Active Directory Infrastructure - Real Domain.
Most people in the IT world will be familiar with the term domain on an IT network. The most common type of domain would be created in Microsoft Active Directory and is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database. The DualSheid Authentication server can connect to this domain via an identity source using the LightWeight Directory Access Protocol or LDAP for short.
...
For Windows Logon to work on an AD bound workstation, The first stage of authentication is usually the user account name (or logon name) plus the password. Dualshield can check these credentials against the Active Directory Database. Once these have been verified DualShield will then check the second factor, whether it be a one-time password, On-demand password or Push notification against it's own internal database to make are these are correct or Push is authorised, before successfully logging the end-user on to their work station.
Stand alone Infrastructure - Virtual Domain
There are some IT networks that do not require AD domain joined machines. It could be a small company with a hand full of PCs that only access a NAS, or with the worldwide changing landscape of how people work today, more and more people are working from home, so there will be no need to join the laptop to an AD domain, because once the user gets the machine home, there is no domain, on the home network to authentication.
...
The diagram below shows how Logon Client communicates to the DualShield Authentications Server (DAS) via Logon agent, and how the Authentication server connects to either the internal SQL Identity Source or External LDAP Identity source and uses them as an authentication domain.
