Verify Credentials of AD User

email me

These scripts would be a great addition to any form, where you’re passing AD credentials. These allow you to verify the credentials are correct before continuing.

VBScript

'These values will come from a form
strDomain = "YourDomain"
strUsername = "YourUserName"
strUserPassword = InputBox("","Password")

'Returns True or False
msgbox CheckAccess(strDomain,strUsername,strUserPassword)

Function CheckAccess(strDomain, strUsername, strUserPassword)

	Dim objAD, objADUser, strADPath

	Const ADS_SECURE_AUTHENTICATION = &h0001
	Const ADS_CHASE_REFERRALS_ALWAYS = &H60


	strADPath = "LDAP://" & strDomain & "/OU=Users,DC=" & strDomain

	On Error Resume Next
	set objAD = GetObject("LDAP:")
	set objADUser = objAD.OpenDSObject (strADPath, strUsername, strUserPassword, ADS_SECURE_AUTHENTICATION OR ADS_CHASE_REFERRALS_ALWAYS)
	if Err.Number <> 0 then    
		CheckAccess = False
	else
		CheckAccess = True
	end if
	
	Err.Clear
	On Error Goto 0

	set objAD = Nothing
	set objADUser = Nothing
	set strADPath = Nothing
	strUserPassword = ""
	strUsername = ""
	strDomain = ""        

End Function

PowerShell

$strUserName = "YourUsername"
$strUserPassword = "UserPassword"

CheckAccess $strUserName $strUserPassword 


Function CheckAccess {
   
    if (!($strUserName) -or !($strUserPassword)) {
        Write-Warning 'Please verify your username and password!'
    } else {
        Add-Type -AssemblyName System.DirectoryServices.AccountManagement
        $objAD = New-Object System.DirectoryServices.AccountManagement.PrincipalContext('domain')
        $objAD.ValidateCredentials($strUserName, $strUserPassword)
    }
}