Authenticating Domain Users with System.DirectoryServices

Question

Given a username and a password for a domain user, what would be the best way to authenticate that user programatically?

Answer 1

It appears that .NET 3.5 added a new namespace to deal with this issue - System.DirectoryServices.AccountManagement. Code sample is below:

Private Function ValidateExternalUser(ByVal username As String, ByVal password As String) As Boolean
    Using context As PrincipalContext = New PrincipalContext(ContextType.Domain, _defaultDomain)
        Return context.ValidateCredentials(username, password, ContextOptions.Negotiate)
    End Using
End Function

The namespace also seems to provide a lot of methods for manipulating a domain account (changing passwords, expiring passwords, etc).