-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Open
Labels
Pri3Indicates issues/PRs that are low priorityIndicates issues/PRs that are low priorityarea-System.DirectoryServicesuntriagedNew issue has not been triaged by the area ownerNew issue has not been triaged by the area owner
Description
Type of issue
Other (describe below)
Description
Using ValidateCredentials method without providing context options, it rises an exception:
Exception calling "ValidateCredentials" with "2" argument(s): "The server cannot handle directory requests."
Аре the default values of the context options are changed or this is a kind of bug?
Test Snippet:
#Validate a username and password against Active Directory
Add-Type -AssemblyName System.DirectoryServices.AccountManagement
$ContextType = [System.DirectoryServices.AccountManagement.ContextOptions]::Negotiate -bor # Negotiate 1
[System.DirectoryServices.AccountManagement.ContextOptions]::Signing -bor # Signing 8
[System.DirectoryServices.AccountManagement.ContextOptions]::Sealing # Sealing 16
Write-Output "$($ContextType.ToString())" #Negotiate, Signing, Sealing
[string]$SamAccountName = $UserCredential.UserName # ADS_NAME_TYPE_NT4
[string]$PlainTextPassword = $UserCredential.GetNetworkCredential().Password
$dsCT = [System.DirectoryServices.AccountManagement.ContextType]::Domain
$dsPC = [System.DirectoryServices.AccountManagement.PrincipalContext]::new($dsCT,$DomainName)
# When the context options are not specified this rises an exception:
# "ValidateCredentials" with "2" argument(s): "The server cannot handle directory requests."
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword)
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,$ContextType) # OK - True
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,[System.DirectoryServices.AccountManagement.ContextOptions]::Negotiate) # OK - True
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,[System.DirectoryServices.AccountManagement.ContextOptions]::Signing) # OK - True
$dsPC.ValidateCredentials($SamAccountName,$PlainTextPassword,[System.DirectoryServices.AccountManagement.ContextOptions]::Sealing) # OK - True
Used environment:
OS Name Microsoft Windows Server 2019 Standard
Version 10.0.17763 Build 17763
.NET Framework Version: 4.8
Page URL
Content source URL
Document Version Independent Id
c890e787-0f5d-5f78-b439-843636bc08fb
Article author
Metadata
Metadata
Assignees
Labels
Pri3Indicates issues/PRs that are low priorityIndicates issues/PRs that are low priorityarea-System.DirectoryServicesuntriagedNew issue has not been triaged by the area ownerNew issue has not been triaged by the area owner