I am looking for some guidance, I currently have the following script that I want to use to bind to an AD DC. This will then reset the password for the specified, account. The reason the credentials are being specified is because the script will be used to access many other domains as well as the one the server is a member of.
However myscript always fails on the objUser.SetPassword line, with an error of Access Denied. Now the user being used to bind to AD does have the privilges to change this, as it is an enterprise admin, and doing so thru ADUC works fine.
I am guessing that my binding to AD is either unsuccessful, and resulting in the use of the locally logged on credentials, or it is not binding at all...
However if I replace the objUser.SetPassword (strNewPasswd) with "Wscript.Echo objUser.AdsPath" the script promptly returns the DN of the account in question...
Set objRootDSE = GetObject("LDAP://servername.domain.suffix/RootDSE")
Credentials Used to Bind to AD with
strPath = "LDAP://CN=UserName,OU=CompanyUsers,DC=domain,DC=suffix"
strUser = "firstname.lastname@example.org"
strPasswd = "Password1"
Account I want to have the password reset
strUserDN = " CN=Username2, OU=CompanyUsers, DC=domain,DC=suffix"
strNewPasswd = "Password!"
Set objUser = GetObject("LDAP://" & strUserDN)