I have an intranet on a remote Web server. This will be integrated with Active Directory on our local server. The web server is running Apache / Linux and the AD server is running Windows 2003. This is all done with VPN.

Login to the intranet is conducted in two ways: 1. Users who are logged in to AD to be logged in automatically with SSO. 2. Users who are NOT logged in to AD to be logged in using a common login form.

In order to auto login (SSO) I use mod_auth_ntlm_winbind. The problem here is that the users not logged in to AD will get a popup box where they must enter their DOMAIN/username + AD password. If I disable this popup, there is no way to get $_SERVER['REMOTE_USER']

Then my question:

Is it possible to turn off this popup box and still get the REMOTE_USER?

Or:

If possible, can I use AJAX to check if http://my-intranet/auth returns 401 error (non-AD users). If so, do not go to the /auth folder.