I need to implement a company website that would be accessed from the outside of the company. It is required that the users are able to login with the same credentials as they access the company network (Active Directory). I initially thought of using ADFS but it seems that I can't access information about other users. I need to be able to list other users, get what groups they belong to, etc. It is also possible that I might have the need to modify information about users in the server.
I have no experience with anyting related to Active Directory. Is using LDAP directly with custom authentication a better alternative? Any advice or corrections?