How to authenticate against Active Directory with WinNT:// provider?

Posted on 2009-05-09
Last Modified: 2012-05-06
Hi, I got the following code from microsoft website to authenticate against AD but this code only valid with LDAP and not with WinNT:// because it uses DirectorySearcher which is not supported by WinNT://
How can I modify it to autheiticate agains AD with WinNT:// ?
Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean
            Dim domainAndUsername As String = domain & "\" & username
            Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)
                'Bind to the native AdsObject to force authentication.			
                Dim obj As Object = entry.NativeObject
                Dim search As DirectorySearcher = New DirectorySearcher(entry)
                search.Filter = "(SAMAccountName=" & username & ")"
                Dim result As SearchResult = search.FindOne()
                If (result Is Nothing) Then
                    Return False
                End If
                'Update the new path to the user in the directory.
                _path = result.Path
                _filterAttribute = CType(result.Properties("cn")(0), String)
            Catch ex As Exception
                Throw New Exception("Error authenticating user. " & ex.Message)
            End Try
            Return True
        End Function

Open in new window

Question by:Abdu_Allah
  • 3
  • 2

Expert Comment

ID: 24349554
Not sure if this is what you are looking for:

Set objComputer = GetObject("WinNT://MyDomain/TestComputer,computer")
Set objGroup = GetObject("WinNT://MyComputer/TestGroup,group")
Set objUser = GetObject("WinNT://MyDC/MyDomain/JohnDoe,user")

Above 3 examples how to bind different type of object.

Is that method you looking for or you have more specific need?

Author Comment

ID: 24353104
>Is that method you looking for or you have more specific need?
No that is not what I want , all what I want  is to verify that the user is exist and if so check if the password he provided match the one that is stored in the AD (Authentication process.)

Accepted Solution

qf3l3k earned 500 total points
ID: 24354034
Maybe this piece of code will work for you then:

On Error Resume Next

Set dso = GetObject("WinNT:")
Set lobjUser = dso.OpenDSObject("WinNT://DOMAIN", "DOMAIN\username", "abc123", 1)

WScript.Echo Err.Number

If Err.Number = 0 Then
      AuthenticateUser = 0
      WScript.Echo "Authenticated"

      AuthenticateUser = 1 'not authenticated
      WScript.Echo "Not Authenticated"
End If

Hope that will be a bit of a help?

Expert Comment

ID: 24354052
In fact one more thing. I did test it in VBscript, that's why code is minimal.

Author Comment

ID: 24354482
This is a VB 6 not .NET!

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question