Any clever way to login to Active directory?

[MrNorth]

Hi!

We are cunrretly developing a solution for compact framework and windows mobile 6.5. The idea is that the user have to login using custom login for on the phone before they can do anything else. Our backend is WCF, and here we have planned to implement an interface based solution where the customer can select between a variety of "AuthenticationSources" one including Active Directory.

Is there any clever way to do this using built in .NET functionality, or do I still have to do it the old fashion way like:

1) Write domain, user and password in the windows mobile login form.

2) send this info using http webservice to the wcf server, where the server check for this device, which is the preferred login source. If it is ad, it will load the ADauthenticator class, peform a LDAP query against the ad selected, and simply return true or false if user passed or not, then the webservice return tru/false to the device.

3) If the return answer is true, the device will store an encrypted registry key on the device indicating to the device client that the user is logged on.

4) If the user select logout, or if the device is restarted, or loses power, the registry key is cleared on boot.

is this a good enough solution? The devices are NOT considered to be members of the actual domain. And this solution should handle a solution with a database source for logins.

kind regards
Henrik

[Estuardo]

G'd Morning Henrik,
I think that you have a nice project on hands !. I just don't understand a couple of things.
1 If mobiles are from your customers, i presume you can't make changes on them. So why to use a windows form if you can do it with asp.net?
2 If logins will be stored in a db why authenticate via LDAP?
3 If mobiles are yours and they run win m5/6/6.5 then they support domain enroll, no need to extra work for authentication.

Regardless of the above mentioned, i'll go for any web solution, since this is (and i think will be for long time) a universal platform.