Integration with Active Directory

Authenticate application users with their Windows accounts and implement Single Sign-On

Why integrate Active Directory with your applications?

Integrate Active Directory (AD) with your business applications (PowerBuilder, .NET, Angular, etc.) to simplify user management, secure access and provide a seamless user experience thanks to Single Sign-On authentication.

Streamline user account management

Applications can use existing Active Directory, Azure AD or Entra ID accounts directly. With automatic synchronization of information, there's no need to recreate or maintain application-specific user lists.

Improve the User Experience

Once logged into Windows with their usual credentials, single sign-on allows users to connect to all applications without entering passwords.

Centralize Security

User authorizations are centralized in a single repository for all applications.

Implement Single Sign-On

Implementing Single Sign-On with Visual Guard

Authentication with a Windows Account

  • Account creation: Windows administrators set up user accounts in Active Directory.
  • Import into Visual Guard: Accounts are synchronized in Visual Guard.
  • Role configuration: Developers or security managers create roles in Visual Guard and define associated permissions.
  • Role assignment: User accounts are assigned to roles corresponding to their permissions.
  • User logon: Users log on to Windows with their usual credentials.
  • Authorization validation: When an application is launched, Visual Guard retrieves the Windows account ID and checks the configured permissions.
  • Apply permissions: If the account is authorized, Visual Guard applies the defined permissions.

Benefit:

Users only need to log in once when they open their Windows session to access all their authorized applications.

Windows group management

  • Creating accounts and groups: Windows administrators create user accounts in Active Directory and attach them to Windows groups.
  • Import into Visual Guard: Windows groups are synchronized in Visual Guard.
  • Role configuration: Developers or security managers create roles in Visual Guard and define permissions for each group.
  • User login: Users log in to Windows with their usual credentials.
  • Authorization validation: When an application is launched, Visual Guard queries Active Directory to identify the groups associated with the user account. Visual Guard checks whether a group to which the user belongs has the rights required for the application.
  • Apply permissions: If allowed, Visual Guard loads and applies the granted permissions.

Benefits :

  • Seamless user experience thanks to SSO
  • Developers or security managers manage permissions via groups in Visual Guard, simplifying access maintenance.
  • Daily user account provisioning and maintenance is only done in Active Directory.

Highlights of Visual Guard Active Directory Integration

Wide Compatibility

Works with Active Directory (Windows Server), Azure AD, and Entra ID, and many application environments such as .NET, Angular, Java, and PowerBuilder.

Automated Management
 

Direct synchronization of accounts and groups from Active Directory.

Full traceability
 

Connection history and user activity tracking.

High security
 

Possibility of adding a multi-factor authentication for sensitive applications or operations.

Fast and easy implementation

Setting up an SSO system with Visual Guard is fast, efficient and adapts to your technical constraints and security policy.

  • Turnkey configuration : Visual Guard offers comprehensive APIs, as well as ready-to-use tools (WinConsole, WebConsole) to simplify Active Directory integration and the management of groups and associated permissions.
  • Support for complex and hybrid environments: Whether your applications are on-premise or in the cloud, Visual Guard integrates easily, even in complex environments. Thanks to ADFS support, even Windows accounts defined in separate “forests” can be used to access a system secured by Visual Guard. Learn more about identity federation.
  • Minimal impact: Thanks to Visual Guard's modular architecture, integration requires no major modifications to your existing applications.