Does Windows provide a command line utility that lets me check a domain user's password? It is sufficient that the utility returns success(0) if I provide a matching domain user name and password. Alternatively, is there a simple VB/JS script that can do this?
I'm the Intranet admin of my company and have the default password set for corporate staff, so I'd like to quickly scan which users have not changed their default password.
Better yet, are there any books or websites which cover such topics so that I can get more information?
Answer
Benefit from the tip here https://stackoverflow.com/a/4601056 , I managed to use Python to do that.
import win32security
lg = win32security.LogonUser('username', 'domainname', 'password', win32security.LOGON32_LOGON_NETWORK,win32security.LOGON32_PROVIDER_DEFAULT)
If no exception occurs in win32security.LogonUser(), then the password is correct.
Requirement:
- Python 2.7.
- pywin32 package
- the client machine(the one running Python program) has joined to the domain.
- [to verify]Group policy on the client machine allow arbitrary domain user to logon locally.
No comments:
Post a Comment