How limit acess to the web portal to another Active directory accounts with the same identity

Hi ,

I dont know of any filter or parameter that could be applied here, I'm afraid.

We have a request to add an oAuth (Google) button to the login page and allow our users to log in either with login/pass (rolebased, AD or whichever) or via oAuth with their Google credentials. The Google accounts are 2FA protected, so the request states that when an admin user logs to the portal, the login method must be oAuth (and rejected otherwise) , whereas normal users can access via their normal  login/password. The request is at the moment *on standby* while we migrate to the Angular project. 

For your case, I guess it is the webdesigner based web portal, I would suggest to have a look at the VI_Common_Login module and the "normal Signin" container where the login button and code are stored. From there you could filter your user accounts and , once logged , reject , logout or redirect the user according to your needs. Not an easy task, but an appealing one :) 

HtH!

Maybe you can try to setup conditional access via the web.config

<configuration>    
     <system.web>    
          <authorization>    
               <allow roles="MYDOMAIN\ITShopUsers" />    
               <deny users="*"/>    
          </authorization>    


<configuration>
   <system.webServer>
      <security>
         <authorization>
            <remove users="*" roles="" verbs="" />
            <add accessType="Allow" users="" roles="Administrators" />