使用NetValidatePasswordPolicy根据以前散列过的密码验证密码
本文关键字:密码 验证 NetValidatePasswordPolicy 使用 | 更新日期: 2023-09-27 18:20:17
根据Microsoft文档NetValidatePasswordPolicy有可能实现检查密码历史记录和避免重复使用以前密码的功能。我已经看过了这个API的所有例子,但没有一个提供了如何检查密码历史的功能。有人能指导我如何验证密码历史记录吗?
public static NET_API_STATUS ValidatePassword(string password)
{
var outputArgs = new NET_VALIDATE_OUTPUT_ARG();
var inputArgs = new NET_VALIDATE_PASSWORD_CHANGE_INPUT_ARG();
var passwordHistory = new NET_VALIDATE_PASSWORD_HASH();
IntPtr inputPointer = IntPtr.Zero;
IntPtr outputPointer = IntPtr.Zero;
try
{
inputArgs.PasswordMatched = true;
inputArgs.ClearPassword = Marshal.StringToBSTR(password);
//var serverName = System.Environment.MachineName;
string userNameToCheck = @"usr";
//inputArgs.ClearPassword = Marshal.StringToBSTR(password);
inputArgs.UserAccountName = userNameToCheck;
// If using a secure string
////inputArgs.ClearPassword = Marshal.SecureStringToBSTR(secureStringPassword);
inputPointer = Marshal.AllocHGlobal(Marshal.SizeOf(inputArgs));
Marshal.StructureToPtr(inputArgs, inputPointer, false);
NET_API_STATUS status = NetValidatePasswordPolicy("serverdc1", IntPtr.Zero, NET_VALIDATE_PASSWORD_TYPE.NetValidatePasswordChange, inputPointer, ref outputPointer);
if (status == NET_API_STATUS.NERR_Success)
{
outputArgs = (NET_VALIDATE_OUTPUT_ARG)Marshal.PtrToStructure(outputPointer, typeof(NET_VALIDATE_OUTPUT_ARG));
NET_VALIDATE_PASSWORD_HASH OutPasswordHistory = new NET_VALIDATE_PASSWORD_HASH();
OutPasswordHistory.Hash = outputArgs.ChangedPersistedFields.PasswordHistory;
OutPasswordHistory.Length = outputArgs.ChangedPersistedFields.PasswordHistoryLength;
// Copy the Structure to the IntPtr
if (outputArgs.ValidationStatus == NET_API_STATUS.NERR_Success)
{
// Ok
string emtp;
}
return outputArgs.ValidationStatus;
}
else
{
return status;
}
}
我不认为你可以要求测试策略的特定组件——只需要策略与提供的密码的总和。