Hmmm SDO eh? Going further OT... I don't suppose you (or anyone else) has figured out how to check the PPTP box on XP (the box under Virtual Private Network on the Incoming Connections properties dialog)?
I've figured out how to script netsh to configure RRAS almost completely, but I would rather have done it with vbscript. This is on workgroup (unfortunately) computers... but I could not figure out a way to enable PPTP with a script. I'll have to look into this SDO stuff... Rich ----------------------------------------------------------------------- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 ---------------------------------------------------------------------- "I love the smell of red herrings in the morning" - anonymous -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Monday, January 09, 2006 7:35 PM To: [email protected] Subject: RE: [ActiveDir] OT: Scripting Issue. Didn't like my answer in the Sunbelt group, eh? Server Data Objects are your portable way to do this, regardless of your domain mode (at least through Windows Server 2003). It wraps the MprAdminUserSetInfo and MprAdminUserGetInfo functions on both Windows 2000 and Windows 2003. For example, http://msdn.microsoft.com/library/en-us/sdo/sdo/changing_dial_in_setting s.asp I use SDO all over the place (unfortunately). Sub RasInfo (ByVal objWinNT, ByVal strServer, ByVal strName) Dim objWinUser Dim element, v, msg, str Dim objSDOMachine, objU Set objSDOMachine = CreateObject ("IAS.SDOMachine") objSDOMachine.Attach (strServer) Set objWinUser = GetObject ("WinNT://" & strServer & "/" & strName & ",user") Set objU = objSDOMachine.GetUserSDO (0, strName) msg = "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%" & vbCrLf & _ "Name: " & objU.GetProperty (PROPERTY_SDO_NAME) & vbCrLf & _ "Full name: " & objWinUser.Get ("fullname") & vbCrLf & _ "Description: " & objWinUser.Get ("description") & vbCrLf & _ "------------" & vbCrLf v = objU.getproperty (PROPERTY_USER_ALLOW_DIALIN) If IsEmpty (v) Then str = "Control access through Remote Access Policy" Else If v = True Then str = "Allow access" Else str = "Deny access" End If End If msg = msg & "Remote access permission: " & str & vbcrlf Set v = Nothing ... ... ... -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Monday, January 09, 2006 5:06 PM To: [email protected] Subject: [ActiveDir] OT: Scripting Issue. I have a script that I run in an ASP page to list all RAS Users as a check to make sure that we don't have anyone with permissions that shouldn't have them. However, I'm finding now that we are migrating to W2k3 that this script doesn't work on 2k3. I read in a newsgroup that the "RasPermissions" in ADSI was removed due to security concerns. Is this correct? Is there another way to access this information via ADSI? <Script is below> Thanks, Erik Function ReportRasUsers() If DOM = "" Then DOM = "corp" strRasUsers="<Table id="""& "table1""" & " cellspacing=""" & "1""" & " cellPadding=""" & "1""" & " width="""& "500""" & " border="""& "1""" & ">" strRasUsers=strRasUsers & "<TH>User Name</TH><TH>Full Name</TH><TH>RAS Type</TH>" Dim AccountObj,MachObj,PassAge,fs,fsOut,strRasUsers,strFN Set AccountObj = GetObject("WinNT://"&DOM) AccountObj.Filter = Array("User") For Each User In AccountObj Set UserObj = GetObject("WinNT://" &DOM&"/" & User.Name) Ras=UserObj.get("RasPermissions") strFN=UserObj.get("FullName") If Ras=9 Then strRasUsers=strRasUsers & "<TR><TD>" & User.Name & "</TD><TD>"& strFN & "</TD><TD>No Dial Back</TD></TR>" ElseIf Ras=10 Then strRasUsers=strRasUsers & "<TR><TD bgcolor=""" & "Red""" & ">" & User.Name & "</TD><TD bgcolor=""" & "Red""" & ">"& strFN & "</TD><TD bgcolor=""" & "Red""" & ">Dial Back Enabled</TD></TR>" ElseIf Ras=12 Then strRasUsers=strRasUsers & "<TR><TD bgcolor=""" & "Red""" & ">" & User.Name & "</TD><TD bgcolor=""" & "Red""" & ">"& strFN & "</TD><TD bgcolor=""" & "Red""" & ">Dial Back Enabled</TD></TR>" End If Next response.Write(strRasUsers) End Function List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -------APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE------- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
