Search
Module:
Directory

   Desktop Functions:

   Smart Device Functions:


Show Recent Changes
Subscribe (RSS)
Misc. Pages
Comments
FAQ
Helpful Tools
Playground
Suggested Reading
Website TODO List
Support Forum
Download Visual Studio Add-In

Terms of Use
Privacy Policy
NetValidatePasswordPolicy (advapi32)
 
.
Summary
TODO - a short description

C# Signature:

[DllImport("Netapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
internal static extern NET_API_STATUS NetValidatePasswordPolicy(
    [MarshalAs(UnmanagedType.LPWStr)]
    string ServerName,
    IntPtr Qualifier,
    NET_VALIDATE_PASSWORD_TYPE ValidationType,
    IntPtr InputArg,
    ref IntPtr OutputArg);

VB Signature:

Declare Function NetValidatePasswordPolicy Lib "Netapi32.dll" (TODO) As TODO

User-Defined Types:

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
internal struct NET_VALIDATE_OUTPUT_ARG
{
    public NET_VALIDATE_PERSISTED_FIELDS ChangedPersistedFields;
    public NET_API_STATUS ValidationStatus;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
internal struct NET_VALIDATE_PASSWORD_HASH
{
    public uint Length;
    public IntPtr Hash;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
internal struct NET_VALIDATE_AUTHENTICATION_INPUT_ARG
{
    public NET_VALIDATE_PERSISTED_FIELDS InputPersistedFields;

    [MarshalAs(UnmanagedType.I1)]
    public bool PasswordMatched;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
internal struct NET_VALIDATE_PASSWORD_CHANGE_INPUT_ARG
{
    public NET_VALIDATE_PERSISTED_FIELDS InputPersistedFields;

     // Don't use a managed string, you can't securely clean that up.
     // Use Marshal.SecureStringToBSTR() and Marshal.ZeroFreeBSTR() to get and clean up a native string pointer.
    public IntPtr ClearPassword;

    [MarshalAs(UnmanagedType.LPWStr)]
    public string UserAccountName;

    public NET_VALIDATE_PASSWORD_HASH HashedPassword;

    [MarshalAs(UnmanagedType.I1)]
    public bool PasswordMatched;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
internal struct NET_VALIDATE_PASSWORD_RESET_INPUT_ARG
{
    public NET_VALIDATE_PERSISTED_FIELDS InputPersistedFields;

    [MarshalAs(UnmanagedType.LPWStr)]
    public string ClearPassword;

    [MarshalAs(UnmanagedType.LPWStr)]
    public string UserAccountName;

    public NET_VALIDATE_PASSWORD_HASH HashedPassword;

    [MarshalAs(UnmanagedType.I1)]
    public bool PasswordMustChangeAtNextLogon;

    [MarshalAs(UnmanagedType.I1)]
    public bool ClearLockout;
}

[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
internal struct NET_VALIDATE_PERSISTED_FIELDS
{
    public uint PresentFields;
    public ComTypes.FILETIME PasswordLastSet;
    public ComTypes.FILETIME BadPasswordTime;
    public ComTypes.FILETIME LockoutTime;
    public uint BadPasswordCount;
    public uint PasswordHistoryLength;
    public IntPtr PasswordHistory;
}

internal enum NET_API_STATUS : uint
{
    ERROR_ACCESS_DENIED = 5,
    ERROR_NOT_ENOUGH_MEMORY = 8,
    ERROR_INVALID_PARAMETER = 87,
    ERROR_INVALID_NAME = 123,
    ERROR_INVALID_LEVEL = 124,
    ERROR_SESSION_CREDENTIAL_CONFLICT = 1219,
    NERR_Success = 0,
    NERR_InvalidComputer = 2351,
    NERR_BadPassword = 2203,
    NERR_UserNotFound = 2221,
    NERR_AccountLockedOut = 2702,
    NERR_PasswordTooRecent = 2246,
    NERR_PasswordHistConflict = 2244,
    NERR_PasswordTooShort = 2245,
    NERR_PasswordTooLong = 2703,
    NERR_PasswordNotComplexEnough = 2704,
    NERR_PasswordFilterError = 2705,
    NERR_PasswordMustChange = 2701,
    NERR_PasswordExpired = 2242
}

internal enum NET_VALIDATE_PASSWORD_TYPE
{
    NetValidateAuthentication = 1,
    NetValidatePasswordChange,
    NetValidatePasswordReset
}

Alternative Managed API:

Do you know one? Please contribute it!

Notes:

WE NEED SOME HELP WITH THIS ONE. SHOULD HAVE BEEN IN THE "NETAPI32" category.

Tips & Tricks:

Please add some!

Sample Code:

[DllImport("Netapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
private static extern NET_API_STATUS NetValidatePasswordPolicyFree(ref IntPtr OutputArg);

private void Main()
{
     string serverName = @"\\servername";
     var inputArgs = new NET_VALIDATE_PASSWORD_CHANGE_INPUT_ARG();
     inputArgs.PasswordMatched = true;
     inputArgs.UserAccountName = @"accountname";
     var outputArgs = new NET_VALIDATE_OUTPUT_ARG();

     IntPtr inputPointer = IntPtr.Zero;
     IntPtr outputPointer = IntPtr.Zero;

     try
     {
        inputArgs.ClearPassword = Marshal.StringToBSTR(@"password");
        // If using a secure string
        //inputArgs.ClearPassword = Marshal.SecureStringToBSTR(secureStringPassword);

        inputPointer = Marshal.AllocHGlobal(Marshal.SizeOf(inputArgs));
        Marshal.StructureToPtr(inputArgs, inputPointer, false);        

        NET_API_STATUS status = NetValidatePasswordPolicy(serverName, IntPtr.Zero, NET_VALIDATE_PASSWORD_TYPE.NetValidatePasswordChange, inputPointer, ref outputPointer);

        if (status == NET_API_STATUS.NERR_Success)
        {            
            outputArgs = (NET_VALIDATE_OUTPUT_ARG)Marshal.PtrToStructure(outputPointer, typeof(NET_VALIDATE_OUTPUT_ARG));
            if (outputArgs.ValidationStatus == NET_API_STATUS.NERR_Success)
            {    
                // Ok
            }
            else
            {
                Console.WriteLine(outputArgs.ValidationStatus);
            }            
        }
        else
        {
            Console.WriteLine(status);
        }            
     }
     finally
     {
        if (outputPointer != IntPtr.Zero)
        {
            NetValidatePasswordPolicyFree(ref outputPointer);
        }
        if (inputArgs.ClearPassword != IntPtr.Zero)
        {
            Marshal.ZeroFreeBSTR(inputArgs.ClearPassword);
        }
        if (inputPointer != IntPtr.Zero)
        {
            Marshal.FreeHGlobal(inputPointer);
        }
     }
}

Documentation

Please edit this page!

Do you have...

  • helpful tips or sample code to share for using this API in managed code?
  • corrections to the existing content?
  • variations of the signature you want to share?
  • additional languages you want to include?

Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).

 
Access PInvoke.net directly from VS:
Terms of Use
Edit This Page
Find References
Show Printable Version
Revisions