Hi,

Windows authentication can only work on an intranet/private network/vpn, it can't work over the internet. Windows Authentication is great if its an intranet where all the users use IE, there is a way to make it work with Firefox, but it does not work out of the box. If the user is logged into his machine then he is automatically authenticated using IE and Windows auth.

The LDAP/Active Directory authentication can be used to allow users to access a public facing (ie on the internet) or a private facing intranet web site.

For example if the web server and the ldap or ad server are on the same local network, and the web server is dual homed,  (ie it has 2 network cards, one facing the internet and one facing the LAN), then the web site can authenticate against the local ldap/ad server for internet visitors. The actual ASP.NET authentication used is Forms Authentication, but server side code authenticates the user provided credentials against the ldap/ad server.

Hope it helps,

Joe

Yes, no matter which authentication is used, you can customize user profiles and store custom properties. All roles and permissions are handled internally in mojoportal, ie mojoportal doesn't know about windows roles and permissions, it only knows about whats in the db. So the user signed into windows is signed into the site automatically but its up to you to add him to roles and such.

Hope it helps,

Joe