How to use cached active directory when my Windows Store App client is offline

Question

I am developing a Windows Store App for a business. The client application connects to a server and may only login to the server if it has the correct credentials and belongs to the correct domain.

But when there is no connection available for the client app to connect to the server, the user must use the cached user credentials provided by Active Directory so that the user may work offline. The problem is that Windows Store Apps uses Azure Active Directory so I have to be connected to the internet.

I would like to be able to search for the user and verify credentials, almost in the following manner using the DirectoryEntry and DirectorySearcher classes located in the System.DirectoryServices namespace of a normal Desktop Windows application:

DirectoryEntry directoryEntry = new DirectoryEntry("LDAP://" + domain, username, password, AuthenticationTypes.Secure);
DirectorySearcher directorySearcher = new DirectorySearcher(directoryEntry);
directorySearcher.FindOne();

Answer 1

Actually there is a conflict in what you are trying to achieve:

• you use an active directory to be able to authenticate somebody against a central user repository (which is much harder to be hacked than any local user credential representation)
• you do not want to use a central active directory because it costs you internet connection

Others do following:

• anything which can be done without authentication gets allowed on clients without authentication (eg. create a draft version of something, prepare a change proposal)
• anything which is required to be done in an authenticated manner requires real authentication with real internet connection (check in drafts to become active, apply changes)

Usually that is, where such software projects become 2-10 times as complex as authentication-only or no-authentication projects. Good luck.