Geek Answers Handbook

Powershell to verify local administrator credentials

I am trying to run a script that requires Administrator input to handle certain things. Instead of failing to execute the script, I try to catch the error and return it back to the credentials, but I can’t find a command with which I can pass the local administrator credentials using Trap. Anyone have something that might work?

I found MUCH that will check domain credentials, but this is a LOCAL administrator account.

To clarify, I use:

$Cred = Get-Credential

I need to verify that the result is correct and has administrator access to continue working in the script.

Working solution (thanks to User978511)

 $Cred = Get-Credential $Computer = (gwmi Win32_ComputerSystem).Name $User = $Cred.Username $Pass = $Cred.GetNetworkCredential().Password $Users = ("$Computer"+"$User") Add-Type -assemblyname System.DirectoryServices.AccountManagement $DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext([System.DirectoryServices.AccountManagement.ContextType]::Machine) $DS.ValidateCredentials($Users, $pass) if ($Result -ne "True") { <Perform Tasks Here> }
+7
source share
2 answers

This will return you local administrators (another answer is probably better suited here):

 $group =[ADSI]"WinNT://./Administrators" $members = @($group.psbase.Invoke("Members")) $admins = $members | foreach {$_.GetType().InvokeMember("Name", 'GetProperty', $null, $_, $null)}

And this will check the credentials:

 Add-Type -assemblyname system.DirectoryServices.accountmanagement $DS = New-Object System.DirectoryServices.AccountManagement.PrincipalContext([System.DirectoryServices.AccountManagement.ContextType]::Machine) $DS.ValidateCredentials("test", "password")

All you have to do is verify that the credentials are in order and that the user is a member of the Admins group

+3
source 
 function Is-Current-User-Admin { return ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") }
+4
source

More articles:


All Articles