如何將用戶輸入的用戶名和密碼與AD組進行比較？

假設我向用戶詢問用戶名和密碼，我如何將這些數據與AD組進行比較以確保此用戶是一個組的成員，並且用戶還爲他或她的帳戶輸入了正確的密碼？我正計劃創建一個只允許組的用戶使用該工具的工具。如何將用戶輸入的用戶名和密碼與AD組進行比較？

$Username = Read-Host 'What is your username?' 

Param(
    [Parameter(Mandatory=$true, Position=0, HelpMessage="Password?")] 
    [SecureString]$password 
) 

$pw = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($password))

來源

2016-03-17 Eddard Stark

'ActiveDirectory'模塊是否可用？你有沒有看看[這個相關的問題]（http://stackoverflow.com/q/290548/1630171）？ –

*假設正在使用的ActiveDirectory的模塊

來驗證用戶是否在廣告羣組的成員：

$Username = Read-Host 'What is your username?' 
$Group = "Your AD Group name" 
$ADUser = Get-ADUser $Username 

If ($ADUser) 
{ 
    $ADGroup = Get-ADGroupMember $Group 
    if ($ADUser.SamAccountName -in ($ADGroup.SamAccountName)) 
    { 
     "Exist" 
    } 
    else 
    { 
     "Not Exist" 
    } 
}

驗證對域AD用戶憑據控制器：

* AD模塊不需要

Add-Type -AssemblyName System.DirectoryServices.AccountManagement 

$Username = Read-Host 'What is your username?' 
$Password = Read-Host 'What is your Password?' 
$Domain = Read-Host 'What is your DOMAIN Name?' 

$ct = [System.DirectoryServices.AccountManagement.ContextType]::Domain 
$pc = New-Object System.DirectoryServices.AccountManagement.PrincipalContext $ct, $Domain 
if ($pc.ValidateCredentials($UserName, $Password)) 
{ 
    "Validated" 
} 

Else 
{ 
    "Invalid Credential" 
}

來源

2016-03-17 09:55:28 Avshalom

如何將用戶輸入的用戶名和密碼與AD組進行比較？

回答

相關問題