locked
Desktop login against custom user store RRS feed

  • Question

  • We have a Custom User store which has all the user details like username, password hashes, roles etc in a SQL server database. Currently user can authenticate/authorize against it using following 3 options

     1> using interfaces exposed over WCF by passing his credential.

    2> over Radius protocol (using Windows NPS/IAS service with plug-ins for authentication/authorization).

    3> over REST with OpenID Connect ( using IdentitiyServer3 framework).

    We want to integrate this with windows Active directory and want desktop login to authenticate against custom user store and not active directory depending on whether user is member of AD or member of user store.

    - we Don't want to use Custom Windows credential provider. Tried pGina also. Not Suitable for us.

    - we were able to successfully integrate with ADFS (windows server 2016) using OpenIDConnect/WS-Federation. But don't know how to link Desktop login with ADFS.

    We are ready for writing LDAP wrapper around our User Store if it is required.

    Is it possible to make windows desktop login work for the above scenario?

    Please let me know if more information required.

    Thanks/-

    • Moved by Kallen Wang Wednesday, April 3, 2019 2:57 AM
    Tuesday, April 2, 2019 3:23 PM

All replies

  • Two ways:

    • Desktop is native so use the ADAL / MSAL library
    • Use identityserver and create a custom AD user store. So identityserver authenticates against AD

    Wednesday, April 10, 2019 6:58 PM
  • Hi,

    By desktop login I meant - On a Terminal PC connected to a active directory, press Ctrl+Alt+Del and enter user credentials of user from Custom user store.It should login the user to PC by authenticating the user against custom user store and not active directory.

    Thanks/-



    • Edited by Ngblr Thursday, April 11, 2019 9:04 AM
    Thursday, April 11, 2019 8:46 AM