Solved

WSCRIPT / ADSI / Password Reset

Posted on 2006-10-29
6
1,367 Views
Last Modified: 2008-01-09
Hi,

I am looking for some guidance, I currently have the following script that I want to use to bind to an AD DC.  This will then reset the password for the specified, account.  The reason the credentials are being specified is because the script will be used to access many other domains as well as the one the server is a member of.

However myscript always fails on the objUser.SetPassword line, with an error of Access Denied.  Now the user being used to bind to AD does have the privilges to change this, as it is an enterprise admin, and doing so thru ADUC works fine.

I am guessing that my binding to AD is either unsuccessful, and resulting in the use of the locally logged on credentials, or it is not binding at all...

However if I replace the objUser.SetPassword (strNewPasswd) with   "Wscript.Echo objUser.AdsPath"  the script promptly returns the DN of the account in question...

Any ideas??

Cheers,
Tony


-----------
Set objRootDSE = GetObject("LDAP://servername.domain.suffix/RootDSE")


####
Credentials Used to Bind to AD with
####
strPath = "LDAP://CN=UserName,OU=CompanyUsers,DC=domain,DC=suffix"
strUser = "username@domain.suffix"
strPasswd = "Password1"



####
Account I want to have the password reset
####
strUserDN = " CN=Username2, OU=CompanyUsers, DC=domain,DC=suffix"
strNewPasswd = "Password!"

Set objUser = GetObject("LDAP://" & strUserDN)
objUser.GetInfo
objUser.SetPassword (strNewPasswd)
objUser.SetInfo


------------
0
Comment
Question by:ihotdesk
  • 3
6 Comments
 
LVL 3

Author Comment

by:ihotdesk
ID: 17830313
Please also note that the lines beginning with  #### and the comments inbetween are not present inthe script and are only a means of highlighting text for the purposes of this question

Cheers,
Tony
0
 
LVL 4

Expert Comment

by:KPCarl
ID: 17830494
Looks like you aren't setting the credentials...

Try:

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject(strPath, strUser, strPasswd,0}
     
0
 
LVL 4

Expert Comment

by:KPCarl
ID: 17830501
Correction:

Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject(strPath, strUser, strPasswd,0)
0
 
LVL 4

Accepted Solution

by:
KPCarl earned 500 total points
ID: 17830533
Use this if you want to encrypt traffic: between your computer and the domain:


Const ADS_SECURE_AUTHENTICATION = 1
Const ADS_USE_ENCRYPTION = 2


Set objDSO = GetObject("LDAP:")
Set objUser = objDSO.OpenDSObject (strPath, strUser, strPasswd, _
ADS_USE_ENCRYPTION OR ADS_SECURE_AUTHENTICATION)

0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now