thunderchicken
asked on
I am stumped -- Adding NT Users
I have two different pages and one of them I can successfully add a user to Windows NT, I used similar code on another page, but with a different user. They have basically the same permissions: Domain User, Administrator and Domain Admin. I can't get it to add the user! Anyone! Thanks!
--------------------------
Dim strUser, strGroup
strUser = Trim(Request.Form("txtUser
strGroup="testgroup"
Set oDomain = GetObject("WinNT://MyDomai
Set oUser = oDomain.Create("user",stru
oUser.SetInfo
Set oGroup = oDomain.GetObject("Group",
oGroup.Add("WinNT://MyDoma
oUser.SetInfo
oUser.SetPassword(TRIM(Req
oUser.SetInfo
Response.Write("User was created!")
--------------------------
I saw that the strings were correct from the previous page by doing a response.write statement... they have all been error checked, and i've tried everything i can think of!
--------------------------
Dim strUser, strGroup
strUser = Trim(Request.Form("txtUser
strGroup="testgroup"
Set oDomain = GetObject("WinNT://MyDomai
Set oUser = oDomain.Create("user",stru
oUser.SetInfo
Set oGroup = oDomain.GetObject("Group",
oGroup.Add("WinNT://MyDoma
oUser.SetInfo
oUser.SetPassword(TRIM(Req
oUser.SetInfo
Response.Write("User was created!")
--------------------------
I saw that the strings were correct from the previous page by doing a response.write statement... they have all been error checked, and i've tried everything i can think of!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
robbert -- those were in different directories, i moved them over to another directory and they work fine, do you know what permissions that need to be set in order for them to work?
Do you get an error message?
Also...did you check to make sure that the user isnt already created? If the user already exists, then the above wont work.
Also, you might try breaking the steps up so you can see where its breaking.
First try creating the user.
If that works, then try creating a user and setting their password. And if that works, then try creating the user, setting the password, and adding them to the group.
Also...did you check to make sure that the user isnt already created? If the user already exists, then the above wont work.
Also, you might try breaking the steps up so you can see where its breaking.
First try creating the user.
If that works, then try creating a user and setting their password. And if that works, then try creating the user, setting the password, and adding them to the group.
ASKER
tried it all... it's not a code thing anymore, it has to do with permissions to the directory, this code is in a different directory than what i had in before.. i moved the exact code to the same directory the code that worked that you helped me on. Here it is exactly...
/testuser
/techadmin/usermanager
the /testuser directory wont add the users, but i moved it to the /techadmin, not the techadmin/usermanager directory and the same code from /testuser worked.
/testuser
/techadmin/usermanager
the /testuser directory wont add the users, but i moved it to the /techadmin, not the techadmin/usermanager directory and the same code from /testuser worked.
ASKER
On the IIS, the root wwwroot directory was set for No Authorization, and when I created the new directory from a remote terminal, it had the same permissions, which allowed for anonymous access. This I suppose didn't give the user access rights to run the script and didn't use the logged on user. Once I changed the Authentication in IIS for the testuser directory it worked. Thanks Guys
ASKER
okay guys, i'll let you have a crack at this for a few days, until i get back on vacation, the user was created, and now i need to disconnect them and let them log in with the new user they created. i want to redirect them back to the main page, but i can't find any way to disconnect them via an ASP script. they are using a temporary user to create a login, now they need the user they just created and not be logged in as "thetestuser". If I don't hear anything, I'll post the question on maybe Tuesday or Wednesday.
Thanks again
Thanks again
Let's talk about something different, first.
When running the ASP script that creates the user, you have to be logged with an account having the permission to create an user.
Therefore, the "grey" password dialogue was passed, already.
The problem is that you don't want let anonymous users to log in as administrator...
It's not a good idea to put this function into an ASP page.
A solution was to put your script above into a DLL and, to put this DLL into a MTS package which runs under an administrator's account.
Now, let's talk about disconnecting the user, again.
Disconnecting is not possible without closing the browser but, by changing the NTFS permissions, so that the user is forced to log on with another account.
Using the MTS solution above, this is not an issue, since the user never had logged on before getting his personal account. After creating that account, you can direct him to a page where he's forced to log on.
When running the ASP script that creates the user, you have to be logged with an account having the permission to create an user.
Therefore, the "grey" password dialogue was passed, already.
The problem is that you don't want let anonymous users to log in as administrator...
It's not a good idea to put this function into an ASP page.
A solution was to put your script above into a DLL and, to put this DLL into a MTS package which runs under an administrator's account.
Now, let's talk about disconnecting the user, again.
Disconnecting is not possible without closing the browser but, by changing the NTFS permissions, so that the user is forced to log on with another account.
Using the MTS solution above, this is not an issue, since the user never had logged on before getting his personal account. After creating that account, you can direct him to a page where he's forced to log on.
ASKER
What I did was make a user, which I called "testuser" so officials who want to make the page can use that and make their own account. I can then let them add their email addresses to SQL. What I was planning on doing was putting an include file at the top so if "testuser" would log in to another page, it would redirect them to the create a user page. I really haven't played around with it yet because I will be gone for training for a week. I really didn't know of any other way to do this because the person who could set up the NT accounts wouldn't have time to make random users right now. I thought about just making a table in SQL for the users. What I have to do is make a "suggestion box" at the bottom of each page so the big wigs can comment on each individual page. The only way I could think of doing this was having something in SQL, but I'd have to pass the username, and email address from each page, plus I already have security set up on 5 levels. I added a sixth level for these test users. What do you think?
ASKER