I need a way to validate a user/password pair for native c++ on windows.
Input is user and password, user can be in DOMAIN\user format.

Basically I need to write a function that:
If user/password is a valid local account, returns true. (part 1)
If user/password is valid on the domain given, return true also. (part 2)
else return false.

Using KB180548 I solved (part 1) (but I had to also check if the user name is a valid user, because fails for users with blank passwords – ugly workaround but it works)

However for any domain besides “.”, the above KB sample code works(incorrectly) for any user/pass pair.

I’ve tried using ldap_bind_s, but it succeeds for incorrect user/pass pairs(the dreaded Guest account?). Also, for the “.” domain, it fails for valid user/passwords with LDAP_SERVER_DOWN (maybe because the local host is not a domain controller?)

Maybe some of these notions are unclear to me. I hope at least my problem is explained clearly.
I’m not stuck on any method, as log as it can be implemented just in C++ native code.

This question C#: How to validate domain credentials? seems to have it figured it out (except there is no accepted answer). Alas, it is in C#.

Edit: Come on, Stack Overflow, you’ve never let me down before…