We have a Custom User store which has all the user details like username, password hashes, roles etc in a SQL server database. Currently user can authenticate/authorize against it using following 3 options
1> using interfaces exposed over WCF by passing his credential.
2> over Radius protocol (using Windows NPS/IAS service with plug-ins for authentication/authorization).
3> over REST with OpenID Connect ( using IdentitiyServer3 framework).
We want to integrate this with windows Active directory and want desktop login to authenticate against custom user store and not active directory depending on whether user is member of AD or member of user store.
- we Don't want to use Custom Windows credential provider. Tried pGina also. Not Suitable for us.
- we were able to successfully integrate with ADFS (windows server 2016) using OpenIDConnect/WS-Federation. But don't know how to link Desktop login with ADFS.
We are ready for writing LDAP wrapper around our User Store if it is required.
Is it possible to make windows desktop login work for the above scenario?
Please let me know if more information required.
Thanks/-
