We have the exact same request. Our customer wants to SSO from their windows workstations to our service. Can you elaborate if using LDAP connector is the way to implement that? The reason I’m asking is that I found this in https://auth0.com/docs/connector/overview:
AD/LDAP Connector and Your Customer’s Servers
The AD/LDAP Connector is designed for scenarios where your company controls the AD/LDAP server. The connector should not be installed on your customer’s servers.
For B2B scenarios where you want to allow your customer’s users to access your applications using their enterprise credentials, connect to your customer’s federation service (e.g., their own Auth0 service, ADFS, or any SAML identity provider) using one of the available enterprise connections.
If you install an AD/LDAP connector on your customer’s servers and it is connected directly to your Auth0 domain, you will have to handle the passwords of your customer’s users directly. Auth0 strongly recommends against these types of deployments and does not support them.
So, what is this the recommended approach for supporting customer wanting windows authentication SSO? I don’t understand why LDAP connector should not be installed on customer sites and if it were, how would that make us responsible for handing their passwords?