Hello, I am trying to run a script to validate users credentials via a.d and then once validated it proceeds to run a program. At the moment, the credentials are being validated but the credentials are not being passed to run the program. The program launches with my userid rather than the entered domain user credentials.
[CmdletBinding()]
Param (
[Parameter(Mandatory = $False)]
[Int]$MaxAttempts = 5
)
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$UserDomain = $env:USERDOMAIN
$UserName = "$UserDomain\$env:USERNAME"
$Attempt = 1
$CredentialPrompt = "Enter your domain credentials:"
$ValidAccount = $False
# Loop through prompting for and validating credentials, until the credentials are confirmed, or the maximum number of attempts is reached.
Do {
# Blank any previous failure messages and then prompt for credentials with the custom message and the pre-populated domain\user name.
$FailureMessage = $Null
$Credentials = Get-Credential -UserName $UserName -Message $CredentialPrompt
# Verify the credentials prompt wasn't bypassed.
If ($Credentials) {
# If the user name was changed, then switch to using it for this and future credential prompt validations.
If ($Credentials.UserName -ne $UserName) {
$UserName = $Credentials.UserName
}
# Test the user name (even if it was changed in the credential prompt) and password.
$ContextType = [System.DirectoryServices.AccountManagement.ContextType]::Domain
Try {
$PrincipalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext $ContextType,$UserDomain
} Catch {
If ($_.Exception.InnerException -like "*The server could not be contacted*") {
$FailureMessage = "Could not contact a server for the specified domain. Please try again after a few minutes."
} Else {
$FailureMessage = "Unpredicted failure: "$($_.Exception.Message)" Please realunch OnBase"
}
}
# If there wasn't a failure talking to the domain test the validation of the credentials, and if it fails record a failure message.
If (-not($FailureMessage)) {
$ValidAccount = $PrincipalContext.ValidateCredentials($UserName,$Credentials.GetNetworkCredential().Password)
If (-not($ValidAccount)) {
$FailureMessage = "Incorrect Credentials #$Attempt out of $MaxAttempts."
}
}
# Otherwise the credential prompt was (most likely accidentally) bypassed so record a failure message.
} Else {
EXIT
}
# If there was a failure message recorded above, display it, and update credential prompt message.
If ($FailureMessage) {
Write-Warning "$FailureMessage"
$Attempt++
If ($Attempt -lt $MaxAttempts) {
$CredentialPrompt = "Invalid Credentials:"
} ElseIf ($Attempt -eq $MaxAttempts) {
$CredentialPrompt = "Invalid Credentials:"
}
}
} Until (($ValidAccount) -or ($Attempt -gt $MaxAttempts))
Write-Host ""
If (-not($ValidAccount)) {
Write-Host -ForegroundColor Red "You failed $MaxAttempts attempts at providing a valid user credentials. "
EXIT
} Else {
Start-Process powershell -Credential -Credentials -ArgumentList '-noprofile -command &{Start-Process -FilePath "C:\Users\Public\Desktop\program" -verb runas}' -WindowStyle Minimized
}
[Start-Process], InvalidOperationException