Script to validate credentials then start a program

  • Hello, I am trying to compile a script to validate users credentials via a.d and then once validated it proceeds to run a program. At the moment, the credentials are being validated but the credentials are not being passed to run the program. The program launches with my userid rather than the domain users credentials.


    Param (

    [Parameter(Mandatory = $False)]

    [Int]$MaxAttempts = 5


    Add-Type -AssemblyName System.DirectoryServices.AccountManagement

    $UserDomain = $env:USERDOMAIN

    $UserName = "$UserDomain\$env:USERNAME"

    $Attempt = 1

    $CredentialPrompt = "Enter your domain credentials:"

    $ValidAccount = $False

    # Loop through prompting for and validating credentials, until the credentials are confirmed, or the maximum number of attempts is reached.

    Do {

    # Blank any previous failure messages and then prompt for credentials with the custom message and the pre-populated domain\user name.

    $FailureMessage = $Null

    $Credentials = Get-Credential -UserName $UserName -Message $CredentialPrompt

    # Verify the credentials prompt wasn't bypassed.

    If ($Credentials) {

    # If the user name was changed, then switch to using it for this and future credential prompt validations.

    If ($Credentials.UserName -ne $UserName) {

    $UserName = $Credentials.UserName


    # Test the user name (even if it was changed in the credential prompt) and password.

    $ContextType = [System.DirectoryServices.AccountManagement.ContextType]::Domain

    Try {

    $PrincipalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext $ContextType,$UserDomain

    } Catch {

    If ($_.Exception.InnerException -like "*The server could not be contacted*") {

    $FailureMessage = "Could not contact a server for the specified domain. Please try again after a few minutes."

    } Else {

    $FailureMessage = "Unpredicted failure: "$($_.Exception.Message)" Please realunch OnBase"



    # If there wasn't a failure talking to the domain test the validation of the credentials, and if it fails record a failure message.

    If (-not($FailureMessage)) {

    $ValidAccount = $PrincipalContext.ValidateCredentials($UserName,$Credentials.GetNetworkCredential().Password)

    If (-not($ValidAccount)) {

    $FailureMessage = "Incorrect Credentials #$Attempt out of $MaxAttempts."



    # Otherwise the credential prompt was (most likely accidentally) bypassed so record a failure message.

    } Else {



    # If there was a failure message recorded above, display it, and update credential prompt message.

    If ($FailureMessage) {

    Write-Warning "$FailureMessage"


    If ($Attempt -lt $MaxAttempts) {

    $CredentialPrompt = "Invalid Credentials:"

    } ElseIf ($Attempt -eq $MaxAttempts) {

    $CredentialPrompt = "Invalid Credentials:"



    } Until (($ValidAccount) -or ($Attempt -gt $MaxAttempts))

    Write-Host ""

    If (-not($ValidAccount)) {

    Write-Host -ForegroundColor Red "You failed $MaxAttempts attempts at providing a valid user credentials. "


    } Else {

    Start-Process powershell -Credential -Credentials -ArgumentList '-noprofile -command &{Start-Process -FilePath "C:\Users\Public\Desktop\program" -verb runas}' -WindowStyle Minimized



    • This topic was modified 8 months, 3 weeks ago by  barios.
    • This topic was modified 8 months, 3 weeks ago by  barios.
  • Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply