PrincipalContext principalContext.validate(user,password) returning an exception for a user whose password was never set to expire RRS feed

  • Question

  • A Windows Server VM is in a domain whose password policy is set to expire in 90 days. On the VM, a local administrator account (example: LocalAdmin) is created. It inherits the domain policy for password expiry and after 90 days it’s password gets expired. After this, the “Password Never Expires” check-box (After the password was expired) is selected.

    We had below clarifications:

    1. Why is the LocalAdmin user be able to login to the VM without resetting the password?
    2. Why does PrincipalContext principalContext.ValidateCredentials(user, password) return an exception saying the password was expired in spite of we explicitly selecting that “Password Never Expires” check-box?

    Is there a better way to handle this? Usually what is the Microsoft API recommended for working with Local users?

    Tuesday, September 4, 2018 4:45 AM

All replies

  • Hi Anant Murarka,

    Thank you for posting here.

    Since your question is more related to VM, you could post a new thread in Azure VM forum for suitable support.

    The CLR Forum discuss and ask questions about .NET Framework Base Classes (BCL) such as Collections, I/O, Regigistry, Globalization, Reflection. Also discuss all the other Microsoft libraries that are built on or extend the .NET Framework, including Managed Extensibility Framework (MEF), Charting Controls, CardSpace, Windows Identity Foundation (WIF), Point of Sale (POS), Transactions.

    Best Regards,


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact

    Thursday, September 6, 2018 7:25 AM