How to check if an AD account’s password is valid

December 22, 2024 at 10:47 am Leave a comment

Dear Folks

When we perform large scale user creation or migration in AD environment , we look for a way to verify the exported passwords are working fine. Most of the time , we rely on a domain joined computer to login with the AD user and verify the credentials are correct or not.

However , There is a better way to do this test from the Domain Controller itself using a PS script.

The Script.

====================================================================

$cred = Get-Credential #Read credentials
$username = $cred.username
$password = $cred.GetNetworkCredential().password

# Get current domain using logged-on user’s credentials
$CurrentDomain = “LDAP://” + ([ADSI]””).distinguishedName
$domain = New-Object System.DirectoryServices.DirectoryEntry($CurrentDomain,$UserName,$Password)

if ($domain.name -eq $null)
{
write-host “Authentication failed – please verify your username and password.”
exit #terminate the script.
}
else
{
write-host “Successfully authenticated with domain $domain.name”
}

====================================================================

Source:http://serverfault.com/questions/276098/check-if-user-password-input-is-valid-in-powershell-script

Entry filed under: HOW To's.