A company I work for develops winforms .net applications in which users are required to login. These applications are deployed in an online environment, e.g desktops in a LAN where the client app connects to a service on a server. The same applications can be deployed 'standalone' in an offline environment, where data is occasionally synced back to the head office whenever there is a connection available.
The head office has an LDAP (Active Directory), but the disconnected environments don't.
Currently, each application has it's own login/password table in a database.
What is a good approach to implement a unified login/password or other authentication mechanism for all custom developed winforms applications in both online and offline situations (?), without
- distributing all logins and passwords to all disconnected installations
- copying the contents of the LDAP to each environment
Is there a way to do this with windows authentication?
EDIT: it doesn't absolutely have to work with AD, but it does have to work offline.