Skip to content

Account Management API - ValidateCredentials with default context options #10442

New issue
New issue
Open
Open
Account Management API - ValidateCredentials with default context options#10442
Labels
Pri3Indicates issues/PRs that are low priorityarea-System.DirectoryServicesuntriagedNew issue has not been triaged by the area owner
@alexslav

Description

@alexslav
alexslav
opened on Sep 27, 2024

Type of issue

Other (describe below)

Description

Using ValidateCredentials method without providing context options, it rises an exception:
Exception calling "ValidateCredentials" with "2" argument(s): "The server cannot handle directory requests."

Аре the default values of the context options are changed or this is a kind of bug?

Test Snippet:

#Validate a username and password against Active Directory
Add-Type -AssemblyName System.DirectoryServices.AccountManagement

$ContextType = [System.DirectoryServices.AccountManagement.ContextOptions]::Negotiate -bor # Negotiate  1
               [System.DirectoryServices.AccountManagement.ContextOptions]::Signing -bor   # Signing	8
               [System.DirectoryServices.AccountManagement.ContextOptions]::Sealing        # Sealing	16

Write-Output "$($ContextType.ToString())" #Negotiate, Signing, Sealing


[string]$SamAccountName    = $UserCredential.UserName # ADS_NAME_TYPE_NT4
[string]$PlainTextPassword = $UserCredential.GetNetworkCredential().Password

$dsCT = [System.DirectoryServices.AccountManagement.ContextType]::Domain
$dsPC = [System.DirectoryServices.AccountManagement.PrincipalContext]::new($dsCT,$DomainName)

# When the context options are not specified this rises an exception:
# "ValidateCredentials" with "2" argument(s): "The server cannot handle directory requests."
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword) 

$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,$ContextType) # OK - True
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,[System.DirectoryServices.AccountManagement.ContextOptions]::Negotiate) # OK - True
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,[System.DirectoryServices.AccountManagement.ContextOptions]::Signing)   # OK - True
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,[System.DirectoryServices.AccountManagement.ContextOptions]::Sealing)   # OK - True

Used environment:
OS Name Microsoft Windows Server 2019 Standard
Version 10.0.17763 Build 17763
.NET Framework Version: 4.8

Page URL

https://learn.microsoft.com/en-us/dotnet/api/system.directoryservices.accountmanagement.contextoptions?view=netframework-4.8

Content source URL

https://github.com/dotnet/dotnet-api-docs/blob/main/xml/System.DirectoryServices.AccountManagement/ContextOptions.xml

Document Version Independent Id

c890e787-0f5d-5f78-b439-843636bc08fb

Article author

@dotnet-bot

Metadata

Metadata

Assignees

No one assigned

    Labels

    Pri3Indicates issues/PRs that are low priorityarea-System.DirectoryServicesuntriagedNew issue has not been triaged by the area owner

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions