Solved

xAuth, oAuth and Active Directory

Posted on 2012-04-02
5
1,725 Views
Last Modified: 2012-04-10
Hello,

Let's say I am a service provider providing online services.

Is it possible to allow users to register on my website using their Facebook, Twitter... and save this information in Active Directory.

On the other hand, if I have users logged in on my website, can they authenticate to Facebook, Twitter without being prompted for their credentials?

Thanks
0
Comment
Question by:slimard
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37795874
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37795964
Not natively using AD you can't.  You need to start looking into using ADFS, I haven't done it for your scenario.  There is definitely a learning curve for ADFS.

Thanks

Mike
0
 

Author Comment

by:slimard
ID: 37795978
When you say "not natively", are you answering the first or the second question?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37796158
both, AD out of the box doesn't support either. (AD sync with facebook)

Thanks

Mike
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 500 total points
ID: 37796261
Hi,

Logging on using another service requires them to logon using the API from the logon provider. In your case Facebook or Twitter.

When it comes to saving their credentials in AD is a bit strange. Because you need some program which will look-up user credentials, passwords and related information for various reasons from logon to user profile etc. These are all application level data. your Active Directory users are simply for management. So Why would you push all users into the AD. In AD I assume you will be using LDAP as a database but in this case you should be developing your program to query and pull authentication and user personal data from the LDAP. Depending on how many registered users are registered to your service there will be a big overhead over your AD. do you really need this? Furthermore you'll need to customize the LDAP fields in order to save extra data which does not exist in AD.

Why not create your application database based and do all this query over the database which is designed for this operation?

Cheers,
K.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question