I have the following scenario that i will start to develop very soon, but im still confused what is the best way to implement the authentication in this case:
Scenario: i’am developing an intranet web application, users are authenticated through Active Directory and windows authentication but they might access it from another machine (not windows) and asked to enter the AD credentials, the roles for these users are saved in the Database we have around 2000 user so it’s very hard to add user by user to the database and then to map them into the roles. so i need your suggestion in this case what is the best approach windows authentication or mixed authentication forms authenticating from LDAP, and any idea how to map the users directly to database ??
p.s the groups are not identified correctly in the AD that’s why we will manage them in our DB.
Thanks for your help
You’re going down the right path using Windows Authentication – that should handle authenticating users to your AD. As far as the database is concerned, I would recommend writing a little piece of code within your application that auto generates the user record on the back end when a user logs into the system for the first time. I’m guessing any user that authenticates against your AD is allowed in the application, which is the only way this method would work.
There are many examples of interacting with AD via csharp, but here’s a start:
http://www.ianatkinson.net/computing/adcsharp.htm
Let me know if you need more help, good luck!