Sign in to follow this  
Followers 0
kmps

About Windows user password verification problem

6 posts in this topic

Hello,

I met a strange problem when using the below function to check the windows user password is correct or not.

before I joined the PC into Domain,I can use it to verify local account user's password correct or not

if @error<>0 then

password is not correct

else

correct

endif

but after I joined the PC into Domain,even I input the correct password,it returned @error<>0

Func CheckPassword($userid, $passwordbak)

Local $useridobjhd

$useridobjhd = ObjGet("WinNT://" & @ComputerName & "/" & $userid)

$useridobjhd.ChangePassword ($passwordbak, $passwordbak)

Return @error

EndFunc ;==>CheckPassword

Share this post


Link to post
Share on other sites



Maybe a policy is set which doesn't allow to "change" to the same password ?

I used this func to check USerId/Password and optionally if user is member of a group:

$oMyError = ObjEvent("AutoIt.Error", "ComError")
ConsoleWrite("@LogonDNSDomain:=" & @LogonDNSDomain)
ConsoleWrite("@LogonDomain:=" & @LogonDomain)
msgbox(0,"Validate",UserValidate(@LogonDomain,"unknown-user","userpwd"))
msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd"))
msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupdoesnotexist"))
msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupexist"))
Exit
; Check Valid User/Password and optionally in a group 
Func UserValidate($domain, $UserName, $Password, $InGroup="")
    Local $NameSpace = ObjGet("WinNT:")
    Local $ADS_SECURE_AUTHENTICATION = 0x0001
    Local $DomObj = $NameSpace.OpenDSObject("WinNT://" & $domain , $UserName, $Password, $ADS_SECURE_AUTHENTICATION)
    If @error <> 0 Then Return 0
    If $InGroup <> "" Then
        $objUser = ObjGet("WinNT://" & $Domain & "/" & $UserName)
        For $oGroup in $objUser.Groups
            If $oGroup.Name = $InGroup Then 
                Return 1
            EndIf
        Next
        Return 0
    EndIf
    Return 1
EndFunc 
;COM Error function
Func ComError()
    If IsObj($oMyError) Then
        $HexNumber = Hex($oMyError.number, 8)
        SetError($HexNumber)
    Else
        SetError(1)
    EndIf
    Return 0
EndFunc   ;==>ComError

Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

Hello,would u please tell me how to use your function: UserValidate()?

for example:On my Windows XP sp2,there's a local user account named "normaluser",and my computername is "CHPC",how to call your function to judge this account's password is correct or not?

UserValidate(@computername???,"normalouser",$password,???)

and what's a group???

Anyway,thanks a lot

Maybe a policy is set which doesn't allow to "change" to the same password ?

I used this func to check USerId/Password and optionally if user is member of a group:

$oMyError = ObjEvent("AutoIt.Error", "ComError")
ConsoleWrite("@LogonDNSDomain:=" & @LogonDNSDomain)
ConsoleWrite("@LogonDomain:=" & @LogonDomain)
msgbox(0,"Validate",UserValidate(@LogonDomain,"unknown-user","userpwd"))
msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd"))
msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupdoesnotexist"))
msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupexist"))
Exit
; Check Valid User/Password and optionally in a group 
Func UserValidate($domain, $UserName, $Password, $InGroup="")
    Local $NameSpace = ObjGet("WinNT:")
    Local $ADS_SECURE_AUTHENTICATION = 0x0001
    Local $DomObj = $NameSpace.OpenDSObject("WinNT://" & $domain , $UserName, $Password, $ADS_SECURE_AUTHENTICATION)
    If @error <> 0 Then Return 0
    If $InGroup <> "" Then
        $objUser = ObjGet("WinNT://" & $Domain & "/" & $UserName)
        For $oGroup in $objUser.Groups
            If $oGroup.Name = $InGroup Then 
                Return 1
            EndIf
        Next
        Return 0
    EndIf
    Return 1
EndFunc 
;COM Error function
Func ComError()
    If IsObj($oMyError) Then
        $HexNumber = Hex($oMyError.number, 8)
        SetError($HexNumber)
    Else
        SetError(1)
    EndIf
    Return 0
EndFunc   ;==>ComError

Share this post


Link to post
Share on other sites

Hello,would u please tell me how to use your function: UserValidate()?

for example:On my Windows XP sp2,there's a local user account named "normaluser",and my computername is "CHPC",how to call your function to judge this account's password is correct or not?

UserValidate(@computername???,"normalouser",$password,???)

and what's a group???

Anyway,thanks a lot

Wasn't your question about authenticating against a AD ?

The examples in the script show you how it can be used ... :rolleyes:


Visit the SciTE4AutoIt3 Download page for the latest versions  - Beta files                                How to post scriptsource        Forum Rules
 
Live for the present,
Dream of the future,
Learn from the past.
  :)

Share this post


Link to post
Share on other sites

sorry,maybe my explain is not so clear.my question is :if there's a function which can be used to verify the local account's password (not AD's account) after the PC is add to a Domain.

I had tried to use the following function under my XP Pro SP2,but unfortunately,for my script run as the system service using system account not the normal user account,this function can not work probably.And under my Windows 2000 Pro or even my

Windows XP Pro SP1,this function can work well.

Func _CheckUserPass($sUsername, $sPassword, $sComputerName)

Local $iCheck = True

Opt("RunErrorsFatal", 0)

RunAsSet($sUsername, $sComputerName, $sPassword, 0)

Run(@ComSpec & " /c echo checking password...", @TempDir, @SW_HIDE)

If @error Then $iCheck = False

RunAsSet()

Opt("RunErrorsFatal", 1)

Return $iCheck

EndFunc

And the below function,under my XP PRO SP2,before I add my PC into a domain,it can work well.but after into domain,it failed to complete the password verification

Func CheckPassword($userid, $passwordbak)

Local $useridobjhd

$useridobjhd = ObjGet("WinNT://" & @ComputerName & "/" & $userid)

$useridobjhd.ChangePassword ($passwordbak, $passwordbak)

Return @error

EndFunc ;==>CheckPassword

Wasn't your question about authenticating against a AD ?

The examples in the script show you how it can be used ... :rolleyes:

Share this post


Link to post
Share on other sites

no one can help me???

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0