Solved

xAuth, oAuth and Active Directory

Posted on 2012-04-02
5
1,705 Views
Last Modified: 2012-04-10
Hello,

Let's say I am a service provider providing online services.

Is it possible to allow users to register on my website using their Facebook, Twitter... and save this information in Active Directory.

On the other hand, if I have users logged in on my website, can they authenticate to Facebook, Twitter without being prompted for their credentials?

Thanks
0
Comment
Question by:slimard
5 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
Comment Utility
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
Not natively using AD you can't.  You need to start looking into using ADFS, I haven't done it for your scenario.  There is definitely a learning curve for ADFS.

Thanks

Mike
0
 

Author Comment

by:slimard
Comment Utility
When you say "not natively", are you answering the first or the second question?
0
 
LVL 57

Expert Comment

by:Mike Kline
Comment Utility
both, AD out of the box doesn't support either. (AD sync with facebook)

Thanks

Mike
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 500 total points
Comment Utility
Hi,

Logging on using another service requires them to logon using the API from the logon provider. In your case Facebook or Twitter.

When it comes to saving their credentials in AD is a bit strange. Because you need some program which will look-up user credentials, passwords and related information for various reasons from logon to user profile etc. These are all application level data. your Active Directory users are simply for management. So Why would you push all users into the AD. In AD I assume you will be using LDAP as a database but in this case you should be developing your program to query and pull authentication and user personal data from the LDAP. Depending on how many registered users are registered to your service there will be a big overhead over your AD. do you really need this? Furthermore you'll need to customize the LDAP fields in order to save extra data which does not exist in AD.

Why not create your application database based and do all this query over the database which is designed for this operation?

Cheers,
K.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

This article will take you step-by-step through the basics of ad creation on facebook. You will learn how to create ads for mobile newsfeed, desktop newsfeed, and right column. 1. Login to your Facebook account. In the left column, click on “Crea…
Resolve DNS query failed errors for Exchange
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now