DrLarch Posted July 1, 2025 Posted July 1, 2025 (edited) Didn't want to necro this old post, but asking essentially the same question here. I can't disable UAC like the poster in that old thread did. I need to check if credentials are correct before proceeding. I had no problems with this prior to 22h2 but get inconsistent results now. I'm in a domain environment. Local $iCheck = 1 RunAs($sUsername, $sComputerName, $sPassword, 0, @ComSpec & " /c echo checking password...", @TempDir, @SW_HIDE) If @error Then $iCheck = 0 Here's a full example: expandcollapse popup#NoTrayIcon #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_Icon=C:\Program Files (x86)\AutoIt3\Aut2Exe\Icons\AutoIt_Main_v10_48x48_RGB-A.ico #AutoIt3Wrapper_Compression=0 #AutoIt3Wrapper_UseX64=n #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ---------------------------------------------------------------------------- AutoIt Version: 3.3.14.5 Author: myName Script Function: Template AutoIt script. #ce ---------------------------------------------------------------------------- ; Script Start - Add your code below here #include <EditConstants.au3> #include <ButtonConstants.au3> #include <GUIConstantsEx.au3> Global $sUser = "UserNull", _ $sPassword = "PasswordNull", _ $domain = "mydomain", _ $sAppName = "Test" _GUIGetCreds() Exit ;FUNCTIONS ================================================================================ Func _GUIGetCreds() #Region $Form1 = GUICreate($sAppName, 274, 122, 191, 122) $Input1 = GUICtrlCreateInput("", 116, 8, 149, 24) GUICtrlSetFont(-1, 10, 400, 0, "MS Sans Serif") $Input2 = GUICtrlCreateInput("", 116, 48, 149, 24, $ES_PASSWORD) GUICtrlSetFont(-1, 10, 400, 0, "MS Sans Serif") $Button1 = GUICtrlCreateButton("OK", 176, 80, 89, 33, $BS_DEFPUSHBUTTON) GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif") $Label1 = GUICtrlCreateLabel("Username:", 6, 14, 108, 20) GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif") $Label2 = GUICtrlCreateLabel("Password:", 6, 54, 72, 20) GUICtrlSetFont(-1, 10, 800, 0, "MS Sans Serif") GUISetState(@SW_SHOW) #EndRegion ### END Koda GUI section ### While 1 Sleep(50) $nMsg = GUIGetMsg() Select Case $nMsg = $GUI_EVENT_CLOSE Exit Case $nMsg = $Button1 $sUser = GUICtrlRead($Input1) $sPassword = GUICtrlRead($Input2) If _CheckUserPass($sUser, $sPassword, $domain) Then ExitLoop Else GUICtrlSetData($Input2, "") MsgBox(16, $sAppName, "Bad credentials, please try again") EndIf EndSelect WEnd GUIDelete($Form1) EndFunc ;==>_GUIGetCreds Func _CheckUserPass($sUsername, $sPassword, $sComputerName) Local $iCheck = 1 RunAs($sUsername, $sComputerName, $sPassword, 0, @ComSpec & " /c echo checking password...", @TempDir, @SW_HIDE) If @error Then $iCheck = 0 Return $iCheck EndFunc ;==>_CheckUserPass I'm wondering if there's a better way to check if credentials are valid or not. I looked at the AD UDF but nothing obvious jumped out at me there. Any ideas? Edited July 1, 2025 by DrLarch
rudi Posted July 3, 2025 Posted July 3, 2025 (edited) Try this one: Func IsValidCredential($sUsername, $sPassword, $sDomain) Local $LOGON32_LOGON_NETWORK = 3 Local $LOGON32_PROVIDER_DEFAULT = 0 Local $aRet = DllCall("advapi32.dll", "bool", "LogonUserW", _ "wstr", $sUsername, _ "wstr", $sDomain, _ "wstr", $sPassword, _ "dword", $LOGON32_LOGON_NETWORK, _ "dword", $LOGON32_PROVIDER_DEFAULT, _ "ptr*", 0) If @error Then ConsoleWrite("DLL call error: " & @error & @CRLF) Return False EndIf If $aRet[0] Then ; Optional: close handle DllCall("kernel32.dll", "bool", "CloseHandle", "ptr", $aRet[6]) Return True Else Return False EndIf EndFunc $user=InputBox("username","username") $dom=InputBox("domain","domain") $pwd=InputBox("password","password","","*") If IsValidCredential($user, $pwd, $dom) Then MsgBox(64, "OK", "credentials accepted") Else MsgBox(16, "Failure", "credentials rejected") EndIf Edited July 3, 2025 by rudi argumentum 1 Earth is flat, pigs can fly, and Nuclear Power is SAFE!
DrLarch Posted July 3, 2025 Author Posted July 3, 2025 Hey Rudy - that works great! Thank you so much! I just confirmed it works for me on Win11 with UAC enabled in our domain environment.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now