I have a working site (fully private) that uses PHP LDAP authentication to control sessions. I'm adding some functionality that uses powershell scripts and in order for them to work I need to use basic authentication in IIS. My concern with switching to basic authentication is that there is no good session control available. Using IIS 7.5 on Windows Server 2008 R2.
1. Am I correct about poor session control in IIS? Specifically inactivity timeouts.
2. Is there a way to pass the PHP LDAP authentication so that it can be used to authenticate the user for powershell access? There are some features and controls in this method I don't want to lose.