Solved

xAuth, oAuth and Active Directory

Posted on 2012-04-02
5
1,720 Views
Last Modified: 2012-04-10
Hello,

Let's say I am a service provider providing online services.

Is it possible to allow users to register on my website using their Facebook, Twitter... and save this information in Active Directory.

On the other hand, if I have users logged in on my website, can they authenticate to Facebook, Twitter without being prompted for their credentials?

Thanks
0
Comment
Question by:slimard
5 Comments
 
LVL 17

Expert Comment

by:Anuroopsundd
ID: 37795874
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37795964
Not natively using AD you can't.  You need to start looking into using ADFS, I haven't done it for your scenario.  There is definitely a learning curve for ADFS.

Thanks

Mike
0
 

Author Comment

by:slimard
ID: 37795978
When you say "not natively", are you answering the first or the second question?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37796158
both, AD out of the box doesn't support either. (AD sync with facebook)

Thanks

Mike
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 500 total points
ID: 37796261
Hi,

Logging on using another service requires them to logon using the API from the logon provider. In your case Facebook or Twitter.

When it comes to saving their credentials in AD is a bit strange. Because you need some program which will look-up user credentials, passwords and related information for various reasons from logon to user profile etc. These are all application level data. your Active Directory users are simply for management. So Why would you push all users into the AD. In AD I assume you will be using LDAP as a database but in this case you should be developing your program to query and pull authentication and user personal data from the LDAP. Depending on how many registered users are registered to your service there will be a big overhead over your AD. do you really need this? Furthermore you'll need to customize the LDAP fields in order to save extra data which does not exist in AD.

Why not create your application database based and do all this query over the database which is designed for this operation?

Cheers,
K.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
A great marketing strategy is diverse.  Read about the not so popular, yet effective, marketing tactics you can start using today!
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question