How to check if current PC user is current logged on user?

Question

For security reasons we want to check if the current PC user is the actual logged on user. To do this we want the user to re-enter their password and check his credentials with the domain. How could we accomplish this?

Sofar we tried this:

public static Boolean Authenticate(String password)
{
    String user = WindowsIdentity.GetCurrent().Name; 

    using (PrincipalContext PrincipalContext = new PrincipalContext(ContextType.Domain, Environment.UserDomainName))
    {
        return PrincipalContext.ValidateCredentials(user, password);
    }
}

But get a System.DirectoryServices.Protocols.LdapException, leaving the Environment.UserDomainName off also triggers this exception.

We also tried:

public static Boolean Authenticate(String password)
{
    String user = WindowsIdentity.GetCurrent().Name; 

    using (PrincipalContext PrincipalContext = new PrincipalContext(ContextType.Machine))
    {
        return PrincipalContext.ValidateCredentials(user, password);
    }
}

But this returns true on any password.

score 1 · Accepted Answer · edited May 23 '17 at 12:19

After some searching I came across this answer. Turns out the Domain name is included in WindowsIdentity.GetCurrent().Name. As found under the remarks in the documentation.

Giving this as a working solution:

public static Boolean Authenticate(String password)
{
    String user = WindowsIdentity.GetCurrent().Name; //Should be: DomainName\UserName
    String[] DomainAndUserName = user.Split(new Char[] { '\\' }, 2);

    if (DomainAndUserName.Length != 2) { return false; } // No DomainName ==> Wrong network;

    using (PrincipalContext PrincipalContext = new PrincipalContext(ContextType.Domain, DomainAndUserName[0]))
    {
            return PrincipalContext.ValidateCredentials(DomainAndUserName[1], password);
    }
}

How to check if current PC user is current logged on user?

1 Answers1