What does “active directory integration” mean in your .NET app?

Question

Our marketing department comes back with \"active directory integration\" being a key customer request, but our company does not seem to have the attention span to (1) decide on

Answer 1

Is the user signed on to your app by virtue of being signed on to Windows?

To me this is first and foremost what AD integration means (apart from Windows lockin :-). So for example if the organisation has implemented public key login, you get it in your app for nothing.

Do you have to prove your login process protects user passwords?

You should typically never even see a password if you're using AD, unless you have some legacy NT4 around (certainly shouldn't have to store a password).

Do administrators assign users to security groups within your app or outside via AD? Does it matter?

Via AD. After single sign on, a major benefit would be to be able to use any AD tools you have to security admin the application, report on permissions, create ACLs, etc. You shouldn't have to reinvent this stuff for every application.