I am writing an app that will be run on a Windows Mobile device, in a Windows network with Active Directory. When the app is started, I need to ask the user for a username and password that can be authenticated against Active Directory. There does not seem to be support for directory Services within the Compact Framework. I haven't been able to find any easy way to do this so far.

One workaround was to set up SQL Server to look at the AD data as a linked server. This seems like too much extra work.

Another option was to have a server-based service running which I could use to authenticate somehow for me. My app would connect this service over TCP/IP or something and pass it the username/password, then receive a response as to if it is valid or not.

It seems that there would be an easier way to do this. I also haven't found any decent info about it, but I am hoping someone has done it before. Any help would be appreciated.

If you go down the SQL route, you will have toi make sure you get it right from a security perspective or you will create a nice big back door for yourself or an attacker.

You could create a secure a web service, and then have the application ask the web service if you are authentcated or not. You can get the web service to query the HTTP_AUTH server variable and send back the user name or some sort of hash. Make sure you encrypt the transaction using SSL though or it will not be secure.

I cant think of any other way to do it.

Cheers

Well, thanksfor the info. I haven't worked on this lately due to other things, but it seems that the requirements have changed slightly. We will go from a client-only app to somewhat of a client-server design, with the server portion running as a service on a machine that can do the authentication. Using secure TCPIP comm between the two, various information will be sent back and forth, and the authentication can be part of that.
So, I guess it sort of got resolved in one manner. Thanks, though.