User Authentication

Last Updated: 12-Oct-19

Use this action to present a user authentication dialog to the interactive user. It contains three fixed text input fields: User name, Password, and Domain. The action authenticates the entered user name and password against the domain specified (which should be in FQDN format). If successful, the next action in the configuration XML is processed. Additionally, the actions stored the user name in the XAUthenticatedUser variable and domain name in the XAuthenticatedUserDomain variable.

Use the MaxRetryCount attribute to set a maximum number of allowed authentication attempts. If the user fails to authenticate in this many tires, UI++ returns an access denied (5) error code which you can validate in a task sequence using the _SMSTSLastActionRetCode task sequence variable or by checking the process’s exit code using another method.

Using the Group attribute, you can specify one or more AD security groups using a semi-colon separated list. If specified, in addition to authentication, the authenticating user account must also be a member of one of the groups. This provides an authorization mechanism in addition to the authentication.

Optionally, if authentication is successful, a list of all groups that the authenticated user is a member of is set as the value of a variable named XAuthenticatedUserGroups. This value is a comma-separated list of groups in the usual <domain>\<group name> format. You can use this variable just like any other variable (within UI++ or the rest of the task sequence) including within conditions.

If desired, you can individually customize the prompt, question, and hint used for each field as well as the regular expression using an embedded Field element. Additionally, instead of using a text box for the domain name, you can use a drop-down list to limit the choices given to the user.

Basic example

<Action Type="UserAuth" Title="User Authentication" Domain="lab1.com" MaxRetryCount="5" Group="OSD Group" GetGroups="True" />


Example of using XAuthenticatedUserGroups in a condition

<Action Type="Info" Name="myInfo" Title="Welcome %XAuthenticatedUser%" Condition='InStr ("%XAuthenticatedUserGroups%" &amp; ",", "Test,") > 0'>
<![CDATA[Velkommen – Welkom - Tere tulemast – Bienvenue – Willkommen – Bienvenido – Välkommen]]>
</Action>


Example of selectively customizing the prompt, hint, question, and regular expression of the fields

<Action Type="UserAuth" Title="User Authentication" Domain="lab1.configmgrftw.com" Group="OSD Group" GetGroups="False" MaxRetryCount="5">

<Action Type="UserAuth" Title="User Authentication" Domain="lab300.configmgrftw.com" GetGroups="False" MaxRetryCount="5" DisableCancel="False">