Advertisement
Guest User

Untitled

a guest
Nov 11th, 2021
135
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Set-PSUAuthenticationMethod -Type "Form" -ScriptBlock {
  2. param(
  3.     [PSCredential]$Credential
  4. )
  5.  
  6. #
  7. #   You can call whatever cmdlets you like to conduct authentication here.
  8. #   Just make sure to return the $Result with the Success property set to $true
  9. #
  10. $Result = [Security.AuthenticationResult]::new()
  11. if ($Credential.UserName -eq 'Admin' -and $Credential.GetNetworkCredential().password -eq "PASSWORD")
  12. {
  13.     #Maintain the out of box admin user
  14.     $Result.UserName = 'Default Admin'
  15.     $Result.Success = $true
  16. }
  17. else
  18. {
  19.     # Get current domain using logged-on user's credentials - this validates their credential
  20.     $CurrentDomain = "LDAP://DC=domain,DC=local"  # Insert Your Domain Here
  21.     $domain = New-Object System.DirectoryServices.DirectoryEntry($CurrentDomain,($Credential.UserName),$Credential.GetNetworkCredential().password)
  22.     if ($domain.name -eq $null)
  23.     {
  24.         #"Authentication failed for $($Credential.UserName)!"
  25.         write-host "Authentication failed - please verify your username and password."
  26.         $Result.UserName = ($Credential.UserName)
  27.         $Result.Success = $false
  28.     }
  29.     else
  30.     {
  31.         write-host "Successfully authenticated with domain $($domain.name)"
  32.         #"Authentication success for $($Credential.UserName)!"
  33.         $groupMember = Get-ADGroupMember -Identity GROUPNAME -Recursive | select-object -ExpandProperty samaccountname
  34.         if ($groupMember -contains $credential.UserName){
  35.             $Result.UserName = ($Credential.UserName)
  36.             $Result.Success = $true
  37.         }
  38.         else {
  39.             $Result.UserName = ($Credential.UserName)
  40.             $Result.Success = $false
  41.         }
  42.     }
  43. }
  44.  
  45. $Result
  46. } -SaveTokens $false -UseTokenLifetime $false -GetClaimsFromUserInfoEndpoint $false
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement