Logon Client for Windows

Seamlessly integrate Windows workstations and servers into any LDAP Directory, RADIUS or Active Directory - with or without an Active Directory join.

Download Trial Request a Demo

Flexible Authentication

Support for password, Smart Card (PKI), FIDO2, OTP tokens, and Smartphone Factors.

Universal LDAP Integration

Connect to any LDAPv3 compliant directory, including OpenLDAP, eDirectory, and even RACF.

Centralized Management

Manage user profiles, group policies, home directories, and logon scripts directly from LDAP.

Full Offline Capability

Securely caches credentials, allowing users to log on to their laptops even without a network connection.

The Core of Your Secure Desktop Infrastructure

The Logon Client acts as a secure bridge between your Windows endpoints and your central identity infrastructure. It authenticates users directly or through the SignOn Proxy, enabling a unified identity across all platforms.

Comtarsia SignOn Product Family Architecture Diagram

Technical Specifications

Built for enterprise environments, the Logon Client offers extensive compatibility and powerful configuration options to meet any security requirement.

Core Functionality

Primary LDAP authentication on the local or virtual desktop via password, smart card, FIDO2, OTP, or smartphone factor. Direct LDAP authentication or via SignOn Proxy. Local User Mode or Domain User Mode with automatic user management by using the SignOn Agent for Active Directory. Active Directory integration without a domain join.

Comtarsia Logon Client screen on Windows

The native Windows Credential Provider offers a seamless user experience.

Core Features:

Native Credential Provider: Integrates perfectly into the Windows logon, unlock, and UAC screens.
Full LDAP Password Policy Support: Enforces password expiry, grace periods, and forced changes on next logon.
Local & Domain User Modes: Automatically creates and manages local users or provisions existing AD domain accounts.
Secure Communication: Ensures all authentication traffic is encrypted using LDAP over TLS.
Powerful Scripting Engine: Run custom scripts with system or user privileges at logon, logoff, or system startup.
Advanced Group & Variable Mapping: Map LDAP groups to local groups and use a flexible variable engine for deep customization.

Supported Platforms

Windows 10, 11
Windows Server 2016, 2019, 2022, 2025

Supported LDAP Directories

Microsoft Active Directory (via LDAP, no domain join required)
OpenLDAP, 389 Directory Server, ApacheDS
NetIQ eDirectory (formerly Novell)
IBM Tivoli & z/OS SecureWay (RACF), Oracle DS, Sun DS
... and any other standard-compliant LDAPv3 directory.

Authentication Plugins

RADIUS
SIP2
Contact us for an individual authentication module.

Ready to Unify Your Windows Authentication?

Discover how the Comtarsia Logon Client can streamline your infrastructure, enhance security, and reduce administrative overhead. Contact our experts for a personalized demo or request a trial license today.

Get in Touch

Desktop & Server Logon

Directory & Proxy Services

Multi-Factor Authentication

Authentication Solutions

Virtual Services & MFA

License Options

Support & Knowledge

Further Information

Our Company