PowerShell: Test Domain User Account Credentials Test-UserCredentials.ps1

This script will check if the password for a given username is correct.
If the authentication failed using the provided Domain\Username and Password, The script will do some checks and provide clues why the authentication failed.
The checks are:

  • Domain is reachable.
  • User Name exists in the domain.
  • The account is Enabled.
  • The account is Unlocked.

You can run the script from powershell as .\Test-UserCredentials.ps1 or Right click the script and select “Run with PowerShell”,
The script will ask for the user credentials as Domain\Username, and Password in a friendly Windows authentication window, and report the status of the combination.

Get User Input:
11_02_00-Windows PowerShell

Example for correct username and password
2015-12-22 15_40_43-Windows PowerShell

Example for failed authentication due to: domain is not found/unreachable:
2015-12-22 15_43_15-Windows PowerShell

Example for failed authentication due to: User Name does not exist:
2015-12-22 15_45_40-Windows PowerShell

Example for failed authentication due to: User Account is disabled:
2015-12-22 15_47_29-Windows PowerShell

Example for failed authentication due to Locked out User account:
2015-12-31 10_13_51-Windows PowerShell

Example for failed authentication mostly due to wrong password:
2015-12-28 10_22_50-Windows PowerShell

Download from TechNet Gallery:

Remove UM DialPlan Associated with UM IP Gateway for Exchange UM and Lync Integration

Removing DialPlan that is associated with UM IP Gateway (after running ExchUCUtil.ps1 scrip …etc) is not a Next,Next, Finish task as deleting a standard DialPlans.

Andrew Morpeth explained how to do this with details in this very helpful article here:

Below is my attempt to provide an alternate approach to the Powershell script provided in above article (You need to provide the DIalPlan Name in the first line):

$UMDialPlan = "<YourDialPlanName>"
Get-UMMailboxPolicy | where {$_.UMDialPlan -eq $UMDialPlan} | FL Name, UMDialPlan
Get-UMMailboxPolicy | where {$_.UMDialPlan -eq $UMDialPlan} | Remove-UMMailboxPolicy
Get-UMHuntGroup | where {$_.UMDialPlan -eq $UMDialPlan}
Get-UMHuntGroup | where {$_.UMDialPlan -eq $UMDialPlan} | Remove-UMHuntGroup
Get-UMService | where {$_.DialPlans -contains $UMDialPlan} | FL Name, DialPlans
Get-UMService | where {$_.DialPlans -contains $UMDialPlan} | Set-UMService -DialPlans @{Remove="$UMDialPlan"}
Get-UMService | Get-UMCallRouterSettings | where {$_.DialPlans -contains $UMDialPlan} | FL Identity, DialPLans
Get-UMService | Get-UMCallRouterSettings | where {$_.DialPlans -contains $UMDialPlan} | Set-UMCallRouterSettings -DialPlans @{Remove=$UMDialPlan}
Remove-UMDialPlan -Identity $UMDialPlan 

Test If AD User Name and Password Combination are Correct

Check my enhanced PowerShell script that do the same task as here, and more…:

—Original Post—
This neat VBS script will test the active directory authentication for a given user name and password. and It will tell you if it succeeded or failed with which error.

I used to use Run-AS to test the authentication, but sometimes the user will not have the permissions to access the machine I’m testing on, and I will receive a non clear error.

Now, to the script:

Set objNetwork = CreateObject("WScript.Network")
strDomain = objNetwork.UserDomain
strUsername=InputBox("Enter Username:")
strPassword=InputBox("Enter Password:")
Set objDS = GetObject("LDAP:")
On Error Resume Next
Set objDomain = objDS.OpenDSObject("LDAP://" & strDomain, strUsername, strPassword, ADS_SECURE_AUTHENTICATION)
If Err.Number Then
    WScript.Echo _
    "For user:" & vbCrLf & _
    "   " & strDomain & "\" & strUsername & vbCrLf & _ 
    "Error Number:" & vbCrLf & _
    "   " & Err.Number & vbCrLf & _
    "Error Description:" & vbCrLf & _
    "   " & Err.Description
    WScript.Echo _
    "Valid password entered for user" & vbCrLf & _
    "   " & strDomain & "\" & strUsername
End If
On Error Goto 0

Run it, Provide the user name (Without providing the domain name), then provide the password, and get the result.


[Powershell] Remove Spaces from User Input if you will Build an Array

In one of the scripts I came across, The users have  to input IP addresses in the form of: IP1,IP2,IP3,…etc. The Powershell script will take this input and build an array to be passed to NETSH and other network commands. The problem is, the users will for different reasons enter the IPs in the form of: IP1, IP2, IP3, … adding an extra space after “,” sometimes there’s a leading or trailing spaces from copy and paste from other places. The result is ==> the network commands was failing to process these extra spaces. Anyway, to solve this, and to avoid similar situations, When you are getting a variable from users, it’s a good practice to do some cleanup, because you will never know what users will enter. One good example, is to utilize –replace parameter with \s to remove all spaces, tabs So:

$Param = "            ,           ,    "

#You clean it up by:
$Param = $Param -replace '\s',''

#This will make:


It also worth mentioning that, If you only want to remove the leading and trailing spaces from the users input, Use the Trim() method. So:

$Param = "   First Name Last Name    "

#You clean it up by:
$Param = $Param.trim()

#This will make:

First Name Last Name

[Batch] Backup Entire Folder with Current Date and Time

During my work on documentations, I usually will need to take different  snapshots of the current documentations folder at every milestone.

This batch will ask you for the folder you want to backup, then will create a new folder inside this folder named “AutoBackup” –> then will create a new folder with the current date and time inside this AutoBackup folder.

@Echo off
SET /P BackupPath=Please Enter the Folder Path to Backup:
MD "%BackupPath%\AutoBackup"
Set FolderNameFull=%BackupPath%\AutoBackup\%date:/=-%_%time::=%
Set FolderNameFinal=%FolderNameFull:~0,-5%
MD "%FolderNameFinal%"
Robocopy "%BackupPath%" "%FolderNameFinal%" /E /XD *AutoBackup

PowerShell: Find the LDAP address from a User Account


Import-Module ActiveDirectory
$Account = Read-Host 'Enter User Account'
$DN = Get-ADuser $Account
Write-Host LDAP://$DN

Run the script from your domain controller.

The script will ask you for the user logon name, and will display the relative LDAP address in the form of: LDAP://CN=………,OU=…..,OU=………,DC=…….,DC=…..

One-Liner: Move Multible Users to a Specific OU (Powershell)

This PowerShell command will read the users’ alias from a text file, and will move them to a specific OU.

  • On you domain controller, create a text file at C:\MoveUsers\Users.txt
  • In Users.txt add users aliases one per each line.
  • Get the DN for the destination OU, one easy common way, is to open ADSI Edit, expand the tree on the left till you reach the desired OU –> in the properties of the OU you will get the OU DN.
  • Open PowerShell and import the Active Directory Module:
Import-Module ActiveDirectory
The Command:
Get-Content C:\MoveUsers\Users.txt | Foreach{Get-ADUser $_ | Move-ADObject -TargetPath "OU=HR Users,OU=Users,DC=Masry,DC=Lab"}

Replace OU=HR Users,OU=Users,DC=Masry,DC=Lab with your OU DN obtained previously.

Script To Monitor Internet Connectivity and Automatically Reset Wireless Connection


So, We have a non stable Wireless access point, non stable Internet connection!

and at times we will get that yellow triangle with the exclamation mark on the WIFI connection on our PCs, and the only way to restore the connection is to Disconnect/and reconnect to the wireless AP.

I wrote this batch to automate this process, It could be written by another ways, but I find this simple and straight forward.

What the batch file do is:

Ping a Public IP –> If failed –> Try again after 1 Minute –> If still failed –> Disconnect from the wireless network –> Wait for 1 Minute –> Connect to the wireless network –> Start over again.


1- Name your Wireless card as WAN (or edit the batch to reflect your wireless “card name”).

2- replace YourWirelessSSID in the batch with your actual wireless network name (SSID).

3- If required,  make the batch starts with your windows startup, so it runs automatically.

The Batch:

@Echo off

Rem ####################Ping Check#####################

Ping |find "TTL=" && GOTO Start
Ping -n 60 >nul
Ping |find "TTL=" && GOTO Start

Rem ###########Reset The Wireless Network##############

netsh wlan disconnect interface=WAN
Ping -n 60 >nul
netsh wlan connect ssid=YourWirelessSSID name=YourWirelessSSID interface=WAN
Ping -n 10 >nul

GOTO Start


Note: tested on Win 7