From 5981f141e3d3c72fff540c16fb51e76f9cdbd39b Mon Sep 17 00:00:00 2001
From: sophia <scastellarin95@gmail.com>
Date: Tue, 22 Jun 2021 17:14:25 -0500
Subject: [PATCH] Check Domain and Application Directory contexts for
 credentials when validating SMB creds

---
 .../windows/scripts/check_credentials.ps1     | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/plugins/hosts/windows/scripts/check_credentials.ps1 b/plugins/hosts/windows/scripts/check_credentials.ps1
index 28ce28a90..41c8c8298 100644
--- a/plugins/hosts/windows/scripts/check_credentials.ps1
+++ b/plugins/hosts/windows/scripts/check_credentials.ps1
@@ -11,9 +11,24 @@ $DSContext = New-Object System.DirectoryServices.AccountManagement.PrincipalCont
     [System.DirectoryServices.AccountManagement.ContextType]::Machine,
     $env:COMPUTERNAME
 )
-
 if ( $DSContext.ValidateCredentials( $username, $password ) ) {
     exit 0
-} else {
-    exit 1
-}
\ No newline at end of file
+} 
+
+$DSContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext(
+    [System.DirectoryServices.AccountManagement.ContextType]::Domain,
+    $env:COMPUTERNAME
+)
+if ( $DSContext.ValidateCredentials( $username, $password ) ) {
+    exit 0
+} 
+
+$DSContext = New-Object System.DirectoryServices.AccountManagement.PrincipalContext(
+    [System.DirectoryServices.AccountManagement.ContextType]::ApplicationDirectory,
+    $env:COMPUTERNAME
+)
+if ( $DSContext.ValidateCredentials( $username, $password ) ) {
+    exit 0
+} 
+
+exit 1