kmps Posted June 19, 2007 Share Posted June 19, 2007 Hello, I met a strange problem when using the below function to check the windows user password is correct or not. before I joined the PC into Domain,I can use it to verify local account user's password correct or not if @error<>0 then password is not correct else correct endif but after I joined the PC into Domain,even I input the correct password,it returned @error<>0 Func CheckPassword($userid, $passwordbak) Local $useridobjhd $useridobjhd = ObjGet("WinNT://" & @ComputerName & "/" & $userid) $useridobjhd.ChangePassword ($passwordbak, $passwordbak) Return @error EndFunc ;==>CheckPassword Link to comment Share on other sites More sharing options...
Developers Jos Posted June 19, 2007 Developers Share Posted June 19, 2007 Maybe a policy is set which doesn't allow to "change" to the same password ? I used this func to check USerId/Password and optionally if user is member of a group: $oMyError = ObjEvent("AutoIt.Error", "ComError") ConsoleWrite("@LogonDNSDomain:=" & @LogonDNSDomain) ConsoleWrite("@LogonDomain:=" & @LogonDomain) msgbox(0,"Validate",UserValidate(@LogonDomain,"unknown-user","userpwd")) msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd")) msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupdoesnotexist")) msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupexist")) Exit ; Check Valid User/Password and optionally in a group Func UserValidate($domain, $UserName, $Password, $InGroup="") Local $NameSpace = ObjGet("WinNT:") Local $ADS_SECURE_AUTHENTICATION = 0x0001 Local $DomObj = $NameSpace.OpenDSObject("WinNT://" & $domain , $UserName, $Password, $ADS_SECURE_AUTHENTICATION) If @error <> 0 Then Return 0 If $InGroup <> "" Then $objUser = ObjGet("WinNT://" & $Domain & "/" & $UserName) For $oGroup in $objUser.Groups If $oGroup.Name = $InGroup Then Return 1 EndIf Next Return 0 EndIf Return 1 EndFunc ;COM Error function Func ComError() If IsObj($oMyError) Then $HexNumber = Hex($oMyError.number, 8) SetError($HexNumber) Else SetError(1) EndIf Return 0 EndFunc ;==>ComError SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
kmps Posted June 20, 2007 Author Share Posted June 20, 2007 Hello,would u please tell me how to use your function: UserValidate()? for example:On my Windows XP sp2,there's a local user account named "normaluser",and my computername is "CHPC",how to call your function to judge this account's password is correct or not? UserValidate(@computername???,"normalouser",$password,???) and what's a group??? Anyway,thanks a lot Maybe a policy is set which doesn't allow to "change" to the same password ? I used this func to check USerId/Password and optionally if user is member of a group: $oMyError = ObjEvent("AutoIt.Error", "ComError") ConsoleWrite("@LogonDNSDomain:=" & @LogonDNSDomain) ConsoleWrite("@LogonDomain:=" & @LogonDomain) msgbox(0,"Validate",UserValidate(@LogonDomain,"unknown-user","userpwd")) msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd")) msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupdoesnotexist")) msgbox(0,"Validate",UserValidate(@LogonDomain,"Okuser","userpwd","groupexist")) Exit ; Check Valid User/Password and optionally in a group Func UserValidate($domain, $UserName, $Password, $InGroup="") Local $NameSpace = ObjGet("WinNT:") Local $ADS_SECURE_AUTHENTICATION = 0x0001 Local $DomObj = $NameSpace.OpenDSObject("WinNT://" & $domain , $UserName, $Password, $ADS_SECURE_AUTHENTICATION) If @error <> 0 Then Return 0 If $InGroup <> "" Then $objUser = ObjGet("WinNT://" & $Domain & "/" & $UserName) For $oGroup in $objUser.Groups If $oGroup.Name = $InGroup Then Return 1 EndIf Next Return 0 EndIf Return 1 EndFunc ;COM Error function Func ComError() If IsObj($oMyError) Then $HexNumber = Hex($oMyError.number, 8) SetError($HexNumber) Else SetError(1) EndIf Return 0 EndFunc ;==>ComError Link to comment Share on other sites More sharing options...
Developers Jos Posted June 20, 2007 Developers Share Posted June 20, 2007 Hello,would u please tell me how to use your function: UserValidate()?for example:On my Windows XP sp2,there's a local user account named "normaluser",and my computername is "CHPC",how to call your function to judge this account's password is correct or not?UserValidate(@computername???,"normalouser",$password,???)and what's a group???Anyway,thanks a lotWasn't your question about authenticating against a AD ? The examples in the script show you how it can be used ... SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
kmps Posted June 20, 2007 Author Share Posted June 20, 2007 sorry,maybe my explain is not so clear.my question is :if there's a function which can be used to verify the local account's password (not AD's account) after the PC is add to a Domain.I had tried to use the following function under my XP Pro SP2,but unfortunately,for my script run as the system service using system account not the normal user account,this function can not work probably.And under my Windows 2000 Pro or even my Windows XP Pro SP1,this function can work well.Func _CheckUserPass($sUsername, $sPassword, $sComputerName) Local $iCheck = True Opt("RunErrorsFatal", 0) RunAsSet($sUsername, $sComputerName, $sPassword, 0) Run(@ComSpec & " /c echo checking password...", @TempDir, @SW_HIDE) If @error Then $iCheck = False RunAsSet() Opt("RunErrorsFatal", 1) Return $iCheckEndFuncAnd the below function,under my XP PRO SP2,before I add my PC into a domain,it can work well.but after into domain,it failed to complete the password verificationFunc CheckPassword($userid, $passwordbak)Local $useridobjhd$useridobjhd = ObjGet("WinNT://" & @ComputerName & "/" & $userid)$useridobjhd.ChangePassword ($passwordbak, $passwordbak)Return @errorEndFunc ;==>CheckPasswordWasn't your question about authenticating against a AD ? The examples in the script show you how it can be used ... Link to comment Share on other sites More sharing options...
kmps Posted June 22, 2007 Author Share Posted June 22, 2007 no one can help me??? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now