It might at that. :)
I ran this at home and it was the translation that was causing me issues.
I changed the code to be more like this:
Const ADS_SECURE_AUTHENTICATION = 1
strUserDN = "cn=Administrator,cn=Users,dc=Clusterdomain,dc=com"
strPassword = "Super_Secret_and_complex_Password"
Set objRoot = GetObject("LDAP:")
Set objDomain = _
objRoot.OpenDSObject("LDAP://SRVR/dc=Clusterdomain,dc=com", _
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
'// This is where you can open the object. You have to know the DN of the
object which infers that you've
'// previously searched and found the object DN. I didn't include that here,
but it wouldn't be too tough.
Set objUser =
objRoot.OpenDSObject("LDAP://SRVR/cn=Student2,OU=Students,dc=Clusterdomain,dc=com",
_
strUserDN, strPassword, ADS_SECURE_AUTHENTICATION)
objUser.setpassword ("slslslslsls.1")
If it's not in the domain, you must use a method that allows you to pass
credentials. OpenDSObject is that method.
Winnt provider might work so long as you can pass the credentials properly, but
I hate to look back and use it that way. Easier to search for the object and
return the DN and then set the password.
Note that iads::setpassword was used vs. changepassword. I think Shawn
mentioned that the user does not know the password.
Al
________________________________
From: [EMAIL PROTECTED] on behalf of Darren Mar-Elia
Sent: Wed 8/31/2005 6:15 PM
To: [email protected]
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but ran
from a non domain member
I wonder if, in this case, it might not be easier to just use the
WINNT:// ADSI provider to reset the user's password? You might avoid
some of these issues.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, September 01, 2005 7:18 AM
To: [email protected]
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but
ran from a non domain member
I would wonder if the Name Translation is failing, does it have the
security context to do the lookup? I am not in a position to test it at
the moment but I would make sure it is working properly.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shawn Hayes
Sent: Wednesday, August 31, 2005 3:33 PM
To: [email protected]; [EMAIL PROTECTED]
Subject: RE: [ActiveDir] VBscript to set a password for a user in AD but
ran from a non domain member
Thanks for the reply Al.
strNetbiosdomain is a variable I set
script dies before line 61
A web front-end is where we were leaning.
Shawn
>>> "Al Mulnick" <[EMAIL PROTECTED]> 08/31/05 03:19PM >>>
How does the non-domain member find strNetBIOSDomain ?
On line 61, how about having it echo to the user what the
strNetBIOSDomain and strUserName1 variables result in?
Does it match what you think it should be? Is it possible to find that
information from the workstation it's running on? Any reason you
wouldn't run this as a web page from a domain member instead?
Al
________________________________
From: [EMAIL PROTECTED] on behalf of Shawn Hayes
Sent: Wed 8/31/2005 2:26 PM
To: [email protected]
Subject: [ActiveDir] VBscript to set a password for a user in AD but ran
from a non domain member
I am trying to write a script to set a user password and the script must
be run from a machine that is not a domain member.
Background:
We are migrating to Exchange from Groupwise in 12 days. We still have a
ton of machines that are not part of AD, still in NDS. Users all have
accounts and mailboxes in AD. Many Novell users have not logged into
AD. During our migration we would like the techs to quickly reset user
passwords for those that do not know their AD passwords. Techs will be
in the field at distributed locations to help with outlook connectivity.
They will not know the existing password.
When i run this from a non domain member I get "The specified domain
either does not exist or could not be contacted". It runs fine from a
domain member
Here is the code - thanks to anyone that can help.
'Set a Users password
'Written by: Shawn Hayes
'Date: 8-31-05
'Variables
Dim strUserName, strUserDN, strDNSDomain, strNetBiosDomain, strpassword,
strpassword1, strpassword2 Dim strUserName1, strUserName2, strmsgresult,
strcontinue, stradminID, stradminpwd, stradminpwd1, stradminpwd2
strNetBiosDomain = "ourdomainname\"
Const ADS_NAME_INITTYPE_GC = 3
Const ADS_NAME_TYPE_NT4 = 3
Const ADS_NAME_TYPE_1779 = 1
Const ADS_PROPERTY_CLEAR = 1
Const ADS_SECURE_AUTHENTICATION = 1
'Input box prompts for UserID
msgbox ("You must enter a userid with privledges in AD to change
user
passwords!")
stradminID = InputBox ("Enter Your Admin account name used to
connect to AD", "Enter Your Admin account name used to connect to AD",
"")
'Input box prompts for admins password
Do
stradminpwd1 = InputBox ("Enter the Admin Password", " Admin
Password",
"")
stradminpwd2 = InputBox ("Reenter the Admin password", "Admin
Password",
"")
If stradminpwd1 <> stradminpwd2 then
msgbox ("Admin Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
strpassword = "nothing"
'User information
Do
'Input box prompts for UserID
strUsername1 = InputBox ("Enter the Active Directory UserID", "Enter
the Users Active Directory UserID", "")
'Input box prompts for users new password
Do
strPassword1 = InputBox ("Enter the new Password", "Password", "")
strPassword2 = InputBox ("Reenter the password", "Password", "")
If strpassword1 <> strpassword2 then
msgbox ("Passwords do not match")
strpassword = "nothing"
Else
strpassword = "equal"
End IF
Loop until strpassword = "equal"
Set objNetwork = CreateObject("Wscript.Network")
'Connect to RootDSE
'Set objRoot =
GetObject("LDAP://domaincontroller.ourdomain.com/RootDSE")
'Set objroot = GetObject("LDAP:")
'Set objDomain = objRoot.OpenDSObject("LDAP://cn=domain
controller,OU=domain controllers,dc=ourdomain,dc=com", strNetBiosDomain
& stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'Set objDomain = objRoot.OpenDSObject("LDAP://dc=ourdomain,dc=com",
strNetBiosDomain & stradminID, stradminpwd1, ADS_SECURE_AUTHENTICATION)
'strDNSDomain = objRootDSE.Get("defaultNamingContext")
'strDNSDomain = objdomain.Get("defaultNamingContext")
'Determine UsersDN from netbios name
Set objTrans = CreateObject("NameTranslate")
objTrans.Set ADS_NAME_TYPE_NT4, strNetBIOSDomain & strUserName1
strUserDN = objTrans.Get(ADS_NAME_TYPE_1779)
strmsgresult = msgbox ("OK to change this user's password? " &
struserdn,
vbyesno)
'msgbox (strmsgresult)
If strmsgresult = "6" then
'Set the Users Password
'Set objUser = GetObject ("LDAP://" & strUserDN)
Set ObjDomain = GetObject ("LDAP:")
Set objuser =
ObjDomain.OpenDSObject("LDAP://domaincontroller.ourdomain.com/" &
strUserDN, strNetBiosDomain & stradminID, stradminpwd1,
ADS_SECURE_AUTHENTICATION)
objUser.SetPassword strpassword1
Msgbox ("Password Set!")
wscript.quit
Else
strcontinue = Msgbox ("Password not set, would you like to reenter
the UserID?", vbyesno)
If strcontinue <> "6" then
wscript.quit
End IF
End IF
Loop
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
<<winmail.dat>>
