How to authenticate against Active Directory with WinNT:// provider?

Posted on 2009-05-09
Last Modified: 2012-05-06
Hi, I got the following code from microsoft website to authenticate against AD but this code only valid with LDAP and not with WinNT:// because it uses DirectorySearcher which is not supported by WinNT://
How can I modify it to autheiticate agains AD with WinNT:// ?
Public Function IsAuthenticated(ByVal domain As String, ByVal username As String, ByVal pwd As String) As Boolean
            Dim domainAndUsername As String = domain & "\" & username
            Dim entry As DirectoryEntry = New DirectoryEntry(_path, domainAndUsername, pwd)
                'Bind to the native AdsObject to force authentication.			
                Dim obj As Object = entry.NativeObject
                Dim search As DirectorySearcher = New DirectorySearcher(entry)
                search.Filter = "(SAMAccountName=" & username & ")"
                Dim result As SearchResult = search.FindOne()
                If (result Is Nothing) Then
                    Return False
                End If
                'Update the new path to the user in the directory.
                _path = result.Path
                _filterAttribute = CType(result.Properties("cn")(0), String)
            Catch ex As Exception
                Throw New Exception("Error authenticating user. " & ex.Message)
            End Try
            Return True
        End Function

Open in new window

Question by:Abdu_Allah
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Expert Comment

ID: 24349554
Not sure if this is what you are looking for:

Set objComputer = GetObject("WinNT://MyDomain/TestComputer,computer")
Set objGroup = GetObject("WinNT://MyComputer/TestGroup,group")
Set objUser = GetObject("WinNT://MyDC/MyDomain/JohnDoe,user")

Above 3 examples how to bind different type of object.

Is that method you looking for or you have more specific need?

Author Comment

ID: 24353104
>Is that method you looking for or you have more specific need?
No that is not what I want , all what I want  is to verify that the user is exist and if so check if the password he provided match the one that is stored in the AD (Authentication process.)

Accepted Solution

qf3l3k earned 500 total points
ID: 24354034
Maybe this piece of code will work for you then:

On Error Resume Next

Set dso = GetObject("WinNT:")
Set lobjUser = dso.OpenDSObject("WinNT://DOMAIN", "DOMAIN\username", "abc123", 1)

WScript.Echo Err.Number

If Err.Number = 0 Then
      AuthenticateUser = 0
      WScript.Echo "Authenticated"

      AuthenticateUser = 1 'not authenticated
      WScript.Echo "Not Authenticated"
End If

Hope that will be a bit of a help?

Expert Comment

ID: 24354052
In fact one more thing. I did test it in VBscript, that's why code is minimal.

Author Comment

ID: 24354482
This is a VB 6 not .NET!

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question