?
Solved

xAuth, oAuth and Active Directory

Posted on 2012-04-02
5
Medium Priority
?
1,728 Views
Last Modified: 2012-04-10
Hello,

Let's say I am a service provider providing online services.

Is it possible to allow users to register on my website using their Facebook, Twitter... and save this information in Active Directory.

On the other hand, if I have users logged in on my website, can they authenticate to Facebook, Twitter without being prompted for their credentials?

Thanks
0
Comment
Question by:slimard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37795874
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37795964
Not natively using AD you can't.  You need to start looking into using ADFS, I haven't done it for your scenario.  There is definitely a learning curve for ADFS.

Thanks

Mike
0
 

Author Comment

by:slimard
ID: 37795978
When you say "not natively", are you answering the first or the second question?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37796158
both, AD out of the box doesn't support either. (AD sync with facebook)

Thanks

Mike
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 2000 total points
ID: 37796261
Hi,

Logging on using another service requires them to logon using the API from the logon provider. In your case Facebook or Twitter.

When it comes to saving their credentials in AD is a bit strange. Because you need some program which will look-up user credentials, passwords and related information for various reasons from logon to user profile etc. These are all application level data. your Active Directory users are simply for management. So Why would you push all users into the AD. In AD I assume you will be using LDAP as a database but in this case you should be developing your program to query and pull authentication and user personal data from the LDAP. Depending on how many registered users are registered to your service there will be a big overhead over your AD. do you really need this? Furthermore you'll need to customize the LDAP fields in order to save extra data which does not exist in AD.

Why not create your application database based and do all this query over the database which is designed for this operation?

Cheers,
K.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses
Course of the Month10 days, 16 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question