none
Validating credentials using PrincipalContext class RRS feed

  • Question

  • We have to validate user credentials in the local user database on machine that does not belong to domain. Our target OS is Windows 2008 R2 Standard, we are developing using .NET Framework 4.0.

    We are trying to use the .NET System.DirectoryServices.AccountManagement.PrincipalContext class and it works fine on most of the installations however we have encountered several installations on which it returns the flowing exception:

    The network path was not found.

    Stack :

    at System.DirectoryServices.AccountManagement.UnsafeNativeMethods.IADs.Get(String bstrName)

    at System.DirectoryServices.AccountManagement.CredentialValidator.BindSam(String target, String username, String password)

    at System.DirectoryServices.AccountManagement.CredentialValidator.Validate(String username, String password)

    at System.DirectoryServices.AccountManagement.PrincipalContext.ValidateCredentials(String username, String password)

    The PrincipalContext.ValidateCredentials method takes only 2 parameters, we have tried to prefix username with machine name (host\username) using host name name and full host name but we are still getting exception.

    The PrincipalContext is created this way:

    PrincipalContext m_context = new PrincipalContext(ContextType.Machine);

    We have also tried the second constructor that takes also name into which we put machine name but it fails with the same exception.

    Unfortunately we have no option to validate credentials using the native advapi32.dll functions (LogonUser) because user group that we have to validate have policy restriction to not be allowed to log in into a machine, these are application accounts and we don’t want any of them to be used to log in as a Windows user.

    Thank you in advance for your support.

    • Changed type pxbc73 Monday, January 28, 2013 1:50 PM
    Monday, January 28, 2013 1:48 PM

Answers

  • Thanks Mike Feng.

    The code you have provided is exactly what we are doing. However on some machines it ends with the mentioned exception. We have found out that on those machines on which the PrincipalContext fails there is some issue with network interface, loopback. When we invoke “ipconfig /renew” we got the following error:

    An error occurred while releasing interface Loopback Pseudo-Interface 1 : The system cannot find the file specified.

    Could this be the reason, how to fix it?

    Wednesday, January 30, 2013 9:52 AM

All replies