Script to validate credentials then start a program

  • barios

    SSC Enthusiast

    Points: 187

    Hello, I am trying to compile a script to validate users credentials via a.d and then once validated it proceeds to run a program. At the moment, the credentials are being validated but the credentials are not being passed to run the program. The program launches with my userid rather than the domain users credentials.

    [CmdletBinding()]

    Param (

    [Parameter(Mandatory = $False)]

    [Int]$MaxAttempts = 5

    )

    Add-Type -AssemblyName System.DirectoryServices.AccountManagement

    $UserDomain = $env:USERDOMAIN

    $UserName = "$UserDomain\$env:USERNAME"

    $Attempt = 1

    $CredentialPrompt = "Enter your domain credentials:"

    $ValidAccount = $False

    # Loop through prompting for and validating credentials, until the credentials are confirmed, or the maximum number of attempts is reached.

    Do {

    # Blank any previous failure messages and then prompt for credentials with the custom message and the pre-populated domain\user name.

    $FailureMessage = $Null

    $Credentials = Get-Credential -UserName $UserName -Message $CredentialPrompt

    # Verify the credentials prompt wasn't bypassed.

    If ($Credentials) {

    # If the user name was changed, then switch to using it for this and future credential prompt validations.

    If ($Credentials.UserName -ne $UserName) {

    $UserName = $Credentials.UserName

    }

    # Test the user name (even if it was changed in the credential prompt) and password.

    $ContextType = [System.DirectoryServices.AccountManagement.ContextType]::Domain

    Try {

    $PrincipalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext $ContextType,$UserDomain

    } Catch {

    If ($_.Exception.InnerException -like "*The server could not be contacted*") {

    $FailureMessage = "Could not contact a server for the specified domain. Please try again after a few minutes."

    } Else {

    $FailureMessage = "Unpredicted failure: "$($_.Exception.Message)" Please realunch OnBase"

    }

    }

    # If there wasn't a failure talking to the domain test the validation of the credentials, and if it fails record a failure message.

    If (-not($FailureMessage)) {

    $ValidAccount = $PrincipalContext.ValidateCredentials($UserName,$Credentials.GetNetworkCredential().Password)

    If (-not($ValidAccount)) {

    $FailureMessage = "Incorrect Credentials #$Attempt out of $MaxAttempts."

    }

    }

    # Otherwise the credential prompt was (most likely accidentally) bypassed so record a failure message.

    } Else {

    EXIT

    }

    # If there was a failure message recorded above, display it, and update credential prompt message.

    If ($FailureMessage) {

    Write-Warning "$FailureMessage"

    $Attempt++

    If ($Attempt -lt $MaxAttempts) {

    $CredentialPrompt = "Invalid Credentials:"

    } ElseIf ($Attempt -eq $MaxAttempts) {

    $CredentialPrompt = "Invalid Credentials:"

    }

    }

    } Until (($ValidAccount) -or ($Attempt -gt $MaxAttempts))

    Write-Host ""

    If (-not($ValidAccount)) {

    Write-Host -ForegroundColor Red "You failed $MaxAttempts attempts at providing a valid user credentials. "

    EXIT

    } Else {

    Start-Process powershell -Credential -Credentials -ArgumentList '-noprofile -command &{Start-Process -FilePath "C:\Users\Public\Desktop\program" -verb runas}' -WindowStyle Minimized

    }

    
    
    

    • This topic was modified 3 weeks ago by  barios.
    • This topic was modified 3 weeks ago by  barios.
  • Site Owners

    SSC Guru

    Points: 80378

    Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply