Verify AD User Password

I understand that no secure application has the ability to retrieve a password by using a mere script, but I was wondering if it’s possible to at least verify if an entered password is correct using PowerShell.

I need to build a script that will allow a user to change his AD password, but for that to be possible, he/she needs to enter his current password. I will then perform a check to see if the current entered password is correct before proceeding.

I tried to verify the current attributes that a Get-ADUser can return, but i can’t find anything useful to this.

Can someone please help me out?

You can use this code snippet to verify the user credentials.

# Validate credentials
$principalContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext([System.DirectoryServices.AccountManagement.ContextType]::Domain, '<yourdomain>')
$principalContext.ValidateCredentials('<user>', '<password>')