none
Active Directory with secondary authentication RRS feed

  • Question

  • hi

    is it possible to create secondary authentication check with ad?

    so that the user need to enter:

    ad user name:

    ad password:

    ad extra filed, for example his phone number:

    (or any other ADSI attribute)

    ?

    Sunday, May 1, 2011 2:28 PM

Answers

  • Hi Ariel,

    It is and I see what you're trying to do, but I wouldn't suggest you go down this road. If you wish to use an additional "token" as part of the authentication process than I'd suggest using an additional authentication source (e.g. OTP) chained to a challenge/response on the AD password, rather than trying to use an attribute in AD that isn't a secret.....

    Regards,

    Mylo

    • Marked as answer by Erez Benari Wednesday, May 4, 2011 11:26 PM
    Monday, May 2, 2011 9:24 PM

All replies

  • Hi Ariel,

    It is and I see what you're trying to do, but I wouldn't suggest you go down this road. If you wish to use an additional "token" as part of the authentication process than I'd suggest using an additional authentication source (e.g. OTP) chained to a challenge/response on the AD password, rather than trying to use an attribute in AD that isn't a secret.....

    Regards,

    Mylo

    • Marked as answer by Erez Benari Wednesday, May 4, 2011 11:26 PM
    Monday, May 2, 2011 9:24 PM
  • so It's possible, but you just do not recommend it?
    Monday, May 23, 2011 9:44 AM