Re: Authenticate AD (Windows) users and ADAM users

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: "Lee Flight" <lef@xxxxxxxxxxxxxxx>
• Date: Thu, 26 May 2005 21:48:08 +0100

---

Hi

if you can make the ADAM server a member of the AD domain
then you can authenticate the AD users by making a secure LDAP
bind using their AD credetntials to ADAM, it will do the
backend auth against AD for you (bindProxy object in ADAM
is only required if your application can only do a simple LDAP
bind, I do not know enough about JNDI to call that).

Lee Flight

"Joshua" <joshua.shaffner@xxxxxxxxx> wrote in message
news:1117139572.950226.176050@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>I have user objects stored in AD and user objects stored in ADAM. My
> goal is to be able to authenticate users in AD and other users in ADAM.
> Using JNDI/LDAP, I was able to bind/authenticate ADAM users. I am now
> researching on the options to authenticate AD users. So far, the
> options seem to be as follows:
>
> 1) replicate (or sync? whats the diff?) using AD to ADAM synch.
> authenticate AD users stored in ADAM.
>
> Concerns: I don't like the idea of having two datasources holding same
> AD user objects. The data needs to be real time at all time for the app
> will be treated as enterprise and mission critical.
>
> 2) authenicate against AD
>
> Concerns: create two separate authentication processes, one for AD
> users and the other for ADAM users.
>
> 3) authenticate against AD via ADAM (using a bind proxy for AD users?)
>
> Concerns: can a bind proxy be created once for existing and future AD
> users rather than creating/removing a proxy for each AD user, one by
> one?
>
> Am I missing other options? Which one make most sense to you?
>
> Thanks.
>


.

---

• Follow-Ups:
  • Re: Authenticate AD (Windows) users and ADAM users
    • From: Joshua

• References:
  • Authenticate AD (Windows) users and ADAM users
    • From: Joshua

• Prev by Date: Force Delete User
• Next by Date: Re: ADAM
• Previous by thread: Authenticate AD (Windows) users and ADAM users
• Next by thread: Re: Authenticate AD (Windows) users and ADAM users
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: ADAM Authentication ... Your code will be different for authenticating users in ADAM vs. Active ... you need to use simple bind while with AD you ... If you just want to authenticate a user, you only need a bind operation. ... Joe Kaplan-MS MVP Directory Services Programming ... (microsoft.public.windows.server.active_directory) Re: ADAM & SASL Bind for Windows Security Principals ... There are really three bind authentication things you can do with ADAM: ... - Use simple bind to authenticate an ADAM user ... Use simple bind to authenticate Windows user who is configured as a bind ... (microsoft.public.windows.server.active_directory) Re: How Redirect ADAM to AD ? ... If you wish to authenticate your users in AD against ADAM using a simple ... LDAP bind, then a bind proxy is what you want to create. ... In order to be able to authenticate my users with their account AD I ... (microsoft.public.windows.server.active_directory) Re: Adam Sync Issue ... You need to use simple bind in LDP to authenticate an ADAM user. ... (microsoft.public.windows.server.active_directory) Re: ADAM Proxy Bind re-direction ... There are two features in ADAM that allow you to authenticate AD users: ... Bind proxy ... Windows user's credentials to authenticate an Windows ... There are two main reasons to use bind proxy: ... (microsoft.public.windows.server.active_directory)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2005-05