Use Active Directory for Application Security

You need authentication and authorization features in .NET applications
Your organization already manages Active Directory Accounts.
So you wonder if you can re-use AD accounts to identify users.

Of course, you can develop an in-house solution to communicate with Active Directory for authentication purposes. You can also develop and maintain a specific user list for your application, independant from Active Directory.

Or you could use Visual Guard. Net. : it provides a ready-to-use solution to manage users authentication with Active Directory accounts.

Visual Guard also offers powerful features such as:
* Defining permissions for each account (what they can do in the application)
* Keeping track of sensitive transactions (Auditing - who did what?)
* Single Sign-on (users do not enter credentials to access each application)
* Mixed-mode authentication: combine AD accounts with application accounts
* and much more...

Use Active Directory for user Authentication

With Visual Guard .NET, you can use Active Directory accounts to authenticate users and define which account can access each .NET application.

When a user tries to enter the application, Visual Guard asks for his credentials, checks the user identity with Active Directory and lets the user access the application if he was authorized to.

Grant roles and authorizations to Active Directory accounts

With Visual Guard .NET, you can grant roles and permissions to AD accounts.
As a result, you define what each user can do within the application (viewing or modifying confidential information, accessing a form, etc.).
Because Visual Guard is a non-intrusive solution, you do not write code in your application to define such role and permissions.
You would do that in a few clicks within Visual Guard Administration console.

Implement Single Sign-on

Visual Guard .Net offers a ready-to-use Single Sign-on solution:
* The user provides his credentials when starting a Windows Session (as usual).
* When the user opens a .NET application, Visual Guard uses the current Windows Account to identify the user et verify if he can access to this application.
* If so, Visual Guard loads the user permissions and dynamically adjust the application to these permissions.
* No matter the type of .NET applications: Visual Guard Single Sign-on is available for .NET winforms, webforms and webservices.

Manage you own user accounts

Depending on your architecture, you may NOT want to use Active Directory accounts. For instance in case of a public website, users can create their account by themselves.
Visual Guard can manage its own user accounts (created and stored within Visual Guard).

Mixed mode authentication? No problem

Visual Guard allows you to implement mixed mode authentication:
In some cases, you need to have mixed mode Authentication. For example both the employees and the customers access your applications. Visual Guard allows you to manage mixed mode authentication. You will use Active Directory/Windows accounts to authenticate Employees, and applications account to authenticate customers.

Multi-user desktop?

Another possibility is to implement Single Sign-On on the desktops of your end users, and to have one or a few desktops available to everyone. On these particular machines, you want to stop Single Sign-on process and to have everyone entering his/her credentials to access the applications. Visual Guard .Net enables you to have this kind of “kiosk” desktop, even if you use Single Sign-on on all other machines.