/Novell.Directory.Ldap.NETStandard/) with dotnet core on *nix environments:
-
-```powershell
-Start-PodeServer {
-    New-PodeAuthType -Form | Add-PodeAuth -Name 'Login' -ScriptBlock {
-        param ($username, $password)
-
-        Add-Type -Path '<path-to-novell-dll>'
-
-        try {
-            $ldap = New-Object Novell.Directory.Ldap.LdapConnection
-            $ldap.Connect('ad-server-name', 389)
-            $ldap.Bind("<domain>\$username", $password)
-        }
-        catch {
-            return $null
-        }
-        finally {
-            $ldap.Dispose()
-        }
-
-        return @{
-            User = @{
-                Username = "<domain>\$username"
-            }
-        }
-    }
-}
-```
diff --git a/examples/web-auth-form-ad.ps1 b/examples/web-auth-form-ad.ps1
@@ -27,7 +27,7 @@ Start-PodeServer -Threads 2 {
     Enable-PodeSessionMiddleware -Secret 'schwifty' -Duration 120 -Extend
 
     # setup form auth against windows AD (<form> in HTML)
-    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Fqdn $env:USERDNSDOMAIN -Groups @() -Users @()
+    New-PodeAuthType -Form | Add-PodeAuthWindowsAd -Name 'Login' -Groups @() -Users @()
 
 
     # home page: