Windows OS Hub
  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux
  • Home
  • About

Windows OS Hub

  • Windows
    • Windows 11
    • Windows Server 2022
    • Windows 10
    • Windows Server 2019
    • Windows Server 2016
  • Microsoft
    • Active Directory (AD DS)
    • Group Policies (GPOs)
    • Exchange Server
    • Azure and Microsoft 365
    • Microsoft Office
  • Virtualization
    • VMware
    • Hyper-V
  • PowerShell
  • Linux

 Windows OS Hub / PowerShell / Validating AD User Credentials with PowerShell

October 8, 2024

Validating AD User Credentials with PowerShell

In PowerShell scripts that prompt for a username and password, you sometimes have to validate the entered user credentials before performing any actions. If the user has entered an incorrect login/password, you must determine this and prompt them again.

To test the credentials of the AD user account against the current Active Directory domain, use the following PowerShell function:

$creds=Get-Credential
Function Test-ADCreds {
param($username, $password)
(New-Object DirectoryServices.DirectoryEntry "",$username,$password).psbase.name -ne $null
}
Test-ADCreds -username $creds.UserName -password $creds.GetNetworkCredential().password

Test AD authentication (credentials) from PowerShell script

Enter the domain username and password (use one of the following formats: username, domain\username, or [email protected] ). The script will return True if the user credentials provided are valid.

PowerShell: Check if an AD account's password is valid

If the script returns False, the possible causes are

  • Invalid username (check that the account exists on a domain) or password
  • The user’s account is disabled or locked in the AD
  • The domain is not available.
The Active Directory PowerShell module (part of RSAT tools) isn’t used in this PowerShell script. This means that it can be used to validate a user’s credentials from any Windows computer.

To connect to a domain controller from a computer in a workgroup or another domain, specify an LDAP connection string. Change line 4 of the script as follows:

(New-Object System.DirectoryServices.DirectoryEntry 'LDAP://DC=woshub,DC=loc', $username, $password).psbase.name -ne $null

Or connect to the domain controller using its IP address:

(New-Object System.DirectoryServices.DirectoryEntry 'LDAP://192.168.100.10', $username, $password).psbase.name -ne $null

If the user is added to the Protected Users domain security group, be sure to specify the username with the domain name in the samAccountName (woshub\username) or userPrincipalName ([email protected]) format. In this case, Kerberos authentication is used instead of NTLM.
0 comment
2
Facebook Twitter Google + Pinterest
PowerShellQuestions and Answers
previous post
Run PowerShell Scripts on a Schedule with Task Scheduler
next post
Check the Software Installation/Removal History in Windows

Related Reading

How to Assign (Passthrough) a Physical GPU to...

June 11, 2024

Extend an Expired User Password in Active Directory

December 23, 2024

Tracking Printer Usage with Windows Event Viewer Logs

March 12, 2024

Adding ESXi Host to VMware vCenter Server (vCSA)

March 12, 2024

Check the Software Installation/Removal History in Windows

October 8, 2024

PowerShell: Configure Certificate-Based Authentication for Exchange Online (Azure)

March 17, 2024

How to Add or Remove Pinned Folders to...

August 11, 2024

Configure File and Folder Access Auditing on Windows...

July 8, 2024

Leave a Comment Cancel Reply

join us telegram channel https://t.me/woshub
Join WindowsHub Telegram channel to get the latest updates!

Recent Posts

  • Map a Network Drive over SSH (SSHFS) in Windows

    May 13, 2025
  • Configure NTP Time Source for Active Directory Domain

    May 6, 2025
  • Cannot Install Network Adapter Drivers on Windows Server

    April 29, 2025
  • Change BIOS from Legacy to UEFI without Reinstalling Windows

    April 21, 2025
  • How to Prefer IPv4 over IPv6 in Windows Networks

    April 9, 2025
  • Load Drivers from WinPE or Recovery CMD

    March 26, 2025
  • How to Block Common (Weak) Passwords in Active Directory

    March 25, 2025
  • Fix: The referenced assembly could not be found error (0x80073701) on Windows

    March 17, 2025
  • Exclude a Specific User or Computer from Group Policy

    March 12, 2025
  • AD Domain Join: Computer Account Re-use Blocked

    March 11, 2025

Follow us

  • Facebook
  • Twitter
  • Telegram
Popular Posts
  • How to Delete Old User Profiles in Windows
  • Fix: Remote Desktop Licensing Mode is not Configured
  • How to Install Remote Server Administration Tools (RSAT) on Windows
  • How to Create UEFI Bootable USB Drive to Install Windows
  • Configuring User Profile Disks (UPD) on Windows Server RDS
  • Wi-Fi (Internet) Disconnects After Sleep or Hibernation on Windows 10/11
  • How to Allow Non-Admin User to Start/Stop Service in Windows
Footer Logo

@2014 - 2024 - Windows OS Hub. All about operating systems for sysadmins


Back To Top