Hi! I'm working on some components in PHP for system administration to be released as reusable packages, to build some kind of server control panel with some time and patience.
I'm working on a credentials component to check things like the current user running the PHP process, the ability to change the password (which I would do through a shell command), and a very important feature: the ability to login with OS credentials.
For that purpose I'm already considering LDAP, but I want to support first an easy setup, like I would do for a small VPS. I want to login to my future panel with my Linux root credentials. This is very easy by parsing the /etc/passwd and /etc/shadow files, but I want to be multiplatform from the beginning.
How could I check a username/password in a similar way to login on Windows without having to configure Active Directory and similar things? I allow myself to use FFI to make external calls to native DLLs, so if the answer is on a Windows internal API it will not be a problem.
So, here is the question: is there any shell/C /C++ way to check if a given username and password matches a real Windows credential? Is there any way to check if that account is a root user? Thank you so much!
EDIT: If there's not any API to check a login, could it be done through reading the hashed password of a user, and hashing the provided one to check if they match? If so, how can you get the hashed password of a user, and how can you encode a password to compare both hashes?