Doubts regarding On-Premise Active Directory

Question

We had to replace the LDAP services and use the AD for some of our j2ee web applications. We were aksed to do a POC using Microsoft Azure AD for the same.We registered our applications, created user/groups and were able to authenticated/authorize users using the ADAL(java) for accessing Azure REST services.

Now the client has given us their On-Premise details (IP and user credentials) and want us to use that. We are quite new to the LDAP/AD services, so now we are not sure how to proceed. We have few questions as below, if someone can guide us it will be great.

1. On Azure we signed in to https://portal.azure.com, created tenant, registered applications, created users/groups etc. How do we go for these in On-Premise AD? Will it be some program like installed application on Windows, when opened it will have a GUI to enter the details or we need to configure the things in files?
2. Can we use the ADAL(Java) again for the same as we don't have other option then Java.
3. Will the On-Premise services be also in form of REST APIs, which can be called using ADAL?

Answer 1

The onprem AD does not provide REST API that you can access using ADAL.

Instead you can use LDAP. AD is actually LDAP under the hood (probably with a lot of proprietary extensions, but you can access an AD Domain Controller using a standard LDAP client library.

I hope that your client hasn't opened that up to the world.

They probably want to look into using Azure ADConnect to synchronize their onprem AD to an Azure AD, which you can then use via ADAL. That is also how Office 365 customers get single sign-on with users' AD credentials in Office 365 (unless they use a more complicated hybrid authentication setup).