• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3482
  • Last Modified:

VBScript Remote LDAP add users

I'm tring to create a routine that uses LDAP to automatically add users with  RAS access.  I've been able to write a VBScript that does this but I can only get it to run on the Win2003 server where the accounts are maintained.  I need to be able to run this code on a different machine.  I did succeed in using the WinNT:\\ provider while on a different machine but with WinNT:\\ I couldn't access all the required user account properties.

The following code works when run on a remote computer:

  Set dso = GetObject("WinNT:")
  Set container = dso.OpenDSObject("WinNT://" & domainName, userName, password, 0)

The followiing code only runs on the server:  

  Dim objDomain  
  Set objDomain = GetObject("LDAP://CN=Users, DC=centralpetwest, DC=local")

It yields the following error:

 Error:      The specified domain either does not exist or could not be contacted.
 Code:       8007054B
 Source:     (null)

I haven't been able to figure out how to logon to the server either within the GetObject() call or before it.

Thanks in advance,

John C. Christensen (VBScript nubie)
0
jccviking
Asked:
jccviking
  • 4
  • 4
  • 3
  • +1
1 Solution
 
Sam PanwarSr. Server AdministratorCommented:

Hi-

Have you try this :

 Dim objRoot, strDC

  Set objRoot = GetObject("LDAP://RootDSE")
  strDC = objRoot.Get("DNSHostName")

  WScript.echo "DC:" & strDC
----------------
Using this script to execute it:
----------------
  SET objController = CreateObject("WSHController")
  SET objProcess = objController.CreateScript("get_dc.vbs", strServer)

  objProcess.Execute

  While objProcess.Status <> 2
    WScript.sleep 100
  Wend

Important links

http://www.computerperformance.co.uk/vbscript/vbscript_group_add_members.htm
http://www.computerperformance.co.uk/vbscript/vbscript_user_create.htm

LDAP
http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm#LDAP_Attributes_from_Active_Directory_Users_and_Computers
http://www.computerperformance.co.uk/vbscript/index.htm
0
 
jccvikingAuthor Commented:
Abs,

Thanks for the response.  If I can't find another way, I may consider your suggestion.  My original design was to update the active directory from within an existing VB program (that runs on another server).  The changes that need to be made to the active directory are dictated by user base changes that occur in another system.  Conceivably, I could create the remote script programmatically, copy it to the other server and then launch it as you describe.  

In my own search, I came across the following code.  I haven't tried it yet but it looks like this is what I need.
Set obj1 = dso.OpenDSObject( _
    "LDAP://server1/CN=Dept1,DC=Fabrikam,DC=com", _
    szUsername, _
    szPassword, _
    ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)

Regards,

John C. Christensen
0
 
Sam PanwarSr. Server AdministratorCommented:
Hi jccviking -

Yes this look like nice. first try this if still face the problem then you can use the links which is provide by me in my previous comment which help you to troubleshotting script and also update me with the error.

IF you are using vb program then you can also use the any script in your program through the make a module or class and call them in the coding.

0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
Sam PanwarSr. Server AdministratorCommented:
Hi jccviking -

Yes this look like nice. first try this if still face the problem then you can use the links which is provide by me in my previous comment which help you to troubleshotting script and also update me with the error.

IF you are using vb program then you can also use the any script in your program through the make a module or class of the script and define the script variables and call them in the main coding form.
0
 
jccvikingAuthor Commented:
Keith,

Evidently, I'm not using the Experts Exchange correctly and I appologize.  The answer I posted in my response on 4/25, solved my problem.  What should I have done at this point?

Abs was the only respondent.  Even though his suggestion wasn't the approach I wanted, if it's the correct thing to do, I'm not opposed to giving him the points.

I want to get educated and do the right thing.  Please advise.

Thanks,

John C. Christensen
0
 
Sam PanwarSr. Server AdministratorCommented:
Hi jccviking -

You can close this question and if you know the answer of this then post the correct answer here so if some one have same problem then he can easily search.

Yes I effort on this question but mine answer not solved your problem then you can close this question. For more help about expert exchange system us e the following link

http://www.experts-exchange.com/help.jsp
0
 
Keith AlabasterCommented:
Good morning John.

The process is that if no comment is made to a question either by an expert or the question asker for 21 consecutive days or more, the question will be classed as abandoned. Once this has happened, the question is subject to 'cleanup'; using the link I posted in my comment, you will see there are a number of actions you can take. Maybe it is the difference in timezones (I am in the UK) but I do not see a response on the 25th that you mention?

Regards
Keith
0
 
jccvikingAuthor Commented:
Keith,

Below is the response I posted on 4/25/2006 @9:03PM PDT.  The code I posted is what I ended up using.  Regardless, if it is proper to give points to Abs then I will do it.  Let me know.

Regards,
John

******************************************************
Abs,

Thanks for the response.  If I can't find another way, I may consider your suggestion.  My original design was to update the active directory from within an existing VB program (that runs on another server).  The changes that need to be made to the active directory are dictated by user base changes that occur in another system.  Conceivably, I could create the remote script programmatically, copy it to the other server and then launch it as you describe.  

In my own search, I came across the following code.  I haven't tried it yet but it looks like this is what I need.
Set obj1 = dso.OpenDSObject( _
    "LDAP://server1/CN=Dept1,DC=Fabrikam,DC=com", _
    szUsername, _
    szPassword, _
    ADS_SECURE_AUTHENTICATION + ADS_SERVER_BIND)

Regards,

John C. Christensen
0
 
Keith AlabasterCommented:
Thanks John. On my view, that comment shows as 4.03AM on the 26th (GMT).

The correct procedure for this is to recommend a PAQ - Refund. This will add the question to the database making it a Previously Asked Question (PAQ) so that future question askers will be able to see your question and resolution but refunding the points as you found (and have shown) the solution  yourself.

I am sure Abs will agree.

I will make the reconmmendation this evening (GMT time) :)

Regards

Keith



0
 
jccvikingAuthor Commented:
Thanks for helping me through this Keith.

JCC
0
 
Keith AlabasterCommented:
Your welcome. Its what we are here for.
0
 
GranModCommented:
PAQed with points refunded (500)

GranMod
Community Support Moderator
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

  • 4
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now