none
How to verify local user&password on a remote machine with PowerShell

    Question

  • Hi everyone, Please help me, I am writing a script that can rename,join,rejoin,remove remote computer in domain.

    I need to verify local user and his password on a remote machine. Here is my function:

    Function GetLocalUser

    {

    #ask to input local admin username

    #set it as admin if you press enter

    if (($FLuser = Read-Host "Input local username(press enter for admin)") -eq $null) { $FLuser = "admin" }

    #ask to input password for local user, it can not be blank

    do { $FLPwd = Read-Host "Input"$FLuser"'s password" } while ($FLPwd -eq $null) Write-Host "Verifying..." -BackgroundColor DarkGreen -ForegroundColor Yellow } And now I would like to verify $FLuser and $FLPwd on a remote machine.

    }

    I am novice in power shell and have got stuck, so please help me.

    Thank you.

    Best regards, ZamElek


    • Edited by ZamElek Thursday, August 25, 2011 2:54 PM
    Thursday, August 25, 2011 2:46 PM

Answers

  • gwmi win32_computersystem -computer somepc -credential $cred

    That will return data if the credentials are correct and have permissions, and will fail if they are not correct or if the credentials do not have permissions. However, it does not guarantee that said credentials can do different operations (it might work, it might not). To test that, you will have to try and see if it succeeds.

    Bill

    Thursday, August 25, 2011 3:53 PM
    Moderator

All replies

  • Hi everyone, Please help me, I am writing a script that can rename,join,rejoin,remove remote computer in domain. I need to verify local user and his password on a remote machine. Here my function: Function GetLocalUser { #ask to input local admin username #set it as admin if you press enter if (($FLuser = Read-Host "Input local username(press enter for admin)") -eq $null) { $FLuser = "admin" } #ask to input password for local user, it can not be blank do { $FLPwd = Read-Host "Input"$FLuser"'s password" } while ($FLPwd -eq $null) Write-Host "Verifying..." -BackgroundColor DarkGreen -ForegroundColor Yellow } And now I would like to verify $FLuser and $FLPwd on a remote machine. I am novice in power shell and have got stuck, so please help me. Thank you Best regards, ZamElek


    Please fix you script example. It is not possible to read it as displayed.

     


    jv
    Thursday, August 25, 2011 2:52 PM
  • Hi,

    Why do you need to verify the password?

    Just try the operation. If it fails then the password was not correct.

    Bill

    Thursday, August 25, 2011 2:55 PM
    Moderator
  • Yes you are right, but you loss time if password is not correct. And I want to check it before the scripts start to work.
    ZamElek
    Thursday, August 25, 2011 2:58 PM
  • Hi,

    Imagine if there was a "check if this password is correct" function. What would its behavior be? Wouldn't hackers be able to brute-force attack account passwords with such a function? For this reason (and I am sure there are others), such a function does not exist. The correct behavior is to attempt the operation and check whether it succeeded.

    Bill

    Thursday, August 25, 2011 3:03 PM
    Moderator
  • I understand, that such function doesn't exist. I need some workaround, like netuse command. I connect to the remote machine with my credentials and if this operation success get notification passed else failed.

    :)

     


    ZamElek
    Thursday, August 25, 2011 3:22 PM
  • Hi,

    If the command succeeded, then the credentials are valid, the account has appropriate permissions, etc. If the command failed, then check the error code and/or message (e.g., bad credentials, access denied, etc.). Just because a password is valid doesn't mean that the account has permissions to perform the requested operation.

    Bill

    Thursday, August 25, 2011 3:24 PM
    Moderator
  • Thank you Bill,

    I exactly know that the user is always will be a local admin rights.  Maybe I can use some wmi object or something else? If it is difficult to realize I can skip this step of verification, because it is not so important, but very convenient.


    ZamElek
    Thursday, August 25, 2011 3:34 PM
  • Thank you Bill,

    I exactly know that the user is always will be a local admin rights.  Maybe I can use some wmi object or something else? If it is difficult to realize I can skip this step of verification, because it is not so important, but very convenient.


    ZamElek


    This will do what yo are trying to do

    gwmi win32_computersystem -computer somepc -credential $cred

     


    jv
    Thursday, August 25, 2011 3:44 PM
  • gwmi win32_computersystem -computer somepc -credential $cred

    That will return data if the credentials are correct and have permissions, and will fail if they are not correct or if the credentials do not have permissions. However, it does not guarantee that said credentials can do different operations (it might work, it might not). To test that, you will have to try and see if it succeeds.

    Bill

    Thursday, August 25, 2011 3:53 PM
    Moderator
  • if dcom is disabled on the remote computer than 
    gwmi win32_computersystem -computer somepc -credential $cred
    will not work and will give the same error with error code 0x80070005 as in the case of bad username and password.

    SANYAM JAIN

    Friday, July 26, 2013 12:19 PM
  • Hi,

    This question was marked as answered almost two years ago. If you still need help, please start a new question.

    Bill

    Friday, July 26, 2013 2:24 PM
    Moderator
  • I came across this thread when trying to solve the same problem. Luckily - I was able to find a solution.

    I know I'm 7 years late, but if anyone else needs an answer - here it is:

    https://gallery.technet.microsoft.com/scriptcenter/Verify-the-Local-User-1e365545#content


    Vimal


    • Proposed as answer by VimsShek Friday, April 21, 2017 12:43 PM
    • Edited by VimsShek Friday, April 21, 2017 12:44 PM
    Friday, April 21, 2017 12:43 PM